domenica 29 luglio 2012

Best of the Week - Security tools edition

This week I chose to focus my post on security tools so, here you can find a selection of interesting and useful tools regarding: AET, incident response, botnet, app scanners, nmap, pwd cracking, and three different security scanners.

Hope you enjoy it.

Antievasion ‏@Anti_Evasion Stonesoft Releases Evader – World's First Advanced Evasion Technique Testing Software For Free: http://ow.ly/cqCru #cybersec #infosec

Stonesoft ‏@Hack_the_Lab VIDEO: How to use Evader-The World's 1st #AET Test-tool: http://ow.ly/cu3rT #Stonesoft #Security #Infosec #BlackHat #CyberCrime

mls ‏@CaptnPain Kick Ass: RT @_saadk: The word is out. #Google Rapid Response (GRR) https://code.google.com/p/grr/ #DFIRSummit work-in-progress #DFIR project

Limor S Kessem ‏@iCyberFighter Want to see what happens to your infrastructure under a DDoS attack? Check out BoNeSi--The DDoS Botnet Simulator http://bit.ly/MDXBqA

Stefano Fratepietro ‏@stevedeft Top 10: The Web Application Vulnerability Scanners Benchmark, 2012 Commercial & Open Source Scanners http://sectooladdict.blogspot.co.il/2012/07/2012-web-application-scanner-benchmark.html

Fabio Pietrosanti ‏@fpietrosanti Scan for FinFisher Government Trojan C&C Servers with Nmap http://pastebin.com/6cGN2VAK

☛ The Hacker News™ ‏@TheHackersNews




d3v1l ‏@securityshell @Owasp Xelenium - XSS Scanner http://security-sh3ll.blogspot.it/2012/07/owasp-xelenium-xss-scanner.html


domenica 22 luglio 2012

Best of the Week - 22 luglio 2012

In this post of the "Best of the Week" series I report some pieces of information regarding: incident response, cloud security, OpenDNS and ISO27001.

Hope you enjoy it!

Team Cymru ‏@teamcymru Have you heard about the Team Cymru CSIRT Assistance Program. If not see http://sl.monkey.org/e2956aa9

Stefano Fratepietro ‏@stevedeft The DDoS attack survival guide http://www.csoonline.com/article/592776/the-ddos-attack-survival-guide-

d3v1l ‏@securityshell Are You Prepared for Certificate Authority Breaches? http://wp.me/pb79C-ou

Rafal Los ‏@Wh1t3Rabbit The *full* (and lengthy, sorry) analysis of the recently released FFIEC guidance on #cloud computing - http://ow.ly/ckHQm is posted.

Sam Bowne ‏@sambowne OpenDNS Calling all elite security experts: Apply to be among the first malware domain taggers http://blog.opendns.com/2012/07/19/calling-all-elite-security-experts-apply-to-be-among-the-first-malware-domain-taggers/ via @OpenDNS

N. Groeneveld ‏@nigroeneveld ISO 27001/27002 Information Security Certification Materials http://bit.ly/Kq6MFf #cybersecurity #infosec

domenica 15 luglio 2012

Best of the Week - 15 luglio 2012

This week, my "Best of the Week" post covers the following subjects: evolution in crimeware, Dark Web, consequences of databreaches, financial malware and frauds.

Hope you enjoy it!

@HPSecure Crimeware Developers Shift To More Obfuscation, Jave Exploits http://bit.ly/M7gell  ‪#blackhat‬

Janne Ahlberg ‏@JanneFI Weapons, drugs and hitmen a click away on the Dark Web http://bit.ly/NyiZYU

Neira Jones ‏@neirajones#ICO fines St George’s Healthcare NHS Trust £60K for sending patient’s medical details to the wrong person http://lnkd.in/JkipmG #databreach
Nicolas Krassas ‏@Dinosn Oil Giants Shell, BP and others hacked and data leaked by @le4ky http://www.cyberwarnews.info/2012/07/14/oil-giants-shell-bp-and-others-hacked-and-data-leaked-by-le4ky/

briankrebs ‏@briankrebs At last, sensible, timely advice. EU to Banks: Assume All PCs Are Infected http://bit.ly/NN8DGw

Tuomo Makkonen ‏@tmakkonen Measuring the cost of cybercrime (pdf): http://weis2012.econinfosec.org/papers/Anderson_WEIS2012.pdf

CcureIT ‏@CcureIT Australian consumer data sold to financial fraudsters: ACC report http://dlvr.it/1qWMDs


domenica 8 luglio 2012

Best of the Week - 8 luglio 2012

Here we are with the new "Best of the Week" post; in this issue you can find: infosec slides, stories of young hackers, botnet and DDOS and Russian censorship.

Hope you enojoy it.


CcureIT ‏@CcureIT Monkif Botnet Hides Commands in JPEGs http://dlvr.it/1qMGtk

Rafal Los ‏@Wh1t3Rabbit How true is this? http://www.itbusinessedge.com/slideshows/show.aspx?c=96308

SCMagazine ‏@SCMagazine SLIDESHOW: July 2012 Global Threat Report http://ow.ly/c59l9 #CyberCrime

SophosLabs ‏@SophosLabs Shocking 17-year-old public high school antics clickjack unwary Facebook users into scam http://bit.ly/KY9S39

Xylitol ‏@Xylit0l 13-Year-Old Arrested by Japanese Police for Creating Virus http://goo.gl/166EK #wtf #japan

Joseph Menn ‏@josephmenn Russia's Internet blacklist looms in freedom crackdown http://cnet.co/MFBeRw via @CNET

Limor S Kessem ‏@iCyberFighter Want to see what happens to your infrastructure under a DDoS attack? Check out BoNeSi--The DDoS Botnet Simulator http://t.co/jzggKZ9n


domenica 1 luglio 2012

Best of the Week - 1 luglio 2012

Here is my list of the best security resources of this week. This week the subjects are: malware, phishing, UPnP, Facebook, incident response and... football!

Hope you enjoy it!


Contagio - malware dump: Medre.A AutoCAD worm samples http://contagiodump.blogspot.it/2012/06/medrea-autocad-worm-samples.html

Mieke Verburgh ‏@miekiemoes Phishy Phishy Phish: http://blog.malwarebytes.org/intelligence/2012/06/phishing-101-part-1/


John Matherly ‏@achillean To learn more about UPnP and how it works, check out this defcon 19 presentation on UPnP mapping: http://www.shodanhq.com/videos/media/defcon-19-upnp-mappin
EFF ‏@EFF Facebook's reporting guide, explaining what happens when a user reports content, is a step in the right direction https://eff.org/r.5aek
Stefan Frei ‏@stefan_frei Spend less in anticipation of cybercrime (on antivirus, firewalls, etc.) and more in response, paper concludes http://bit.ly/MCK2TY

CcureIT ‏@CcureIT McAfee Names Most Dangerous Football Team in Europe http://dlvr.it/1n2WYv

and now, just before the end... a little bit of fun!!

Fabio Assolini ‏@assolini World's hardest sudoku: can you crack it? http://bit.ly/MYhXZI (via @TelegraphSci

http://www.wikio.it