domenica 28 ottobre 2012

Best of the Week - 28 Ottobre 2012

Here we are for another post of the "Best of the Week" series in which you will find the most interesting security news and security resources of the week.

Hope you enjoy it!

SCMagazine ‏@SCMagazine Never too late to learn a little about clickjacking w/ @jeremiahg of @whitehatsec. | http://ow.ly/eNzNO

CoreSecurity ‏@CoreSecurity Ready for a data #breach? How to develop a response plan. Incl. link with top breaches in '12 via @networkworld http://ht.ly/eNI1z

Doug Munro ‏@DoDRecruiterDC The Challenge of Protecting Critical Infrastructure against Cyber-Attacks http://ow.ly/eN1ur  #cybersecurity via @SmartGridCurato

CcureIT ‏@CcureIT The anatomy of cyber security exercises http://dlvr.it/2NjJsl

Sandro Süffert ‏@suffert Microsoft: Cyber-Threats in the European Union: First Half 2012 http://flpbd.it/Gw0vi
... and
Trend Micro’s Q3 threat report: Mobile malware surged from 30K to 175K http://flpbd.it/Ohvzi

Tuomo Makkonen ‏@tmakkonen An Analysis of Android SSL (In)Security (pdf): http://www2.dcsec.uni-hannover.de/files/android/p50-fahl.pdf

sabato 20 ottobre 2012

Best of the Week - 21 Ottobre 2012

This week, for some "logistical" reasons, I had to publish my "Best of the Week" a day in advance. Luckily, I had already gathered a lot of interesting security materials that you can read below.

Hope you enojoy it!

So, this week we serve... 5 security papers

Microsoft Security ‏@msftsecurity Everything you ever wanted to know about rootkits… Download the paper now. http://bit.ly/R9CN8X  (cc: @MSFTmmpc) #InfoSec

APWG ‏@APWG Our latest trends report shows cybercrime gangs continue to target more and more companies. http://fb.me/262G3EO47

Marco Thorbruegge ‏@mthorbruegge RT @teamcymru: Communication Among Incident Responders - A study http://www.sei.cmu.edu/library/abstracts/reports/12tn028.cfm

The Honeynet Project ‏@ProjectHoneynet HP Annual Report 2012 released: Each year, the Honeynet Project summarizes its activities and activities of its ... http://bit.ly/WisZyG

Alan Woodward ‏@ProfWoodward Zero day attacks last hundreds of days before detection. Empirical data from Symantec written up in a nice paper here  http://users.ece.cmu.edu/~tdumitra/public_documents/bilge12_zero_day.pdf

... and 2 secure Operating Systems
SCADAhacker ‏@SCADAhacker Eugene Kaspersky Unveils Plans for New Secure SCADA OS - ThreatPost - http://h4ckr.us/Wly4X9  #SHnews good interview with Eugene on the project

Janne Ahlberg ‏@JanneFI RT @JussiPeralampi: Whonix : Virtual anonymous operating system http://www.pentestit.com/whonix-virtual-anonymous-operating-system/

domenica 14 ottobre 2012

Best of the Week - 14 Ottobre 2012

Preparing the presentation for my speech at the RSA-Day, I collected these security articles and resources.

Hope you enjoy it!

ENISA ‏@enisa_eu ENISA's first annual report of #cyber incidents in the EU: 51 severe outages reported over 2011 http://bit.ly/Rbdan6

Denis Maslennikov ‏@hEx63 FBI: Smartphone Users Should be Aware of Malware Targeting Mobile Devices and Safety Measures to Help Avoid Compromise http://www.fbi.gov/scams-safety/e-scams?utm_campaign=email-Immediate&utm_content=145512

Limor S Kessem ‏@iCyberFighter Hacking Google: The three Israeli white hats rooting out the web's security holes http://sns.mx/SSkqy5  << Good read!

scl feed ‏@computersandlaw Crime: Digital Working Guidance from the MoJ http://tinyurl.com/98bvjzl

SCMagazine ‏@SCMagazine VIDEO: Cyber Crime Statistics | http://ow.ly/emHqp

Elie Bursztein ‏@elie Most of the Mass Distributed Malware in Q3 2012 Were Banking Trojans, Study Finds - http://ow.ly/1OOIQ5  #security

domenica 7 ottobre 2012

Best of the Week - 7 ottobre 2012

If you missed some security resoures this week, this is the right place for you.

Hope you enjoy it.

ENISA ‏@enisa_eu Bigger is different! #cybereurope 2012 exercise shows large-scale crises need cross-sector cooperation. http://bit.ly/Ta3xdC

DCITA ‏@DCITA Companies seeking to train employees on cybersecurity http://is.gd/1b0hv3

CcureIT ‏@CcureIT Anonymous collective the new face of online hacktivism: CSIS report http://dlvr.it/2GzS7C

Trusteer ‏@Trusteer New Trusteer blog post: One Size Fits All – Universal Man in the Browser Attack Targets All Websites http://ow.ly/ebSd6

Kimberly ‏@StopMalvertisin Sans CF | "Digital Forensics Case Leads: Open Source Forensics Edition" http://stpmvt.com/QTxb1l

Cabinet Office ‏@cabinetofficeuk UK will establish centre of excellence on #cyber security to offer countries advice on how to build secure cyberspace. http://bit.ly/Ug6vi9 via @dusancaf
http://www.wikio.it