domenica 30 dicembre 2012

Best of the Week - 30 dicembre 2012

My best wishes for a happy new year!!

Hope you enjoy my new selection of security news and resources.

shreeraj ‏@shreeraj Researchers find malware targeting Java HTTP servers

Limor S Kessem ‏@iCyberFighter RT @ECCOUNCIL: World of Botnet-facilitated #cybercrime... paying pretty well these days:

Infosec Reactions ‏@sec_reactions Demonstrating Spear Phishing to people who said they won't fall for that - by gallypete

CcureIT ‏@CcureIT In 2013 We Will See the Decline of Anonymous, Experts Say

Dušan Caf ‏@dusancaf Ten Steps to Smartphone Security by @FCC: #Privacy #CyberSecurity

The Next Web ‏@TheNextWeb EU Commission unwraps public beta of open data portal with 5800+ datasets, ahead of Jan 2013 launch  by @robinwauters (Well, strictly speaking this is not a security news but, digging into this big mass of data, I'm sure it can be possible to find a lot of pieces of security information)

ENISA ‏@enisa_eu #ENISA has published an implementation guide for National #cybersecurity Strategies

domenica 23 dicembre 2012

Best of the Week - 23 dicembre 2012

The end of the year is approaching and many security researchers are publishing papers, reports and predictions. A lot of things to read during holydays... here you can find my favorites.

Hope you enjoy it!

ENISA ‏@enisa_eu Status report 2012 on #CERTs baseline capabilities and recommendations launched today by #ENISA

CcureIT ‏@CcureIT Mobile malware, botnets and attacks on the cloud to rise

Neira Jones ‏@neirajones Verizon's 2013 Breach Predictions: Authentication Attacks, Web Application Exploits & Social Engineering @wadebaker

Imperva ‏@Imperva Security Trends 2013:
Trend #1 Government Malware Goes Commercial
Trend #2 Black Clouds on the Horizon
Trend #3 Strength in Numbers
Trend #4 APT Targets the Little Guy
Trend #5 Hacktivism Gets Process Driven

RSA Conference ‏@RSAConference #Exploits, security threats and #hacks will mutate in 2013 | via @helpnetsecurity |

DCITA ‏@DCITA It's time to start patching the Human OS


domenica 16 dicembre 2012

Best of the Week - 16 Dicembre 2012

This week Internet was full of interesting security resources and I did my best to collect the most important ones!

Hope you enjoy it!

CcureIT ‏@CcureIT Google Hacking with GGGoogleScan  - #cyberwar

iDialoghi ‏@idialoghi "Military Clouds: protecting and exploiting data services". Former director of operations for US EUCOM speaks.

Microsoft Security ‏@msftsecurity Protect against advanced attacks on your login credentials w/ these field tested mitigation strategies from #Microsoft

Kimberly ‏@StopMalvertisin Fortinet | Fortinet 2013 Cyber-Crime Report

Ed Covert ‏@ebcovert3 NIST Revising Glossary of #Infosec Terms

Apura ‏@Apura_Oficial Check out the @DFIROnline Youtube channel for ~20 great digital forensic and incident response presentations

Mikko Hypponen ‏@mikko Video of my talk in HITB'12  Slides … Lost my ponytail 4 hours after this talk…

domenica 9 dicembre 2012

Best of the Week - 9 dicembre 2012

Here is my collection of the best security resources of this week.

Hope you enjoy it!

New attack makes some password cracking faster, easier than ever | @ArsTechnica: A researcher has devi...

Stonesoft ‏@Hack_the_Lab Cyber-warfare: Hype and fear | The Economist

SophosLabs ‏@SophosLabs Sophos Security Threat Report 2013 - the safest and riskiest countries revealed

F-Secure ‏@FSecure Check out this BBC Radio 4 report called The Hackers — featuring our Mikko Hypponen.

PhysicalDrive0 ‏@PhysicalDrive0 #HITB2012KUL D1T1 - Petko D. Petkov - A Short History of the JavaScript Security Arsenal

Mikko Hypponen ‏@mikko Arbor's graph shows nicely how Syria got back online:

Eric Byres ‏@tofinosecurity "harm of disclosure to the un-patched masses greatly outweighs any benefit that comes from shaming vendors"

domenica 2 dicembre 2012

Best of the Week - 2 dicembre 2012

This is my "Best of the Week" post and here you can find the most intriguing security articles I found on the net this week.

Hope you enjoy it!

DarkReading ‏@DarkReading Anti-Botnet Efforts Still Nascent, But Groups Hopeful

Richard Bejtlich ‏@taosecurity Thanks @appsecusa for recording and publishing my talk at your con last month. It's about 42 mins and covers IR stuff.

uKnowKids ‏@uKnowKids Have you heard of SWAT-ting? Check out this new @uKnowKids infographic… SWAT-ting: Inside a New Trend in Cyber Crime

Rafal Los ‏@Wh1t3Rabbit Bug Bounty Programs - As a Service? -  - Can a 3rd party bug-bounty program be the answer for SMEs? Ask @caseyjohnellis

DCITA ‏@DCITA ICANN's Rolling Controversy: Verification of WHOIS Registration Data

Shawn Henry ‏@Shawn365Henry Many questions recently about how private sector can protect itself from attack; nice to see @ABAesq exploring legality