botnet

Good afternoon everybody! I hope your day is going well.

Here are today's Interesting Information Security Bits from around the web.

  1. Some good information on performing forensics on Google's browser, Chrome.
    Google Chrome Forensics
    Tags: ( forensics chrome google )
  2. Recon is looking for talk submissions.
    The Professional Security Testers Warehouse for the GPEN GSEC GCIH GREM CEH QISP Q/ISP OPST CPTS - REC0N 2010 MONTREAL CANADA JULY 9-11
    Tags: ( recon conferences cfp )
  3. Craig asks a really good question, "Is Cloud Computing Right for Your Business?"
    Is Cloud Computing Right for Your Business? : The Security Catalyst
    Tags: ( cloud )
  4. The guys over at SANS Computer Forensics are starting a new weekly feature where they point out interesting forensics tidbits from around the internet.
    Digital Forensic Case Leads: Introductions
    Tags: ( forensics )
  5. This is a neat analysis of an exploit that has multiple levels of obfuscation.
    An In-Depth Exploit Analysis on Multilayer Obfuscations - Security Labs Blog
    Tags: ( exploit analysis )
  6. The presentations from Blackhat DC 2010 are starting to become available.
    Black Hat (r) Technical Security Conference: DC 2010 // Archives
    Tags: ( blackhatdc presentations archives )
  7. Ever want to play with your own botnet? Here you go, a nice learning tool.
    KreiosC2 - DigiNinja
    Tags: ( botnet research testing )
  8. A new version of Dradis is available. This is a handy collaborative documentation sharing tool that is very helpful in incident response and forensic work. Works well for other situations too.
    dradis - Effective Information Sharing
    Tags: ( dradis tools )
  9. Whoops. Not so hard for somebody to spy on your blackberry.
    Is Your BlackBerry App Spying on You?
    Tags: ( blackberry malware )
  10. Nifty stuff. A few very helpful regexes to have in your back pocket for your data mining efforts.
    JL's stuff: Forensic Regexes
    Tags: ( forensics regex )
  11. Interesting discussion on rescinding local admin rights on our end points.
    Securosis Blog | FireStarter: Admin access, buh bye
    Tags: ( local-admin )
  12. Interesting counterpoint to the post above about admin rights. I tend to agree with Rich's thoughts here.
    Securosis Blog | Counterpoint: Admin Rights Don't Matter the Way You Think They Do
    Tags: ( local-admin rights )
  13. I love to see this happen. Sensepost will no longer have a registration wall before their publicly available research and tool offerings. Wish more companies would go this route.
    Removing registration requirements
    Tags: ( general )

That's it for today. Have fun!

Subscribe to my RSS Feed if you enjoy these daily Interesting Bits posts.

Kevin

{ 0 comments }

Good afternoon everybody! I hope your day is going well.

Here are today's Interesting Information Security Bits from around the web.

  1. Some thoughts about the security job market and how to get into it. (Thanks Ron)
    E-Commerce News: Trends: Breaking Into the Security Job Market
    Tags: ( career )
  2. Anton has some comments about log context. Very important stuff.
    Anton Chuvakin Blog - "Security Warrior": On Log Context
    Tags: ( log-monitoring )
  3. This paper (pdf) takes a look at replacing session cookies with digest authentication.
    WeaningTheWebOffOfSessionCookies.pdf (application/pdf Object)
    Tags: ( session webappsec )
  4. Another really good reason for egress controls.
    Sunbelt Blog: Botnet C&C switching to http; away from IRC
    Tags: ( botnet )
  5. That's a lot of malware.
    Report: 48% of 22 million scanned computers infected with malware | Zero Day | ZDNet.com
    Tags: ( malware )

That's it for today. Have fun!

Subscribe to my RSS Feed if you enjoy these daily Interesting Bits posts.

Kevin

{ 0 comments }

Good afternoon everybody! I hope your day is going well.

Here are today's Interesting Information Security Bits from around the web.

  1. NSS Labs has published their third quarter Browser Security Test.
    Comparative Browser Security Testing - Phishing & Socially Engineered Malware - nsslabs.com
    Tags: ( browser )
  2. The Call for Speakers for RSA USA 2010 has been extended a week. Deadline is now August 21st.
    Call for Speakers
    Tags: ( rsa cfp )
  3. Brian talks about hype in the information security market.
    Hyper Security - fudsec.com
    Tags: ( fud )
  4. It has been talked about quite a bit over the last year or more. Can a cloud based solution be PCI compliant? Looks like the answer to that question has been given and by one of the larger cloud providers.
    Network Security Blog >> Cannot achieve PCI compliance with Amazon EC2/S3
    Tags: ( pci cloud )
  5. This is interesting. A botnet being controlled via Twitter.
    >> Twitter-based Botnet Command Channel * Security to the Core | Arbor Networks Security
    Tags: ( twitter botnet )
  6. Is your cell phone telling tales on you? Looks like the Palm Pre might be.
    Is Your Palm Pre Watching You? : Liquidmatrix Security Digest
    Tags: ( surveillance )
  7. Dave offers up a tutorial on encrypting your data backups on the cheap.
    IT Security Expert: Secure Encrypted Data Backup on a Budget Tutorial
    Tags: ( backup encryption )

That's it for today. Have fun!

Subscribe to my RSS Feed if you enjoy these daily Interesting Bits posts.

Kevin

{ 0 comments }

Good afternoon everybody! I hope your day is going well.

Here are today's Interesting Information Security Bits from around the web.

  1. Nessus 4.0.1 has been released. I will be updating the Backtrack how-to sometime this week to reflect this.
    Tenable Network Security: Nessus 4.0.1 Released
    Tags: ( nessus )
  2. Service Pack 2 for Vista Server 2008 is ready for you to start testing. You do test before deploying, right?
    SP2 For Vista, Windows Server 2008 Available For Download - Security Watch
    Tags: ( vista patches )
  3. Just the thing for that UNIX geek that is so difficult to buy for. Of course, he's going to have to have a pretty good sized cube to hang it in. (via The Register)
    Eric Levenezs' Gorgeous Unix Diagram
    Tags: ( general )
  4. Here is what looks to be a very nice paper on the Kraken bot. I have ready the beginning and look forward to finishing it.
    SecSci Social Scene: Dissecting the Kraken
    Tags: ( botnet kraken analysis )
  5. Paul has posted some slides on using Nessus during a web application assessment.
    Tenable Network Security: Presentation "Using Nessus In Web Application Assessments"
    Tags: ( webappsec nessus )

That's it for today. Have fun!

Subscribe to my RSS Feed if you enjoy these daily Interesting Bits posts.

Kevin

{ 0 comments }

Detecting Conficker – Updated

by kriggins on March 30, 2009

in Tools

Well, sometimes copy and paste works and sometimes it doesn't. The link was broken. Go here: http://iv.cs.uni-bonn.de/wg/cs/applications/containing-conficker/

About half way down the page is a proof of concept network scanner put together by Felix Leder and Tillman that can detect if a system is infected with Conficker. No system access or authentication needed. Great job gentlemen.

I also understand there is a Nessus plugin available now and also a nmap NSE script on the svn respository.

Reblog this post [with Zemanta]

{ 0 comments }

Good afternoon everybody! I hope your day is going well.

Here are today's Interesting Information Security Bits from around the web.

  1. A nifty new tools that scans your Flash source code looking for flaws. Always remember that static code analysis is not a panacea.
    Free HP SWFScan tool detects Adobe Flash flaws
    Tags: ( flash )
  2. Some suggested settings to help make your surfing safer with IE. Installing IE 8 will go a long way towards achieving that goal too.
    10 IE Browser Settings for Safer Surfing - Network World
    Tags: ( ie )
  3. Latest AV-Comparatives update is out.
    AV-Comparatives February 2009 report: four winners - Ars Technica
    Tags: ( testing anti-virus )
  4. Very interesting. A botnet that attacks dsl modems and routers.
    Stealthy router-based botnet worm squirming | Zero Day | ZDNet.com
    Tags: ( malware botnet )
  5. Disabling autorun. A very good idea. Rasvan lets us know how.
    Windows 7 Security Tips #1 - Malware City Blogs
    Tags: ( security tips windows-7 )
  6. Ioana asks some really good questions that we should all think about in relationship to our own teams. Being able to eventually answer yes to each of those questions will mean that you have a top flight team working to provide excellent service to your customers.
    The Dichotomy of Customer Service : The Security Catalyst
    Tags: ( general )

That's it for today. Have fun!

Subscribe to my RSS Feed if you enjoy these daily Interesting Bits posts.

Kevin

{ 0 comments }

Good afternoon everybody! I hope your day is going well.

Here are today's Interesting Information Security Bits from around the web.

  1. Via @alexhutton, this article is very interesting. Those who are interested in measuring and communicating risk should read it.
    2845 ways to spin the Risk | Understanding Uncertainty
    Tags: ( risk management )
  2. Rob (@mubix) posted a nifty how-to the other day and was taken to task for it. He responds publicly. His response and the comments are worthy of a read.
    The Ethics of Teaching Hacking | Room362.com
    Tags: ( ethics )
  3. Yup, time to make sure your patching is working on your Windows 7 Beta installs.
    Windows 7 beta gets its first security update - Ars Technica
    Tags: ( infsec microsoft patches windows-7 )
  4. This is quite cool. Requires authenticated scans, but does give the opportunity to see who is using USB drives on your systems.
    Tenable Network Security: USB Device History Auditing with Nessus
    Tags: ( nessus )
  5. Here's a script to help you lock down your IIS 6 installations. Careful though. It's brand new and has not been tested extensively.
    Script to lock down IIS paths - Nazim's IIS Security Blog : The Official Microsoft IIS Site
    Tags: ( iis scripts securing )
  6. Part 2 is up on not being nice to your Citrix installation :)
    Syn: Abusing Citrix - Part 2
    Tags: ( hacking citrix )
  7. In my opinion, yes, the BBC broke the law.
    Did BBC break the law by using a botnet to send spam? | Graham Cluley's blog
    Tags: ( botnet )

That's it for today. Have fun!

Subscribe to my RSS Feed if you enjoy these daily Interesting Bits posts.

Kevin

{ 0 comments }

In today's Bits post we take a look browser bugs, Blackberry Server bugs, fun with hardware hacking, defining effectiveness, the Source Boston schedule, Incident Response Management, and Downadup.

  1. Oh look, it's a browser bug. How novel. (yes, that was sarcasm and this appears to be pretty nasty)
    Browser bug could allow phishing without e-mail - Network World
    Tags: ( vulnerability browser javascript phishing )
  2. Time to patch your Blackberry Servers.
    RIM issues security patches for BlackBerry | Security - CNET News
    Tags: ( pdf vulnerability blackberry patches rim )
  3. Didier's been playing with some hardware. Nifty stuff.
    A Hardware Tip for Fuzzing Embedded Devices << Didier Stevens
    Tags: ( hardware hacking embedded devices phidgets )
  4. Read this post. Also read the comments. Some good device and a very workable definition of effectiveness and where efficiency and optimization come into play.
    Verizon Business Security Blog >> Blog Archive >> What is an "effective" Control?
    Tags: ( control effectiveness )
  5. The Source Boston 2009 sessions have all been solidified and the schedule is up and ready for you perusal. Have fun. I so wish I was going to be there.
    Source Boston - Sessions
    Tags: ( source conferences )
  6. A nice article about Incident Response Management from Kees.
    Incident Response Management - Kees Leune Information Security Blog
    Tags: ( management incident response )
  7. Wow. Take look at what F-Secure is doing and what they have found out. This botnet appears to be huge.
    How Big is Downadup? Very Big. - F-Secure Weblog : News from the Lab
    Tags: ( )

That's it for today. Have fun!

Subscribe to my RSS Feed if you enjoy these daily Interesting Bits posts.

Kevin

Reblog this post [with Zemanta]

{ 0 comments }

Another day of great content. Enjoy.

Here are today's Interesting Information Security Bits from around the web.

  1. VeriSign has stepped up and offered replacement SSL certs free of change to all customers with MD5-based certs. They have also implemented SHA-1 for all certs now. Should have happened much earlier, but at least they were quick in there response.
    VeriSign addresses MD5 flaw
    Tags: ( vulnerability ssl general cert )
  2. Good guidance for us all and some suggestions on how to go about doing it.
    Know your network to keep it secure :: SearchNetworking.com.au
    Tags: ( network )
  3. Forrester is indicating that security spending may be taking a bigger chunk of IT spending in 2009.
    Despite Economy, Security Spending To Increase In 2009 - security industry/Management - DarkReading
    Tags: ( general spending 2009 )
  4. Oops. Trusted Execution Technology might not deserve to be trusted as much as we were lead to believe.
    Researchers hack into Intel's vPro - Network World
    Tags: ( txt )
  5. This is nifty. A nice visualization of botnet IRC channel joins.
    Flashy botnet is Flashy - F-Secure Weblog : News from the Lab
    Tags: ( botnet visualization )
  6. Erik has part 1 of a series that will address securing our Linux hosts.
    Art of Information Security >> Secure Your Linux Host - Part 1: Foundations...
    Tags: ( linux securing )
  7. Donald points us to a paper written by Brett Shavers about virtual machines and forensics analysis. I just added it to my stack of stuff to read.
    Forensic reading - Malta Info Security
    Tags: ( forensics virtualization vmware )
  8. A very good read. Well written and has a good point.
    Could the Titanic have changed course? | The Guerilla CISO
    Tags: ( general compliance checklists )
  9. I have pointed to all the previous parts of the this series of posts. The first paragraph has links to them also. I really like how they have brought all the previous posts together by showing some use cases. Well done.
    Building a Web Application Security Program, Part 8: Putting It All Together | securosis.com
    Tags: ( webappsec program )
  10. Adam points us to Maine's Data Breach Study. He points out some interesting tidbits. Enough that I have grabbed the study for reading later.
    Emergent Chaos: Maine Breach Study
    Tags: ( data breach study maine )
  11. Damon has a very nice guest post up on Jennifer Leggio's Feeds blog. It reaches beyond the issues that Twitter was dealing with this weekend.
    The inevitable rise (and fall?) of 'twishing' | Feeds | ZDNet.com
    Tags: ( twitter phishing social-networks )

That's it for today. Have fun!

Subscribe to my RSS Feed if you enjoy these daily Interesting Bits posts.

Kevin

{ 0 comments }