Resources "Security Engineering" now available free online - lightbluetouchpaper.org I’m delighted to announce that my book Security Engineering – A Guide to Building Dependable Distributed Systems is now available free online in its entirety. You may download any or all of the chapters from the book’s web page. The Anatomy of Unsecure Configuration: Reality Bites [...]
Event Related Pentest & Reverse: iOS Application Hacking - esec-pentest.sogeti.com Last month, we gave some lectures about iOS application Hacking first at GreHack (Grenoble, France) and then at Hack.Lu (Luxembourg, Luxembourg). Here you will find the slides and the paper. Don't hesitate to send us your questions. Resources The Red team Mindset Course Part 1 [...]
Here are information security events in North America this month: ShmooCon 2013 : February 15 to 17 in Washington, District of Columbia USA ACM Conference on Data and Application Security and Privacy (CODASPY) : February 18 to 20 in San Antonio, TX, USA BSides Boston : February 23 in Cambridge, MA [...]
Event Related University Courses on Reverse Engineering and Malware Analysis - f-secure.com Today marks the commencement of the first lecture for our spring 2013 semester Reverse Engineering Malware course for the Aalto University (Espoo campus) in Finland. Resources Security Assessment of Blackberry Applications - resources.infosecinstitute.com Development of mobile applications have picked up really fast in [...]
Event Related Offensive Defense - blog.ioactive.com I presented before the holiday break at Seattle B-Sides on a topic I called "Offensive Defense." This blog will summarize the talk. I feel it's relevant to share due to the recent discussions on desktop antivirus software (AV) [1], [2],[4], [3] Resources Red October The "Red October" Campaign - [...]
Event Related Index of Congress 29c3 - ftp.ccc.de High quality mp4 of 29c3. The 'Hack Back' Offense - bankinfosecurity.com To repel the onslaught of cyberattacks against organizations, security leaders are debating the merits of the "hack back" defense. THREADS - trailofbits.com THREADS is an annual conference that focuses on pragmatic security research and new discoveries [...]
Event Related 29C3 29C3: When USB memory sticks lie - h-online.com USB memory sticks are thought to be among the less exciting hardware components – simple storage media that have many uses and function the same way in almost any hardware environment. 29C3: Budget mobile turns into GSM base station - h-online.com Belgian hacker Sylvain [...]
Here are information security events in North America this month: Digital Bond’s SCADA Security Scientific Symposium (S4) - 2013 : January 15 to 18 in Florida, USA And here are the information security events in the other parts of the world: NCSC Conference 2013 : January 22 to 23 in The Hague, Netherlands [...]
Event Related Bootcamp - pentesterlab.com/bootcamp Bootcamp provides a learning path to get into security and especially web penetration testing. Resources Automated Open Source Intelligence (OSINT) Using APIs - raidersec.blogspot.com The first step to performing any successful security engagement is reconnaissance. How much information one is able to enumerate about given personnel (for social engineering engagements) [...]
Resources Nils Jnemann: News about Google's Vulnerability Reward Program - nilsjuenemann.de Recently Adam Mein spoke at AppSec USA 2012 and Kevin Stadmeyer at SysScan 360 in Beijing about Google's experience with the Web Vulnerability Reward Program. Both are Security Program Manager at Google. Techniques 5 Tips to Ensure Safe Penetration Tests with Metasploit - community.rapid7.com [...]