Resources Louisville Infosec 2013 Videos – www.irongeek.com Here are the videos from Louisville Infosec 2013 conference. BruCON talks – youtube.com BruCON is an annual security and hacker conference providing two days of an interesting atmosphere for open discussions of critical infosec issues, privacy, information technology and its cultural/technical implications on society. Here are the videos from BruCON [...]
Resources Heuristic methods used in sqlmap – unconciousmind.blogspot.com You can find slides for Miroslav Štampar talk "Heuristic methods used in sqlmap" held at FSec 2013 conference (Croatia / Varazdin 19th September 2013) here. Top Five Ways SpiderLabs Got Domain Admin on Your Internal Network – blog.spiderlabs.com It’s always surprising how insecure some internal networks turn out to [...]
Event Related ToorCon Seattle 2013 - Weaponizing your coffee pot - danielbuentell0.blogspot.com As SoC price continue to drop and their implementation continues to rise, connected “appliances" (Internet of Things) will be become an attractive avenue for cyber criminals. Due to the fact they provide no traditional feedback (monitor) or input (mouse/keyboard), If one were able to compromise [...]
Event Related Bsides Boston - youtube.com Security BSides Boston is a community driven event, created by information security professionals. The goal of Security BSides is to expand the security communication and expand the community. Over 200 students, technologists and information security professionals participate each year in Cambridge, MA. Don't miss out and register today!! (as [...]
Event Related Workshop on the Economics of Information Security 2013 - lightbluetouchpaper.org I’m liveblogging WEIS 2013, as I did in 2012, 2011, 2010 and 2009. This is the twelfth workshop on the economics of information security, and the sessions are being held today and tomorrow at Georgetown University. Stupid Little IPv6 Tricks - isc.sans.edu With [...]
Event Related ShmooCon Firetalks 2013 - irongeek.com These are the videos I have for the ShmooCon Firetalks 2013. Resources APT 1 APT 1: Exposing One of China's Cyber Espionage Units - intelreport.mandiant.com APT1: Exposing One of China's Cyber Espionage Units Threat Actors Using Mandiant APT1 Report as a Spear Phishing Lure: The Nitty Gritty - [...]
Event Related Index of Congress 29c3 - ftp.ccc.de High quality mp4 of 29c3. The 'Hack Back' Offense - bankinfosecurity.com To repel the onslaught of cyberattacks against organizations, security leaders are debating the merits of the "hack back" defense. THREADS - trailofbits.com THREADS is an annual conference that focuses on pragmatic security research and new discoveries [...]
Event Related Bootcamp - pentesterlab.com/bootcamp Bootcamp provides a learning path to get into security and especially web penetration testing. Resources Automated Open Source Intelligence (OSINT) Using APIs - raidersec.blogspot.com The first step to performing any successful security engagement is reconnaissance. How much information one is able to enumerate about given personnel (for social engineering engagements) [...]
Resources Nils Jnemann: News about Google's Vulnerability Reward Program - nilsjuenemann.de Recently Adam Mein spoke at AppSec USA 2012 and Kevin Stadmeyer at SysScan 360 in Beijing about Google's experience with the Web Vulnerability Reward Program. Both are Security Program Manager at Google. Techniques 5 Tips to Ensure Safe Penetration Tests with Metasploit - community.rapid7.com [...]
Event Related Legal Merits of 'Hack Back' Strategy - bankinfosecurity.com From point-of-sale hacks to malware and DDoS attacks, the top cyberthreats of 2012 have been aggressive and strong. Is it time for organizations to adopt a "hack back" strategy against perceived attackers? Resources Mitigating Targeted Attacks on Your Organization - blogs.technet.com The Trustworthy Computing blog [...]