Quantcast

Archive: 2013

LastPass Premium review

$12.00 LastPass Premium stores and manages your sensitive credentials efficiently enough to be trusted. Usability:  Features:  Efficiency:  Support:  Overall:  Download We are not going to delve into the importance of appropriate password management for the umpteenth time...

Open Source Intelligence by Jeff Bardin

Jeff Bardin, the prominent cyber security professional and consultant with enormous background in intelligence, risk management and information security, shares his expertise at Hacktivity conference, delving into the methods and tools for open source cyber intelligence. Conference Host: It’s my honor to...

Hackers in Government 6: Questions and Answers

In the final part of the keynote, Nick Farr gets to provide answers to some relevant questions on the subject matter from the audience at SIGINT. I suggest that we start a little bit of a discussion now, so I’m glad or take some questions. Question: That all sounds extremely interesting; the only...

Hackers in Government 5: Addressing the Economic and Climate Change Problems

The issues Nick Farr is dissecting here have to do with economics and environmental protection in the context of how hackers would most likely address them. Economics: Current Problems and Possible Solutions Now we’re getting to another point – economics. The greatest period of economic growth in...

Hackers in Government 4: Discretionary Spending That Produces No Value

Herein Nick Farr makes an insight into key traits of the current defense spending in the US, putting accent on what could be changed to raise its expediency. I guess politicians are the most brown-nosing, trying to find a way to not kiss a certain part of the anatomy, but that’s fundamentally what...

Hackers in Government 3: Viewing Government as a Network

Continuing to differentiate between politicians and hackers, Nick Farr emphasizes the gap in terms of the discrepancy of network infrastructure perception. Common Features of Computer Networks and Government Structure Another quick thing to sort of think about hackers and government: look at government as...

Hackers in Government 2: Principal Differences Between Hackers and Politicians

This entry reflects Nick Farr’s comparison of deceptively polite and mercantile politicians on the one hand, and straightforward hackers who are scrupulous about all the little details of a system on the other. To sort of illustrate the general idea of politics, I think politicians’ driving core...

Hackers in Government

Nick Farr, a well-known inspirer of the Hackerspaces idea in the United States and the author of the Hackers on a Plane project, delivers a great talk ‘Yes We Could: Hackers in Government’ at the SIGINT event held by the Germany-based Chaos Computer Club to express his viewpoints on how...

Hacking in the Far East 8: Summarizing the Most Striking Security Flaws

Proceeding to the summary, Paul S. Ziegler lists the top three security-related problems he has encountered during the years spent in the Eastern Asia. After I’ve shown you all of this cool stuff that we can do and all these weird vectors, we’re going to sum them up a little, and we’re going to look at...

Hacking in the Far East 7: Too-Near Field Communication

In this part, Paul Ziegler gets critical about the way near field communication technology is implemented in Japan, from a security person’s perspective. Next thing we’re going to look at is what I like to call the Too-Near Field Communication, which is kind of an international topic, because if you...

Hacking in the Far East 6: Wireless Insecurity and the SEED Encryption Algorithm

Security of wireless communication in Eastern Asia and details of the crypto algorithm used in South Korea are the issues Paul S. Ziegler looks into here. Let’s jump to wireless for a second. So, if any of you have been wardriving recently in a European city or in an American city, and you’ve seen all...

Hacking in the Far East 5: Effects of Lifetime Employment and Bonus System on Corporate Security

Paul S. Ziegler points out the issues of corporate security in Eastern Asia, namely the peculiarities of an employee’s perspective upon taking responsibility. We’re going to move on to probably one of the most fun parts of this, at least if you like stories that make your hair stand up. We’re going...

Hacking in the Far East 4: Locked but Unsafe

This part of Paul Ziegler’s presentation is dedicated to an insight into the security measures for mailboxes and electronic PIN code locks in Japan and Korea. Mailboxes in Japan No matter if you live in an apartment or in a mansion, one of the other central parts you will run into is this thing: it’s a...

Hacking in the Far East 3: Home Insecurity in Japan

Based on Paul S. Ziegler’s observations, in this section you can learn some facts about the measures adopted in Japan to prevent intrusion into one’s home. What we’re going to look at next is ‘home insecurity’. I have this basic approach that if anyone has access to your home, your work...

Hacking in the Far East 2: The Suit Works Wonders

Paul S. Ziegler is now shifting the focus over to the importance of one’s appearance and the Asian stereotypes with regard to informal classes of foreigners. For every element I’m going to point out to you today, after this we’re going to look at the exploitation vector, because that’s what makes...

Hacking in the Far East

The entry reflects an extremely interesting insight into the peculiarities of general security perception in Eastern Asia, presented by the well-known German computer security specialist Paul Sebastian Ziegler at Hack In The Box 2012 Conference. Today’s talk is entitled “I Honorably Assure You: It Is...

Advanced Phishing Tactics Beyond User Awareness 8: The Countermeasures

As a summary, Accuvant’s Eric Milam and Martin Bos are providing some food for thought on why user awareness is insufficient for preventing phishing attacks. Martin Bos: Like in every good presentation, what we really wanted to talk about here is why user awareness isn’t working. Once again, this was...

Advanced Phishing Tactics Beyond User Awareness 7: Getting Persuasive

Martin Bos and Eric Milam are now singling out some attributes of a successful attack, such authenticity of secure login page, excessive requests script, etc. Martin Bos: So, then what we do is we log in to our free GoDaddy email account, infosec@humana-portal.com. And what we do is we just save it in...

Advanced Phishing Tactics Beyond User Awareness 6: Payloads and Post Exploitation

This post highlights the possible options of picking the right payload, some tips to get around AVs, and the importance of what you do after getting the shell. Martin Bos: Alright, next thing you’ve got to do is, obviously, choose the payload (see image). I know this is more of my corporate slot....

Advanced Phishing Tactics Beyond User Awareness 5: Credential Harvesting and Other Attack Vectors

The speakers from Accuvant now proceed to demonstrate a couple of tricks they utilize for greater attack plausibility and credential harvesting on a pentest. Martin Bos: The next thing you got to do is choose the attack vector (see image). And this goes back to our research: what type of AV they are using,...

Advanced Phishing Tactics Beyond User Awareness 4: Creating an Attack Scenario

In this section, Martin Bos and Eric Milam are discussing the different nuances to be taken into account for optimal phishing attack implementation workflow. Martin Bos: The next thing we do is we have to create a scenario. How are we going to get these people to click on the link? So, the first thing that...

Advanced Phishing Tactics Beyond User Awareness 3: Creating a Valid Email List for the Attack

Accuvant’s Martin Bos and Eric Milam now demonstrate a demo on building a list of company employees based on Jigsaw data and some social engineering tricks. Martin Bos: Basically, what we’re doing here is we’re going to look for a company. The first thing you want to do is do an ‘-s’ and...

Advanced Phishing Tactics Beyond User Awareness 2: Anatomy of a Spear Phishing Attack

Sharing their pentesting experience, Martin Bos and Eric Milam outline the stages of a spear phishing attack and analyze email harvesting as a starting point. Martin Bos: Here are our obligatory statistics (see image); every presentation has to have some statistics. Like I said, these are more for the...

Avira Internet Security 2015 review

$41.76 A few usability imperfections laid aside, Avira Internet Security 2015 efficiently confronts malicious software without slowing your PC down. Usability:  Features:  Efficiency:  Support:  Overall:  Buy Now Featherlight system performance impact combined with...

Advanced Phishing Tactics Beyond User Awareness

Accuvant LABS’ Senior Security Consultant Martin Bos and the Company’s Principal Security Assessor Eric Milam spotlight the issues related to spear phishing from the pentester’s perspective during their session at Hack3rCon event. Martin Bos: Hi everybody! We’re here from Accuvant LABS; we’re...

An Attacker’s Day into Human Virology 6: Crossing the Frontier

The primary issue looked into within this part of the presentation is blurring and crossing the border between the realms of biological and computer viruses. Same Essence, Different Materialization Now, you guys who are security researches probably know that software is vulnerable. And all these data,...

An Attacker’s Day into Human Virology 5: Thoughts on Designed Biological Viruses and Darwinian Computer Viruses

The matters Guillaume Lovet touches upon in this section have to do with the frontier between bio and PC viruses, and whether it can be crossed spontaneously. Guillaume Lovet: The defense mechanisms: we’ve been over some of those already. Detecting viruses inside of the body makes use of heuristics; we...

An Attacker’s Day into Human Virology 4: Which World Wins the Race?

Ruchna Nigam proceeds with the analysis of self-preservation techniques, attack hallmarks, and individual advantages of the viruses from both worlds concerned. Attacking the Defenses Something really smart that you can see in human viruses is that instead of trying to penetrate the defenses of the body,...

An Attacker’s Day into Human Virology 3: Common Properties of Human and Computer Viruses

Ruchna Nigam, representative of the FortiGuard Labs, now takes the floor to talk about some essential things human and computer viruses have in common. Ruchna Nigam: Okay, now that you have had your Biology lesson, let’s look at some of the attack strategies that are common between the biological world and...

An Attacker’s Day into Human Virology 2: Structure and Hallmarks of the Immune System

Having introduced the subject, Guillaume Lovet breaks down the human immune system into constituents and does some comparing with computer defense mechanisms. What do we have in our bodies to fight against viruses? (see right-hand image) Basically, the immune system is divided in two different subsystems....