scip AG

Labs: Blog Digest Archiv

Der scip Blog Digest ist eine jeweils Ende des Monats erscheinende Zusammenfassung der wichtigsten, spannendsten und verrücktesten Beiträge aus der internationalen Blogosphäre. Mit der Durchsicht dieser Postings wird es einfach und unkompliziert möglich, in Bezug auf Entwicklungen im Bereich IT-Security auf dem Laufenden zu bleiben. Folgen Sie unserem Team auf Twitter, um jeweils die aktuellsten News zu erhalten.

► 26.04.2013 – Blog Digest April 2013

• 2013 Information Security Survey (liebsoft.com)
• 8 tips for a security incident handling plan (nakedsecurity.sophos.com)
• Apple Finally Reveals How Long Siri Keeps Your Data (wired.com)
• Before you move to the cloud (resources.infosecinstitute.com)
• Debunking Myths: Penetration Testing is a Waste of Time (infosecisland.com)
• Dilbert comic strip for 04/07/2013 (dilbert.com)
• Fuzzers Need Taming (blog.regehr.org)
• Google Uses Reputation To Detect Malicious Downloads (darkreading.com)
• How Attackers Choose Which Vulnerabilities To Exploit (darkreading.com)
• If iOS is Less Secure, Why Does Android Get Attacked? (veracode.com)
• Inside VirusTotal’s pants: VirusTotal += PCAP Analyzer (blog.virustotal.com)
• Is security really dead? Perhaps it’s your lack of depth (nakedsecurity.sophos.com)
• Is Your Scanning Vendor Cheating? (infosecisland.com)
• It’s been an epic few days: What happened? (facebook.com)
• Making Patching Work for SCADA and ICS Security (tofinosecurity.com)
• Memory Safe C/C++: Time to Flip the Switch (blog.regehr.org)
• Metasploit 4.6.0 Released! (community.rapid7.com)
• Nmap Development: Hack Attack (seclists.org)
• Password reset questions (blogs.securiteam.com)
• Secrets of FBI Smartphone Surveillance Tool Revealed in Court Fight (wired.com)
• Security Professionals Embrace Not-So-Secure Mobile Work Habits (pingidentity.com)
• The Boston Marathon Bombing: Keep Calm and Carry On (theatlantic.com)
• The CISO’s Guide to Advanced Attackers (securosis.com)
• The WordPress Brute Force Attack Timeline (blog.sucuri.net)
• When Offense and Defense Become One (pen-testing.sans.org)
• xkcd: All Adobe Updates (xkcd.com)
• xkcd: Authorization (xkcd.com)

Marc Ruef | G+ (402 Wörter)

► 28.03.2013 – Blog Digest März 2013

• A Vulnerability Disclosure Game Changer (darkreading.com)
• At The Vulnerability Oscars, The Winner Is … Buffer Overflow (veracode.com)
• Attack of the week: RC4 is kind of broken in TLS (blog.cryptographyengineering.com)
• Browser Security: Settings for Chrome, Firefox and Internet Explorer (veracode.com)
• C is for cookie, H is for hacker – understanding HTTP only and Secure cookies (troyhunt.com)
• CCD COE – The Tallinn Manual (ccdcoe.org)
• Chess CAPTCHA – a serious defence against spammers? (nakedsecurity.sophos.com)
• Exhaustive Testing is Not a Proof of Correctness (blog.regehr.org)
• Importance of security in mobile platforms (resources.infosecinstitute.com)
• Internet Census 2012 (internetcensus2012.bitbucket.org)
• Password Auditing with Core Impact (blog.coresecurity.com)
• Proofs from Tests (blog.regehr.org)
• Security Headers on the Top 1,000,000 Websites (veracode.com)
• Smart Guy Productivity Pitfalls (bookofhook.blogspot.com)
• The Internet is a surveillance state (cnn.com)
• The top 10 unsolved ciphertexts (nakedsecurity.sophos.com)
• Tools of the Trade: cvrfparse (blogs.cisco.com)
• Top 3 Proxy Issues That No One Ever Told You (blog.whitehatsec.com)
• What If The Google Reader Readers Just Don’t Come Back? (techcrunch.com)
• When Technology Overtakes Security (schneier.com)

Marc Ruef | G+ (305 Wörter)

► 28.02.2013 – Blog Digest Februar 2013

• A Decade in Review, Transition on the Way (nsslabs.com)
• Cheating in Chess (chessbase.com)
• Converting untrusted PDFs into trusted ones: The Qubes Way (theinvisiblethings.blogspot.com)
• CVE Vulnerabilities: How Your Dataset Influences Statistics (blog.osvdb.org)
• Evasi0n Jailbreak’s Userland Component (blog.accuvantlabs.com)
• Ex-Employees Say It’s OK To Take Corporate Data With Them (darkreading.com)
• From BYOD to CYOD: Security issues with personal devices in the workplace (welivesecurity.com)
• HDCP is dead. Long live HDCP. A peek into the curious world of HDMI (adamsblog.aperturelabs.com)
• Implicit HTML, Explicit Injection (deadliestwebattacks.com)
• Malware: The Next Generation (darkreading.com)
• Mini Drones: Army Deploys Tiny Helicopters (news.sky.com)
• Not in my house: how Vegas casinos wage a war on cheating (theverge.com)
• NYTimes and more Rainbow Table nonsense (erratasec.blogspot.com)
• Power and the Internet (schneier.com)
• Researchers find crippling flaws in global GPS (scmagazine.com.au)
• Snort Rule Writing for the IT Professional (resources.infosecinstitute.com)
• Social Media use in the Military Sector (infosecinstitute.com)
• Speech codes are evil (erratasec.blogspot.com)
• Straight facts about Mac malware, threats and responses (blog.eset.com)
• The exponential nature of password cracking costs (blog.coresecurity.com)
• Ticketmaster says goodbye to CAPTCHA (nakedsecurity.sophos.com)
• Turning the Belkin WeMo into a deathtrap (hackaday.com)
• Using Content Security Policy to Prevent Cross-Site Scripting (blog.sendsafely.com)
• Voice over IP – The Attack Surface (blog.redscan.com)

Marc Ruef | G+ (380 Wörter)

► 31.01.2013 – Blog Digest Januar 2013

• ‘Experts’ who tell you to do dumb things… (blog.uncommonsensesecurity.com)
• 10 Skills Needed to be a Successful Pentester (blogs.securiteam.com)
• 5 Resolutions Information Security Professionals Should Make for 2013 (hp.com)
• 5 Thoughts to Improve Your Infosec Maturity (blog.port80software.com)
• A padding oracle example (skullsecurity.org)
• A Tale of Two Parsers (communities.coverity.com)
• Advisories != Vulnerabilities, and How It Affects Statistics (blog.osvdb.org)
• Automated Open Source Intelligence (OSINT) Using APIs (raidersec.blogspot.com)
• Cybercrime and the Underground Market (infosecinstitute.com)
• Defeating AES without a PhD (blog.spiderlabs.com)
• Deobfuscating Potentially Malicious URLs (blog.opensecurityresearch.com)
• Does Your Alarm Have a Default Duress Code? (krebsonsecurity.com)
• Errata Security: 10 years of Slammer: one retrospective (erratasec.blogspot.com)
• Getting Started With Lock Picking (blog.opensecurityresearch.com)
• Google Declares War on the Password (wired.com)
• Imperva, VirusTotal, and whether AV is useful (blog.eset.com)
• Just A Tool (hackerfactor.com)
• Know Your JavaScript (Injections) (deadliestwebattacks.com)
• Money Laundering scenes in -The Digital World (uscyberlabs.com)
• Moore’s Law won’t kill passwords (lightbluetouchpaper.org)
• Nokia: Yes, we decrypt your HTTPS data, but don’t worry about it (gigaom.com)
• On the Topic of AV Being Useless (f-secure.com)
• Post Exploitation in Linux With Metasploit (pentestlab.wordpress.com)
• Restricting social media at work (resources.infosecinstitute.com)
• Stating the Obvious (hackerfactor.com)
• Switzerland Is Evidence That Confidentiality Can Lead To Prosperity (brucehallas.co.uk)
• U.S. Spy Law Authorizes Mass Surveillance of European Citizens (slate.com)
• Weaponizing Mobile Devices for Use in DDoS Attacks (securitybistro.com)
• Who is Responsible for Application Security? Development or Security? (infosecisland.com)
• Who to Contract Before a Data Breach Occurs (securitybistro.com)

Marc Ruef | G+ (469 Wörter)

► 27.12.2012 – Blog Digest Dezember 2012

• 10 security stories that shaped 2012 (zdnet.com)
• Blackberry OS 10 BlackLists Batman and PoohBear (blog.spiderlabs.com)
• Brute Force Attack With Burp (pentestlab.wordpress.com)
• China tightens ‘Great Firewall’ internet control with new technology (guardian.co.uk)
• Domain theft and the possibilities for recovery (resources.infosecinstitute.com)
• Experimenting with Your Privacy, Facebook Begins Selling Access (eff.org)
• Fake AV 3 years later: still there, still not blocked (research.zscaler.com)
• Fortinet’s FortiGuard Labs Reveals 2013 Threat Predictions (blog.fortinet.com)
• Hiding files in GIF comments (floyd.ch)
• HTML5 Definition Complete, W3C Moves to Interoperability Testing and Performance (w3.org)
• Internet Explorer Data Leakage (spider.io)
• LazyMap – Lazy Nmap Scanning Script (commonexploits.com)
• Malicious Apache module used for content injection: Linux/Chapro.A (blog.eset.com)
• My 5 Top Ways to Escalate Privileges (blog.spiderlabs.com)
• Researchers find crippling flaws in global GPS (scmagazine.com.au)
• Securing a tablet for web browsing in six easy steps (nakedsecurity.sophos.com)
• Security Features vs. Securing Features (blogs.cisco.com)
• Skynet, the potential use of Tor as a bulletproof botnet (infosecisland.com)
• The 30-year-old prank that became the first computer virus (theregister.co.uk)
• The Basics of IDA Pro (resources.infosecinstitute.com)
• This $299 tool is reportedly capable of decrypting BitLocker, PGP, ... (thenextweb.com)
• Trojan bypasses two-factor authentication, steals $46.5 million (techspot.com)
• Using Penetration Tests To Gauge Real Risk (darkreading.com)
• Virtualization Security (resources.infosecinstitute.com)
• Website Malware – Reality of Cross-Site Contaminations (blog.sucuri.net)
• Whose bug is this anyway?!? (codeofhonor.com)
• Why Anti-Virus is not a waste of money (blog.eset.com)
• Windows 8 ASLR Internals (blog.ptsecurity.com)

Marc Ruef | G+ (439 Wörter)

► 29.11.2012 – Blog Digest November 2012

• 4 Turning Points in Cybersecurity History (tripwire.com)
• 4G Wireless Networks Are Extremely Vulnerable (technologyreview.com)
• 7 Ways Vulnerability Scanners May Harm Website(s) (blog.whitehatsec.com)
• Anatomy of an Attack: How I Hacked StackOverflow (blog.ircmaxell.com)
• Applying Game Theory to Cybersecurity (blogs.rsa.com)
• Better off without AV? Not yet (blogs.csoonline.com)
• CrowdStrike: HTTP iframe Injecting Linux Rootkit (blog.crowdstrike.com)
• Data Loss Prevention – Without the New Blinky Boxes (hp.com)
• Getting Started With Lock Picking (blog.opensecurityresearch.com)
• Hacker leaks VMware ESX kernel source code online (zdnet.com)
• Hashdays Wrap-up Day (blog.rootshell.be)
• Indicators of Suspicious Behaviors at Hotels (publicintelligence.net)
• Malware Targeting Windows 8 Uses Google Docs (symantec.com)
• Microsoft’s security team is killing it: Not one product on Kaspersky’s list (thenextweb.com)
• Money Laundering scenes in The Digital World (uscyberlabs.com)
• Offensive Defense: A Really Bad Idea (krypt3ia.wordpress.com)
• Security Headers on the Top 1,000,000 Websites (veracode.com)
• Some thoughts on HTTP response codes (blog.c22.cc)
• Telcos declare SMS ‘unsafe’ for bank transactions (itnews.com.au)
• The Biggest Problem in Computer Security (carnal0wnage.attackresearch.com)
• VMInjector – DLL Injection tool to unlock guest VMs (secforce.com)
• Which Antivirus Cleans Best? (securitywatch.pcmag.com)

Marc Ruef | G+ (338 Wörter)

► 31.10.2012 – Blog Digest Oktober 2012

• 6 Business Friendly Features In iOS 6 (techcrunch.com)
• botCloud – an emerging platform (stratsec.blogspot.com)
• Bypassing WAF via HTTP Parameter Pollution (danuxx.blogspot.com)
• Defending Against DoS Attacks (securosis.com)
• Five Habits of Companies That Catch Insiders (darkreading.com)
• Hacking KeyLoggers (blog.opensecurityresearch.com)
• Hakin9 – Spam Kings (digininja.org)
• Hoaxicane Sandy (blogs.rjssoftware.com)
• How Did Software Get So Reliable Without Proof? (blog.regehr.org)
• In a Zero-Day World, It’s Active Attacks that Matter (krebsonsecurity.com)
• iOS photos EXIF data (swisshttp.blogspot.com)
• James Bond’s Dry Erase Marker: The Hotel PenTest Pen (blog.spiderlabs.com)
• Linux 3.6 (lkml.org)
• Malware Authors Using New Techniques to Evade Automated Threat Analysis (symantec.com)
• Mysterious Algorithm Was 4% of Trading Activity Last Week (cnbc.com)
• New Security Capabilities in Adobe Reader and Acrobat XI (blogs.adobe.com)
• NIST Selects Winner of Secure Hash Algorithm (SHA-3) Competition (nist.gov)
• Physics duo create tractor beam using dual Bessel beams (phys.org)
• Quality Coding Takes A Break For The Holidays. But Why? (threatpost.com)
• Security Flaws in the TSA Pre-Check System (puckinflight.wordpress.com)
• Spam from an Android botnet (blogs.msdn.com)
• What Is SHA-3 Good For? (links.org)
• What Makes a Good Security Risk Equation? (blog.securestate.com)
• Windows 8 has new policy to prevent users from being connected (blogs.microsoft.co.il)
• Words Of War And Weakness: The Zero-Day Exploit Market (techweekeurope.co.uk)
• World of Warcraft cities hacked (bbc.co.uk)
• Younger people less secure online than their elders new study suggests (blog.eset.com)

Marc Ruef | G+ (429 Wörter)

► 28.09.2012 – Blog Digest September 2012

• 10 Ways Developers Put Databases At Risk (darkreading.com)
• 20 Questions to Ask Your Cloud Provider (blogs.mcafee.com)
• Abusing Emoji in iOS and Your Mac (zachholman.com)
• An update from VirusTotal (blog.virustotal.com)
• Bank Fraud & ATM Security (infosecinstitute.com)
• BYOA Brings New And Old Challenges For IT (blog.fortinet.com)
• Data Discovery (blog.securestate.com)
• Did I do that? (PenTest Faux Pas) (blog.spiderlabs.com)
• Does Anything Really ‘End’ In Digital Security? (taosecurity.blogspot.com)
• Do you allow XSS in your passwords? You should! (troyhunt.com)
• Encryption Is Not the Answer to Security Problems (taosecurity.blogspot.com)
• Getting in with the Proxmark 3 and ProxBrute (blog.spiderlabs.com)
• How to Secure Windows 2000 (blog.securestate.com)
• ICYMI: 0-day leaks from IPS (erratasec.blogspot.com)
• My life after Anonymous: ‘I feel more fulfilled without the internet’ (guardian.co.uk)
• PIN number analysis (datagenetics.com)
• Quantum cryptography: yesterday, today, and tomorrow (arstechnica.com)
• Researchers: Chip and PIN Enables ‘Chip and Skim’ (krebsonsecurity.com)
• Security metrics: 5 tips (tripwire.com)
• Source Code Review Grep Script (floyd.ch)
• Testing Websites in Game Console Browsers (alistapart.com)
• The First Few Months of Penetration Testing: What they don’t teach you (blog.spiderlabs.com)
• Top 15 Cloud Security Best Practices (blogs.mcafee.com)
• Using Google Trends to Analyse the Popularity of IT Security Certifications (infosecinstitute.com)
• Vulnerability Spidey Sense – Demystifying PenTesting Intuition (blog.spiderlabs.com)
• Web Application Defense: Bayesian Attack Analysis (blog.spiderlabs.com)
• What can we learn from the social engineering contest? (newschoolsecurity.com)

Marc Ruef | G+ (425 Wörter)

► 30.08.2012 – Blog Digest August 2012

• 10 Tips For Protecting Mobile Users (darkreading.com)
• 5 Design Tricks Facebook Uses To Affect Your Privacy Decisions (techcrunch.com)
• Attack Surface Analyzer 1.0 Released (blogs.msdn.com)
• Backup Security Best Practices (blogs.mcafee.com)
• Bad password choices: don’t miss the point (blog.eset.com)
• Brainfuck beware: JavaScript is after you! (patriciopalladino.com)
• Bring it on: Companies bring sensitive data to the cloud despite doubts (securitybistro.com)
• Bypassing CAPTCHAs by Impersonating CAPTCHA Providers (blog.opensecurityresearch.com)
• Dilbert Comic Strip – Government Agencies (dilbert.com)
• Divide and Conquer: Cracking MS-CHAPv2 with a 100% success rate (cloudcracker.com)
• Ending mixed scripting vulnerabilities (blog.chromium.org)
• Endpoint Security Management Buyer’s Guide (securosis.com)
• Flamer Analysis: Framework Reconstruction (blog.eset.com)
• Information Security: Analysis of the FinFisher (community.rapid7.com)
• Introduction to HTTP Response Headers for Security (resources.infosecinstitute.com)
• I Was a Teenage Hacker (codinghorror.com)
• Mobile Security Experts on BYOD (veracode.com)
• No, ‘hacker’ really does mean ‘hacker’ (erratasec.blogspot.com)
• Not So Random Numbers. Take Two (blog.ptsecurity.com)
• Overreaction and Overly Specific Reactions to Rare Risks (schneier.com)
• Plaintext Caching with iOS Document Interaction APIs (blog.gdssecurity.com)
• Pragmatic WAF Management: Policy Management (securosis.com)
• Pragmatic WAF Management: the Trouble with WAF (securosis.com)
• Quality Coding Takes A Break For The Holidays. But Why? (threatpost.com)
• Spam from an Android botnet (blogs.msdn.com)
• Stamping Out Hash Corruption, Like a Boss (blog.spiderlabs.com)
• Surprises in our advanced threat awareness survey (blog.fireeye.com)
• Tackling Modern Malware (blog.redscan.com)
• The Importance of Security Engineering (schneier.com)
• The Password Dilemma – Unique and Complex is the Key (blog.sucuri.net)
• Web Application Fingerprinting (pentestlab.wordpress.com)
• Why passwords have never been weaker and crackers have never been stronger (arstechnica.com)

Marc Ruef | G+ (491 Wörter)

► 26.07.2012 – Blog Digest Juli 2012

• 4 Reasons Why IT Security Needs Risk Management (darkreading.com)
• Accelerating Password Recovery: the Addition of FPGA (blog.crackpassword.com)
• Android Security 101: A Short Guide (blog.fortinet.com)
• App detects compromised, jailbroken iOS devices (scmagazine.com.au)
• Appeals Court Calls Bank’s Security ‘Commercially Unreasonable’ (threatpost.com)
• Apple Security ‘Grows Up’ With Pair Of Malicious Threats (blog.fortinet.com)
• Apple’s Mountain Lion to offer automatic security updates (appleinsider.com)
• A Step-by-Step Guide for Choosing the Best Scanner (infosecisland.com)
• Creating Metasploit Exploits (pentestlab.wordpress.com)
• Decoding Common XOR Obfuscation in Malicious Code (isc.sans.edu)
• How much data? Apache, Ubuntu and the Lies of the Logs (blog.spiderlabs.com)
• How To Select A DDoS Mitigation Service (darkreading.com)
• Linux 3.5 released (lkml.org)
• Pharma Hack Backdoor Analyzed (blog.sucuri.net)
• Reducing web application attack surface (blog.spiderlabs.com)
• Spam from an Android botnet (blogs.msdn.com)
• Statistics about Yahoo leak of 450.000 plain-text accounts (blog.eset.se)
• Survey Reveals Traditional Vulnerability Scanners Not Working (skyboxsecurity.com)
• Ten Things I’ve Learned About Cloud Security (infosecisland.com)
• The Differences Between Security Certifications (infosecisland.com)
• The fallacy of remote wiping (zdnet.com)
• Thieves placed bugs and hacked onboard computers of luxury cars (telegraph.feedsportal.com)
• Unvalidate Redirects and Forwards (hackingtricks.in)
• Using Chip Malfunction To Leak Private Keys (darkreading.com)
• VirusTotal += Behavioural Information (blog.virustotal.com)
• WebDriver (w3.org)
• What do Sony and Yahoo! have in common? Passwords! (troyhunt.com)
• When is Undefined Behavior OK? (blog.regehr.org)
• Windows short (8.3) filenames – a web security nightmare (acunetix.com)

Marc Ruef | G+ (480 Wörter)

► 28.06.2012 – Blog Digest Juni 2012

• 10 Movie Scenes Of Authentication Worth Rewatching (darkreading.com)
• A bad couple of years for the cryptographic token industry (blog.cryptographyengineering.com)
• Algorithms: When is Random Really Random? (infosecisland.com)
• Android app steals contactless credit card data (scmagazine.com.au)
• Backup Security Best Practices (blogs.mcafee.com)
• Crypto breakthrough shows Flame was designed by world-class scientists (arstechnica.com)
• CVSS for Penetration Test Results (Part I) (blog.spiderlabs.com)
• Data Classification: Why it is Important for Information Security (infosecisland.com)
• Decoding Common XOR Obfuscation in Malicious Code (isc.sans.edu)
• Defeating Flame String Obfuscation with IDAPython (blog.spiderlabs.com)
• eHarmony Password Dump Analysis (blog.spiderlabs.com)
• Evolving Endpoint Malware Detection: Controls, Trade-offs and Compromises (securosis.com)
• Evolving Endpoint Malware Detection: Providing Context (securosis.com)
• Falsehoods programmers believe about networks (erratasec.blogspot.com)
• HashDos: 42% of IIS sites are still Vulnerable (devcentral.f5.com)
• How Advanced Malware Bypasses Process Monitoring (blog.fireeye.com)
• How Malicious Code Can Run in Microsoft Office Documents (blog.zeltser.com)
• How old is Flame? (labs.alienvault.com)
• JSLR (thespanner.co.uk)
• Kaspersky’s Problematic Flame Analysis (jeffreycarr.blogspot.ch)
• Meet Flame, The Massive Spy Malware Infiltrating Iranian Computers (wired.com)
• Microsoft certification authority signing certificates added to the Untrusted Certificate Store (blogs.technet.com)
• Most Consumers Don’t Understand Breach Notification (darkreading.com)
• Obama Order Sped Up Wave of Cyberattacks Against Iran (nytimes.com)
• Our password hashing has no clothes (troyhunt.com)
• Playing by the Rules: Performing Firewall Audits (resources.infosecinstitute.com)
• Protect answers to password reset questions with pen-and-paper (blog.eset.com)
• Rumor: LinkedIn Hacked – Password Hashes Dumped on Russian Forum (securityweek.com)
• Safe Browsing – Protecting Web Users for 5 Years and Counting (googleonlinesecurity.blogspot.com)
• Scientists crack RSA SecurID 800 tokens, steal cryptographic keys (arstechnica.com)
• Security warnings for suspected state-sponsored attacks (googleonlinesecurity.blogspot.com)
• The Central Limit Theorem Makes Random Testing Hard (blog.regehr.org)
• Thoughts on Active Defense, Intrusion Deception, and Counterstrikes (securosis.com)
• Why Antivirus Companies Like Mine Failed to Catch Flame and Stuxnet (wired.com)
• XSS: Gaining access to HttpOnly Cookie in 2012 (seckb.yehg.net)

Marc Ruef | G+ (564 Wörter)

► 31.05.2012 – Blog Digest Mai 2012

• 13 Tips to Secure Your Virtual Machine Environment (stateofsecurity.com)
• 8 Breach Prevention Tips (govinfosecurity.com)
• A Career in Forensics: 5 Key Steps (govinfosecurity.com)
• Adobe Malware Classification Tool review (Michael Boman)
• Algorithms: When is Random Really Random? (infosecisland.com)
• Chromium Blog: A Tale of Two Pwnies (Part 1) (blog.chromium.org)
• Data leakage in social media (isc2Blog)
• Everything you ever wanted to know about building a secure password reset feature (troyhunt.com)
• Google Chrome Becomes World’s No. 1 Web Browser; Still No. 2 In US (ibtimes.com)
• Happily Anti-Social (hackerfactor.com)
• How To Better Measure Botnet Size (darkreading.com)
• How to Use a Web Application Firewall (The Right Way) (blog.port80software.com)
• How To Use Service Providers To Manage DDoS Threats (darkreading.com)
• Latest news on my hardware security research (cl.cam.ac.uk)
• Linux 3.4 released (lkml.org)
• Man in the Browser Attack vs. Two Factor Authentication (resources.infosecinstitute.com)
• Meet ‘Flame’, The Massive Spy Malware Infiltrating Iranian Computers (wired.com)
• Nmap 6 Release Notes (nmap.org)
• Poorly Managed Firewall Rule Sets Will Flag An Audit (darkreading.com)
• Prevent VoIP Toll Fraud with Proper Configurations (infosecisland.com)
• Reversing 101 – Solving a protection scheme (corelan.be)
• Ridley Scott’s New Blade Runner Film Will Be Sequel (wired.com)
• Securing Your Company Against BYOD-Created Threats (infosecisland.com)
• So What If You Detected Malware? (blog.damballa.com)
• The Antivirus Uncertainty Principle (blog.damballa.com)
• The Jericho Botnet – Why Break A Wall When You Can Just Sneak Through? (researchcenter.paloaltonetworks.com)
• Twelve Security Best Practices for USB Drives (infosecisland.com)
• When factors collapse and two factor authentication becomes one (isc.sans.edu)

Marc Ruef | G+ (467 Wörter)

► 27.04.2012 – Blog Digest April 2012

• 10 Simple Tips for Boosting The Security Of Your Mac (securelist.com)
• 57 Small Programs that Crash Compilers (blog.regehr.org)
• 64-bit Process Replacement in Powershell (exploit-monday.com)
• 67% of ASP.NET websites have serious configuration related security vulnerabilities (troyhunt.com)
• Algorithms: When is Random Really Random? (infosecisland.com)
• Apple Security Grows Up With Pair Of Malicious Threats (blog.fortinet.com)
• Beyond the firewall (software.co.il)
• Checklists and Information Security (newschoolsecurity.com)
• CIOs May Like To Talk The Social Media Talk, But Only 10% Walk The Walk (techcrunch.com)
• Coding Horror: Learn to Read the Source, Luke (codinghorror.com)
• Data Classification: Why it is Important for Information Security (infosecisland.com)
• DDoS attacks on financial sector booming (itp.net)
• DDoS, detailed analysis of the phenomenon (securityaffairs.co)
• Estimating The Economics Behind BYOD Security (darkreading.com)
• Exploiting XSS in Ajax Web Applications (superevr.com)
• FBI: Smart Meter Hacks Likely to Spread (KrebsOnSecurity)
• Five Schemes For Redeeming Trust in SSL (darkreading.com)
• Getting your message across: Screenshots (blog.c22.cc)
• Good for Enterprise Exploitation (blog.opensecurityresearch.com)
• Hacking-Kung Fu: Aims and Objectives (petalocsta.com)
• Hotel Wifi JavaScript Injection (justinsomnia.org)
• Infectious Media Attack (pentestlab.wordpress.com)
• MasterCard, VISA Warn of Processor Breach (KrebsOnSecurity)
• Michael Hamelin on crafting a firewall maturity model (TufinBlog)
• Nmap – Techniques for Avoiding Firewalls (pentestlab.wordpress.com)
• OSINT and pre-game show for a on-site WLAN Penetration Test (resources.infosecinstitute.com)
• Post Exploitation – Disable Firewall and Kill Antivirus (pentestlab.wordpress.com)
• QArt Codes (research.swtch.com)
• Security Alert: New Android Malware DKFBootKit Moves Towards (research.nq.com)
• Segfaults (blog.uncommonsensesecurity.com)
• Server-side Polymorphic Android Applications (symantec.com)
• Shady Companies With Ties to Israel Wiretap the U.S. for the NSA (wired.com)
• Speed Hashing (codinghorror.com)
• SQL Injection through HTTP Headers (resources.infosecinstitute.com)
• Static Code Analysis (altdevblogaday.com)
• The value of HTTP 404 Errors (blog.rootshell.be)
• Time magazine readers name Anonymous most influential person (zdnet.com)
• Twelve Security Best Practices for USB Drives (infosecisland.com)
• VLAN Network Segmentation and Security (infosecinstitute.com)
• VMware confirms hackers stole source code (GrahamCluleysBlog)
• Vulnerabilities, Exploits, and Good Dental Hygiene (blog.tenablesecurity.com)
• Vulnerability Management Evolution: Core Technologies (securosis.com)
• Vulnerability Management Evolution: Scanning the Infrastructure (securosis.com)
• Watching the Watchers: Clouds Rolling In (securosis.com)
• We Have A Winner! (hackerfactor.com)

Marc Ruef | G+ (657 Wörter)

► 29.03.2012 – Blog Digest März 2012

• 10 Movie Scenes Of Authentication Worth Rewatching (darkreading.com)
• 10 Tips to Fight Insider Fraud (govinfosecurity.com)
• 2012 Database Threats (pciguru.wordpress.com)
• 7 Problems with Cell Phone Forensics (feedproxy.google.com)
• Actually, my name is Duqu – Stuxnet is my middle name (stratsec.blogspot.com)
• Algorithms: When is Random Really Random? (infosecisland.com)
• Clickjacking, Cursorjacking and Common Facebook Vulnerabilities (infosecinstitute.com)
• Configuring Network Level Authentication for RDP (darkoperator.com)
• Detecting Brazilian Banking Trojans with Snort http_inspect (SpiderlabsAnterior)
• DGA’s vs Automated Malware Signature Generation (blog.damballa.com)
• Doing Biz with Hackers: Do Bad Guys Make the Best Good Guys? (infosecisland.com)
• Five Strategic Security Metrics To Watch (darkreading.com)
• How to prepare for Google’s privacy changes (cnn.com)
• How to Protect Yourself from Skimmers (infosecisland.com)
• How Windows 8 Sharing Blows Mountain Lion Out of the Water (mashable.com)
• iOS Data Security – Protecting Data on unmanaged Devices (securosis.com)
• iPad 3 Out – Now Keep It Safe (blog.fortinet.com)
• Linux 3.3 release (lkml.org)
• Malware reporting study: more infomation leads to higher cleanup rate (StopbadwareBlog)
• MS12-020 BinaryDiff (blog.binaryninjas.org)
• Prevent VoIP Toll Fraud with Proper Configurations (infosecisland.com)
• Quality Coding Takes A Break For The Holidays. But Why? (threatpost.com)
• Reflections on a Past Vulnerability, Kind Of… (stateofsecurity.com)
• Reliable Windows 7 Exploitation: A Case Study (ifsec.blogspot.com)
• Safe Coding and Software Security Infographic (veracode.com)
• Snort.org Blog: Rule Category Reorganization (Snort)
• Social networks & Deactivated Friend Attack, the cybercrime paradise… (securityaffairs.co)
• Some evidence on multi-word passphrases (lightbluetouchpaper.org)
• Some random observations on Linux ASLR (scarybeastsecurity.blogspot.com)
• The End of Vulnerabilities? (darkreading.com)
• The Futility of Web Pen Testing (deadliestwebattacks.com)
• The XOR Bypass (blog.damballa.com)
• Top 10 Oracle Steps to a Secure Oracle Database (blog.opensecurityresearch.com)
• Twelve Security Best Practices for USB Drives (infosecisland.com)
• What They Don’t Teach You in ‘Thinking Like the Enemy’ Classes (infosecisland.com)
• When Do I Need to Apply This Update – Adding Priority Ratings to Adobe (blogs.adobe.com)
• When Was The Term Exfiltration First Used? (blog.zeltser.com)

Marc Ruef | G+ (590 Wörter)

► 29.02.2012 – Blog Digest Februar 2012

• 8 Breach Prevention Tips (govinfosecurity.com)
• A Career in Forensics: 5 Key Steps (govinfosecurity.com)
• Algorithms: When is Random Really Random? (infosecisland.com)
• A Milestone in IPv6 Deployment (ddos.arbornetworks.com)
• Android malware employs steganography (f-secure.com)
• Attackers Use Fake Friends to Blend into Facebook (barracudanetworks.com)
• Block a country with my Cisco Router or Firewall (blogs.cisco.com)
• Chinese Hackers Suspected in Nortel Breach (wsjonline.com)
• Cybercriminals Moving Over To TLD .su (abuse.ch)
• Designing enterprise systems for the accidental incident (Wh1t3Rabbit)
• Digital Exams on the iPad (speirs.org)
• ESET researchers on Windows Phone 8 Security (ESET)
• Exploring Your Browser LocalStorage (blog.opensecurityresearch.com)
• Five principles to better your security monitoring (darkreading.com)
• Five Schemes For Redeeming Trust in SSL (darkreading.com)
• Five Strategic Security Metrics To Watch (darkreading.com)
• How (And Why) Attackers Choose Their Targets (darkreading.com)
• How Companies Learn Your Secrets (nytimes.com)
• How To Defend Your Database From Malicious Insiders (darkreading.com)
• How to navigate Google’s privacy options (GrahamCluleysBlog)
• Incident Response: Have You Got a Plan? (infosecisland.com)
• JSON CSRF with Parameter Padding (blog.opensecurityresearch.com)
• Kippo is being detected by Metasploit (bruteforce.gr)
• Maximizing Value in Pen Testing (pen-testing.sans.org)
• Mobile Devices Just Another Endpoint (darkreading.com)
• Nessus 5.0 Released! (blog.tenablesecurity.com)
• NYPD Developing THz Body Scanners to Detect Weapons (thznetwork.net)
• Penetration Testing for iPhone Applications (resources.infosecinstitute.com)
• Prevent VoIP Toll Fraud with Proper Configurations (infosecisland.com)
• Quantifying Risk Reduction with an Unknown Denominator (Wh1t3Rabbit)
• Redesigning the Windows Logo (windowsteamblog.com)
• Server-side Polymorphic Android Applications (symantec.com)
• Some IDS comments (erratasec.blogspot.com)
• The Aftermath Of A Breach (darkreading.com)
• The Differences Between Security Certifications (infosecisland.com)
• Timing Analysis Attacks in Anonymous Systems (resources.infosecinstitute.com)
• Twelve Security Best Practices for USB Drives (infosecisland.com)
• When in the Cloud, Trust – but Verify (technewsworld.com)
• When Was The Term ‘Exfiltration’ First Used? (blog.zeltser.com)
• Who has better privacy laws: USA or European Union? (GrahamCluleysBlog)
• Why stream ciphers shouldn’t be used for hashing (rdist.root.org)

Marc Ruef | G+ (652 Wörter)

► 27.01.2012 – Blog Digest Januar 2012

• 20 Questions to Ask Your Cloud Provider (blogs.mcafee.com)
• Android Approved By Pentagon For DoD Usage, Major Setback For iPhone (muktware.com)
• Breaking CAPTCHA with automated humans (Troy Hunt)
• Can Simplicity Scale? (blog.regehr.org)
• DLP (blogs.securiteam.com)
• Five principles to better your security monitoring (darkreading.com)
• Fuzzing – Mutation vs. Generation (infosecinstitute.com)
• Hacking Web Authentication – Part 1 (infosecinstitute.com)
• iPhone Forensics (infosecinstitute.com)
• Is Your Online Bank Vulnerable To Currency Rounding… (blog.acrossecurity.com)
• It’s All About Interfaces (blog.regehr.org)
• It’s Official: The Windows Server GUI Is (Slowly) On the Way Out (redmondmag.com)
• ModSecurity Mitigations for ASP.NET HashTable DoS Vulnerability (SpiderlabsAnterior)
• New Platforms, Old Mistakes (veracode.com)
• Rock Solid: Will Digital Forensics Crack SSD’s? (infosecinstitute.com)
• Symantec’s Norton AntiVirus source code exposed by hackers (GrahamCluleysBlog)
• Symantec tells customers to disable pcAnywhere software (reuters.com)
• The Art of Reporting in IT Security (resources.infosecinstitute.com)
• Three Surefire Ways To Tick Off An Auditor (darkreading.com)
• Top 10 PCI Compliance Mistakes (darkreading.com)
• VoIP Penetration Testing & Security Risk (resources.infosecinstitute.com)
• What To Do When Your Business Partner Is Breached (darkreading.com)
• When Good Apps Go Bad (darkreading.com)
• Where Has All My Blogging Gone? (ThePhoneBoyBlog)
• Wi-Fi Protected Setup PIN brute force vulnerability (sviehb.wordpress.com)
• Windows Timestamp Tampering (blog.opensecurityresearch.com)

Marc Ruef | G+ (395 Wörter)

► 29.12.2011 – Blog Digest Dezember 2011

• 1% of CMS-Powered Sites Expose Their Database Passwords (feross)
• Abusing IP Protocols to Create Covert Channels (resources.infosecinstitute.com)
• Authentication: What is a factor anyway? (securitycurve.com)
• Can you crack it – interesting challenge (blog.pi3.com.pl)
• Cisco says 70% of young workers ignore IT rules (bizjournals.com)
• Does Android Malware Exist? (securelist.com)
• Dump Windows password hashes efficiently – Part 1 (BernardoDamele)
• Facebook bans at work linked to increased security breaches (itbusiness.ca)
• hashdays: There goes 2011, here comes 2012! (blog.stfn.ch)
• HTML scriptless attacks (thespanner.co.uk)
• Image Steganography Tutorial & Concept (resources.infosecinstitute.com)
• Insecure Object Mapping (carnal0wnage.attackresearch.com)
• Lost USB keys have 66% chance of malware (GrahamCluleysBlog)
• Metasploit: Six Ways to Automate Metasploit (community.rapid7.com)
• Mobile Device Location Tracking, and Why It Matters (SpiderlabsAnterior)
• Nmap on Amazon Kindle (k0st.wordpress.com)
• Quality Coding Takes A Break For The Holidays. But Why? (threatpost.com)
• Remote control manager FAIL (skullsecurity.org)
• Rethinking Mobile Security (darkreading.com)
• Schneier on Security: Recent Developments in Full Disclosure (schneier.com)
• Security Holes In Software Decreased This Year, Early Data Shows (darkreading.com)
• Static Code Analysis (altdevblogaday.com)
• Steps to Avoid Mental Stagnation (Wh1t3Rabbit)
• Ten Best Practices For Meeting SOX Security Requirements (darkreading.com)
• The Art of Profiling Cybercriminals (darkreading.com)
• The more things change, the more they stay the same! (blog.c22.cc)
• The ‘Security’ Impact of Performance (Wh1t3Rabbit)
• Top 10 Security Mistakes SMBs Make (darkreading.com)
• Trusted Execution In Untrusted Cloud (theinvisiblethings.blogspot.com)
• Understanding Firefox and SQLite Tables for Forensics (resources.infosecinstitute.com)
• Using Facebook as a proxy (ihteam.net)
• Using Fuzzing to Spice Up a Penetration Test (pen-testing.sans.org)
• VLAN Hacking (resources.infosecinstitute.com)
• What Data Lurks on Your Old Smartphone? (foxnews.com)
• Why I Will Never Feel Threatened by Programmers in India (blog.jpl-consulting.com)
• Windows Phone SMS attack discovered, reboots device (winrumors.com)

Marc Ruef | G+ (571 Wörter)

► 30.11.2011 – Blog Digest November 2011

• Analyzing malicious files for writing network signatures (zscaler)
• Authentication: What is a factor anyway? (securitycurve.com)
• Baking Strong Authentication Into Client Devices (darkreading.com)
• Biggest Cybercriminal Takedown in History (KrebsOnSecurity)
• Biology Rules Apply to Infosec? (blog.rootshell.be)
• Brute force attack a BIOS with Arduino (alfersoft.com.ar)
• Cloud Controls Matrix (CCM) – Cloud Security Alliance (cloudsecurityalliance.org)
• Crypteks USB™ – Inspired Design meets Ultra-Security (kickstarter.com)
• Curing the Credit Card Cancer (MartinMckeaysNetworkSecurityBlog)
• Data Loss Prevention – Without the New Blinky Boxex (Wh1t3Rabbit)
• Duqu: Questions and Answers (f-secure.com)
• Facebook: Anatomy of Self-Inflicted Javascript Injection (zscaler)
• Fighting 0days With Fundamentals (darkreading.com)
• Google Open Sources Android 4.0, Ice Cream Sandwich (Techcrunch)
• Greater choice for wireless access point owners (googleblog.blogspot.com)
• How Much Is Your Identity Worth? (KrebsOnSecurity)
• Intro to HDMoore’s Law (cognitivedissidents.wordpress.com)
• IPhone: Cracking Siri (applidium.com) [Inofficial Mirror]
• Microsoft aims to reduce Windows Update restarts (zdnet.co.uk)
• Pen Tests: Not Getting ‘In’ is an Option (darkreading.com)
• Pipal, Password Analyser (digininja.org)
• Plugging the Kiosk-sized Security Hole (darkreading.com)
• Randomness in cryptography – the devil’s in the details (GrahamCluleysBlog)
• Securing User Credentials On Mobile Devices (blogs.mcafee.com)
• Seven Annoying Attacks That Facebook Misses (barracudalabs.com)
• Study: Users Are Mad About Breaches, And They’re Not Going To Take It (darkreading.com)
• Top 15 Cloud Security Best Practices (blogs.mcafee.com)
• Traceroute-like HTTP scanner (agarri.fr)
• Want to create a really strong Password, don’t ask Google (lightbluetouchpaper.org)
• WireShnork – A Snort plugin for Wireshark (honeynet.org)

Marc Ruef | G+ (485 Wörter)

► 26.10.2011 – Blog Digest Oktober 2011

• 8 Reasons for Denial-of-Service (DoS) Attacks (28.09.2011), blog.zeltser.com
• Analyzing PDF Malware – Part 1 (23.09.2011), SpiderlabsAnterior, very good introduction
• APT – The Plain Hard Truth (23.09.2011), fasthorizon.blogspot.com, threat group evolution
• Best practices for reporting malware (11.10.2011), HelpNetSecurity
• Better Random Testing by Leaving Features Out (20.09.2011), EmbeddedInAcademia, ideas for security testing?
• Computer virus hits US Predator and Reaper drone fleet (07.10.2011), arstechnica.com, evolution of cyberwar
• Detecting Defaced Websites with OSSEC (26.10.2011), blog.rootshell.be, extended intrusion detection
• Duqu – Stuxnet 2 (19.10.2011), f-secure.com, is it really Stuxnet 2?
• Exploiting Embedded Systems (21.10.2011), devttys0.com, great 3 part series
• Exploiting Powershell’s Features (Not Flaws) (18.10.2011), Matt, exploit-monday.com
• Facebook’s URL scanner is vulnerable to cloaking attacks (07.10.2011), IDGNS staff, itworld.com
• Father Of C And UNIX, Dennis Ritchie, Passes Away At Age 70 (13.10.2011), Techcrunch, exit(0); /* Exit successfully. RIP */
• Hard Lessons about Hacking and Proxy Services (23.09.2011), Jason Lackey, blogs.cisco.com
• How Security Companies Assign Names to Malware Specimens (26.10.2011), blog.zeltser.com, CARO and CME
• Infographic: Data Breaches, A Decade Of (15.10.2011), SecurityBloggersNetwork, the age of information security
• Interesting Authentication Bypass Vulnerabilities (30.09.2011), Dan Crowley, SpiderlabsAnterior
• ModSecurity Advanced Topic of the Week: Remote File Inclusion Attack Detection (30.09.2011), Ryan Barnett, SpiderlabsAnterior
• Next Generation Encryption (25.10.2011), David McGrew, blogs.cisco.com
• Non alphanumeric code in PHP (22.09.2011), Gareth Heyes, thespanner.co.uk
• On the Success of Malware (23.09.2011), Gunter Damballa, blog.damballa.com
• Possible Governmental Backdoor found (‘case R2D2’) (08.10.2011), f-secure.com
• Pragmatism of security by obscurity? (05.10.2011), securitycurve.com, what do you think?
• Remove Unused/Testing/Debug Software From Your Site (21.10.2011), SucuriSecurity, covered in OWASP-CM-006
• ‘Right-to-Left Override’ Aids Email Attacks (26.09.2011), BrianKrebs, KrebsOnSecurity
• Scientists break card that secures homes, offices, transit (10.10.2011), Dan Goodin, go.theregister.com
• Secret iOS business; what you don’t know about your apps (19.10.2011), TroyHunt, interesting insight
• Securing Mobile Data at the Application Layer (22.10.2011), Steven Fox, blogs.mcafee.com
• Security awareness (24.09.2011), blogs.securiteam.com
• Security Management 2.0: Making the Decision (13.09.2011), securosis.com
• Social engineering with unicode filenames (24.10.2011), blog.relentless-coding.org, nice howto
• The SSD dilemma (29.09.2011), isc.sans.edu
• timing-attack-checker (25.09.2011), pentestmonkey
• Who do CISOs report to? (05.10.2011), SecurityBloggersNetwork, interesting progress
• Who Else Was Hit by the RSA Attackers? (24.10.2011), BrianKrebs, KrebsOnSecurity
• Write to learn, learn to progress (04.10.2011), Martin McKeay, MartinMckeaysNetworkSecurityBlog

Marc Ruef | G+ (612 Wörter)

► 30.09.2011 – Blog Digest September 2011

• 10 Windows 7 commands every administrator should know (15.09.2011), Brien Posey, techrepublic.com
• 8 Reasons for Denial-of-Service (DoS) Attacks (28.09.2011), blog.zeltser.com
• 9 Convenient Lies in Information Security (09.09.2011), blog.zeltser.com
• Analyzing PDF Malware – Part 1 (23.09.2011), SpiderlabsAnterior, very good introduction
• APT – The Plain Hard Truth (23.09.2011), fasthorizon.blogspot.com, threat group evolution
• Better Random Testing by Leaving Features Out (20.09.2011), EmbeddedInAcademia, ideas for security testing?
• Circumventing malware detection (26.08.2011), norman.com
• Cultural CAPTCHAs (19.09.2011), Brian Krebs, KrebsOnSecurity
• Cultural Security: Promoting Security Policies Using Organizational Culture (06.09.2011), Steven Fox, blogs.mcafee.com
• Denial of Service (08.09.2011), book, deadliestwebattacks.com
• Diginotar declared bankrupt (20.09.2011), isc.sans.edu, bankruptcy of a CA for 1st time
• DNS hack hits popular websites: Daily Telegraph, The Register, UPS, etc (04.09.2011), Graham Cluley, GrahamCluleysBlog
• Dropping Executables with Powershell (15.09.2011), exploit-monday.com, similar approach like my Spread project
• Friends, Foes and Faceless Denizens – The Real Social Network (12.09.2011), Steven Fox, blogs.mcafee.com
• Hard Lessons about Hacking and Proxy Services (23.09.2011), Jason Lackey, blogs.cisco.com
• Is this really the ‘State of Security’? (03.09.2011), Martin McKeay, MartinMckeaysNetworkSecurityBlog
• Morto: Another reason to secure local user accounts (29.08.2011), community.rapid7.com, test if you’re vulnerable
• Non alphanumeric code in PHP (22.09.2011), Gareth Heyes, thespanner.co.uk
• On the Success of Malware (23.09.2011), Gunter Damballa, blog.damballa.com
• Post-Exploitation in Windows: From Local Admin To Domain Admin (efficiently) (11.09.2011), pentestmonkey
• Protecting against XSS (13.09.2011), Gareth Heyes, thespanner.co.uk
• Reverse shells one-liners (15.09.2011), BernardoDamele, via @ChrisJohnRiley
• ‘Right-to-Left Override’ Aids Email Attacks (26.09.2011), Brian Krebs, KrebsOnSecurity
• Security awareness (24.09.2011), blogs.securiteam.com
• SSL certificate impersonation -for shits and giggles! (04.09.2011), Chris John Riley, blog.c22.cc
• Suspected hackers arrested over Anonymous/LulzSec internet attacks (02.09.2011), Graham Cluley, GrahamCluleysBlog
• The Phantom Save (01.09.2011), FutilityCloset, same principle with infosec counter-measures?
• Timing-attack-checker (25.09.2011), pentestmonkey
• Twitter Social Networking Among Information Security People (12.09.2011), blog.zeltser.com
• Using QR tags to Attack SmartPhones (Attaging) (11.09.2011), KaoticoNeutral, not just for joking
• Who’s responsible for your online data? (14.09.2011), blog.eset.com, interesting survey
• Windows Remote Desktop Worm ‘Morto’ Spreading (12.09.2011), f-secure.com
• Writing Meterpreter Extensions (28.08.2011), scriptjunkie, scriptjunkie.us

Marc Ruef | G+ (555 Wörter)

► 29.08.2011 – Blog Digest August 2011

• 11 Security Tips for Online Social Networking (04.08.2011), blog.zeltser.com
• CIA (01.08.2011), xkcd.com
• Circumventing malware detection (26.08.2011), norman.com
• Digital Hit Men for Hire (01.08.2011), BrianKrebs, KrebsOnSecurity
• Educating Users to Prevent Phishing Attacks (21.08.2011), blog.securestate.com, useful suggestions
• FLAMING RETORT: Hacktivism, hacking and hackers – what do these words really mean? (09.08.2011), Paul Ducklin, GrahamCluleysBlog
• Fuzzing at scale (12.08.2011), Jay, GoogleOnlineSecurityBlog
• Gartner on Vulnerability Assessment (25.08.2011), Aviram, blogs.securiteam.com
• How Antivirus Vendors Describe Their Cloud Capabilities (17.08.2011), blog.zeltser.com
• How Did You Get to that Number? (13.08.2011), Brad Arkin, blogs.adobe.com
• How to find 0-day in browsers (15.08.2011), abazhanyuk.com, nice introduction
• How to find unwanted files on workstations (15.08.2011), isc.sans.edu
• Integrating Nessus with BackTrack 5’s Tools (04.08.2011), Paul Asadoorian, blog.tenablesecurity.com
• John The Ripper Hash Formats (06.08.2011), pentestmonkey
• Local Session Snooping in PHP (10.08.2011), Haxxorse, interesting proof-of-concept
• Logs – The Foundation of Good Security Monitoring (22.08.2011), isc.sans.edu
• Metasploit Framework 4.0 Released! (01.08.2011), egypt, metasploit
• Mitigation of Apache Range Header DoS Attack (24.08.2011), Ryan Barnett, SpiderlabsAnterior
• New Attack on AES (18.08.2011), schneier, schneier.com
• Password joke named funniest at Edinburgh Fringe (25.08.2011), Graham Cluley, GrahamCluleysBlog
• Password Strength (10.08.2011), xkcd.com, reality is funny and sad :)
• Penetration Testing in the Cloud (12.08.2011), Aaron Bryson, blogs.cisco.com
• Ping is Bad (Sometimes) (08.08.2011), isc.sans.edu
• Smartphone jiggles reveal your private data (17.08.2011), newscientist.com, interesting research
• Theoretical and Practical Password Entropy (10.08.2011), isc.sans.edu
• Validity of most-common-password lists (18.08.2011), Robert Graham, erratasec.blogspot.com
• Which Apps Are Authorized to Access Your Social Networking Accounts? (04.08.2011), blog.zeltser.com
• Writing Meterpreter Extensions (28.08.2011), scriptjunkie, scriptjunkie.us
• [RFC] Vulnerability library proposal (07.08.2011), seclists.org, based on our research at @scipag

Marc Ruef | G+ (502 Wörter)

► 29.07.2011 – Blog Digest Juli 2011

• 4 Reasons Why Security Assessment Recommendations Get Ignored (05.07.2011), blog.zeltser.com
• 4 Tips for a Strong Executive Summary of a Security Assessment Report (30.06.2011), blog.zeltser.com
• Abusing Password Resets (11.07.2011), cktricky, carnal0wnage.attackresearch.com
• AppLocker for Containing Windows Malware in the Enterprise (21.07.2011), blog.zeltser.com
• ASP.Net 4: Change the Default Encoder (12.07.2011), James Jardine, software-security.sans.org
• Bitcoin Security Architecture: A Brief Overview (13.07.2011), blogs.cisco.com, nice summary
• Clickjacking – the practice of deceptively directing a… (11.07.2011), blog.zeltser.com
• Detecting probes through client-side filtering (20.07.2011), Chris John Riley, blog.c22.cc
• FFIEC finally releases new Guidance on Internet Banking Authentication; Better Late than Never (29.06.2011), Avivah Litan, blogs.gartner.com
• Great Cipher, But Where Did You Get That Key? (05.07.2011), David McGrew, blogs.cisco.com
• HTML 5 – XSSQL attack (11.07.2011), very interesting approach
• Javascript Obfuscation in Metasploit (08.07.2011), Egypt, metasploit.com
• Meterpreter HTTP/HTTPS Communication (29.06.2011), H.D. Moore, rapid7.com
• ModSecurity Advanced Topic of the Week: Mitigating Slow HTTP DoS Attacks (13.07.2011), Ryan Barnett
• ModSecurity SQL Injection Challenge: Lessons Learned (26.07.2011), Ryan Barnett
• Penetration testing for the home computer user (13.07.2011), Lee Munson
• Plug mouse into the computer – be compromised (01.07.2011), norman.com
• Reflections Upon Deception and Protean Security Tactics (08.07.2011), blog.zeltser.com
• So You Want to Hash a Password… (01.07.2011), deadliestwebattacks.com, great summary
• Staying undetected post-exploitation (28.07.2011), Esteban, resources.infosecinstitute.com
• Take a bow everybody, the security industry really failed this time (27.06.2011), David Maynor, erratasec.blogspot.com
• The Changing Landscape of Malware for Mobile Devices (13.07.2011), blog.zeltser.com
• The Marriage of Legal and IT (18.07.2011), blogs.rsa.com, study where itsec is pushed
• The science of password selection (18.07.2011), extraordinary research
• USB Fuzzing for the Masses (15.07.2011), labs.mwrinfosecurity.com, great howto
• Using data to protect people from malware (20.07.2011)
• When Bots Use Social Media for Command and Control (28.06.2011), blog.zeltser.com
• When Does a Suspicious Event Qualify as a Security Incident? (28.06.2011), blog.zeltser.com

Marc Ruef | G+ (504 Wörter)

► 30.06.2011 – Blog Digest Juni 2011

• 6 Ideas for a Protean Information Security Architecture (13.06.2011), blog.zeltser.com, defense methodology
• 8 Strategic and Tactical Tips for Detecting a Website Compromise (16.06.2011), blog.zeltser.com
• A brief Sony password analysis (07.06.2011), good insight
• Comparing the PCI, CIS and FDCC Certification Standards (23.06.2011), blog.tenablesecurity.com, quick overview
• (ComputerSecurity) Conference Collecting (26.05.2011), blog.thinkst.com
• Dangerous whitespaces (09.06.2011), securelist.com, nice hiding approach
• Enterprise Security: the Ten Commandments (31.05.2011), David Harley, blog.eset.com
• FFIEC finally releases new Guidance on Internet Banking Authentication; Better Late than Never (29.06.2011), Avivah Litan, blogs.gartner.com
• Fundamental flaw in thinking: We’re responsible (09.06.2011), Martin McKeay
• Google Search By Image: Use A Snapshot As Your Search Query (14.06.2011), Jason Kincaid
• How to stop your Gmail account being hacked (02.06.2011), six good tips
• http-waf-detect – Script to detect WAF/IDS/IPS solutions (16.06.2011), seclists.org, elegant solution
• JSON Hijacking (30.05.2011), thespanner.co.uk, interesting approaches
• Meterpreter HTTP/HTTPS Communication (29.06.2011), H.D. Moore, rapid7.com
• Mobile Security – Users Just Don’t Care (21.06.2011), Tyler Shields, veracode.com
• Monitoring Social Media for Security References to Your Organization (26.05.2011), isc.sans.org
• Most Common iPhone Passcodes (13.06.2011), Daniel, amitay.us
• My Other Ride is Your Image Upload Script (13.06.2011), Dan Crowle
• New to Security? Get on Twitter (08.06.2011), Martin McKeay
• Nissan LEAF CARWINGS tells any RSS feed provider your current position, speed, direction, destination, etc. (13.06.2011), admin, seattlewireless.net
• Performance is a Feature (21.06.2011), codinghorror.com
• Recent Developments in Java Signed Applets (27.05.2011), egypt
• RSA finally comes clean: SecurID is compromised (07.06.2011), arstechnica.com, important development
• Say Hello To Linux 3.0; Linus Just Tagged 3.0-rc1 (30.05.2011), a new generation
• Shrinking vs. Slicing the Pie of Online and Computer Crime (31.05.2011), blog.zeltser.com
• Skype protocol reverse engineered, source available for download (02.06.2011), skype-open-source.blogspot.com, important research
• Take a bow everybody, the security industry really failed this time (27.06.2011), David Maynor, erratasec.blogspot.com
• The Critical Role of the Security Incident Response Coordinator (23.06.2011), blog.zeltser.com
• The Futility of Web Pen Testing (31.05.2011), deadliestwebattacks.com
• The Role of Rituals in Information Security (27.05.2011), blog.zeltser.com
• Trying to end mixed scripting vulnerabilities (16.06.2011), Chris Evans
• Trusting the Cloud (28.05.2011), Joanna, theinvisiblethings.blogspot.com
• USB Security Challenges (01.06.2011), Joanna, theinvisiblethings.blogspot.com
• vSploit – Virtualizing Intrusion & Exploitation Attributes with Metasploit Framework (20.06.2011), for IDS/IPS/log testing
• Web Application Firewalls with Mod Security (01.06.2011), resources.infosecinstitute.com, good headstart
• When Bots Use Social Media for Command and Control (28.06.2011), blog.zeltser.com
• When Does a Suspicious Event Qualify as a Security Incident? (28.06.2011), blog.zeltser.com
• Will the Real APT Please Stand Up? (17.06.2011), deadliestwebattacks.com
• Zones of Trust (13.06.2011)

Marc Ruef | G+ (679 Wörter)

► 27.05.2011 – Blog Digest Mai 2011

• 4 Reasons Why Computer Users Dread Installing Security Updates (19.05.2011), blog.zeltser.com
• A Brief History of Physical Memory Forensics (25.05.2011), Greg Hoglund, fasthorizon.blogspot.com
• Analyzing Malware Hollow Processes (16.05.2011), Eric Monti
• Android Security: 10 Tips and Settings (03.05.2011), Matt Mossman, resources.infosecinstitute.com
• Android Security: Take Control (12.05.2011), resources.infosecinstitute.com, good approaches
• A Spirited Peek into ViewState, Part I (13.05.2011), deadliestwebattacks.com, great insight
• Automated Vulnerability Disclosure with upSploit (11.05.2011), resources.infosecinstitute.com, useful idea
• Bug bounties vs. black (& grey) markets (25.05.2011), Chris, scarybeastsecurity.blogspot.com
• Checklists, software and software security (02.05.2011), Jim Bird, software-security.sans.org
• Comic for May 24, 2011 (24.05.2011), dilbert.com
• Complexity is killing us (14.05.2011), blogs.securiteam.com
• (ComputerSecurity) Conference Collecting (26.05.2011), blog.thinkst.com
• Creepy, the Geolocation Information Aggregator (25.05.2011), Yiannis Kakavas, resources.infosecinstitute.com
• Dropbox Lied to Users About Data Security, Complaint to FTC Alleges (13.05.2011), Ryan Singel, wired.com
• False Positives – The Dirty Secret of the Web Security Scanning Industry (24.05.2011), Ferruh Mavituna
• HitB2011AMS: A Real-Life Study of What Really Breaks SSL (20.05.2011), cupfighter.net, good summary
• How Big is Big? Some Botnet Statistics (23.05.2011), admin
• How Web Security Will Change With HTML5 (30.04.2011), mashable.com, quick summary
• IIS 7 Header Block Module – Released (13.05.2011), seclists.org, important extension
• Make noise and whisper: a solution to relay attacks (09.05.2011), lightbluetouchpaper.org, interesting approach
• Market Segmentation in Computer Attacks (29.04.2011), interesting analysis
• Metasploit Framework 3.7.0 Released! (03.05.2011), egypt
• Microsoft EMET (30.04.2011), darkoperator.com, immediate mitigations
• Monitoring Social Media for Security References to Your Organization, (Wed, May 25th) (26.05.2011), isc.sans.org
• More on Google image poisoning, (Wed, May 4th) (04.05.2011), isc.sans.org
• Plugin Spotlights: New Nessus OS Identification Plugins (29.04.2011), blog.tenablesecurity.com, HNAP, AFP and UPnP
• Selective attack with a rogue GSM/GPRS base station (05.05.2011), technical insight
• Survey finds users re-evaluating two-factor authentication options (30.04.2011), pheedcontent.com, 44% are re-evaluating
• The App-oriented UI Model and its Security Implications (21.05.2011), noreply@blogger.com (joanna), theinvisiblethings.blogspot.com
• The Death of Web Scanners (05.05.2011), book, deadliestwebattacks.com
• The OWASP Mobile Top 10 Risks for iOS Developers (24.05.2011), jeremy.allen, intrepidusgroup.com
• The RTLO unicode hole – sequence manipulation as an attack vector (13.05.2011), norman.com, very nice approach
• The Worst Information Security Advice Ever (05.05.2011), blog.zeltser.com, nice idea
• Unicode Visual Spoofing for Good: Confusable CAPTCHAs (10.05.2011), Ryan Barnett,
• What I need from pen test reports. (23.05.2011), SiteOwner
• Who’s to Secure Cloud: Vendor or User? (29.04.2011), cost savings over security

Marc Ruef | G+ (641 Wörter)

► 29.04.2011 – Blog Digest April 2011

• Anatomy of an Attack (02.04.2011), blogs.rsa.com, attack vector disclosed
• Anatomy of a Twitter worm (Profile Spy) (04.04.2011), Robert Graham, erratasec.blogspot.com
• Are Megabreaches Out? E-Thefts Downsized in 2010 (19.04.2011), dataloss measuring is not easy
• Cloud Computing: 5 Topics for the Boss (20.04.2011), high-level summary of requirements
• Covert hard drive fragmentation embeds a spy’s secrets (25.04.2011), newscientist.com, clever steganography
• CSRF and Beyond (26.04.2011), deadliestwebattacks.com, very nice summary
• Detecting Cheaters (07.04.2011), schneier, schneier.com
• Filejacking: How to make a file server from your browser (with HTML5 of course) (15.04.2011), interesting approach
• Finding Security Vulnerabilities in PHP Using Grep (29.03.2011), rdewhurst, resources.infosecinstitute.com
• Introducing the Cisco IOS Software Checker (26.04.2011), blogs.cisco.com, quick identification possible
• iPhone Security: 10 Tips and Settings (28.03.2011), resources.infosecinstitute.com, nice check list
• IPv6 Security Testing (22.04.2011), Earl Carter, blogs.cisco.com
• Is APT really about the person and not the malware? (19.04.2011), fasthorizon.blogspot.com, professional attacks require professional countermeasures
• Keystroke loggers now available for iOS? (08.04.2011), Chester Wisniewski
• Making sense of RSA ACE server audit logs (29.03.2011), isc.sans.org
• Microsoft Builds Legal Weapon to Take Apart Botnets (12.04.2011), threatpost.com, times have changed
• Microsoft’s ‘Coordinated Vulnerability Disclosure’ (21.04.2011), Robert Graham, erratasec.blogspot.com
• Mobile Apps Invading Your Privacy (06.04.2011), Tyler Shields, veracode.com
• ModSecurity Advanced Topic of the Week: Integrating IDS Signatures (21.04.2011), Ryan Barnett
• Pros and Cons of ‘Secure’ Wi-Fi Access (10.04.2011), isc.sans.org
• ‘Schneier’s Law’ (15.04.2011), schneier.com, true for all security systems
• Securing IPv6 (07.04.2011), Earl Carter, blogs.cisco.com
• Software Bugs and Scientific Progress (29.03.2011), possible categorization
• SSL and the Future of Authenticity (12.04.2011), threatpost.com
• TDSS part 1: The x64 Dollar Question (19.04.2011), resources.infosecinstitute.com, very detailed analysis
• Value Loss Coverage (20.04.2011), an underrated risk
• VirusTotal plugin for IDA Pro (22.04.2011), hexblog.com, great feature
• Whitehats pierce giant hole in Microsoft security shield (19.04.2011), go.theregister.com, bypassing heap protection

Marc Ruef | G+ (527 Wörter)

► 31.03.2011 – Blog Digest März 2011

• 2010 Defacements Statistics: Almost 1,5 million websites defaced, what it is happening? (01.03.2011), zone-h.org
• 20 years of innovative Windows malware (01.03.2011), infoworld.com
• Announcing the Unstable Module Tree (20.03.2011), hdm
• Application Security Debt and Application Interest Rates (25.02.2011), Chris Wysopal, veracode.com
• APT – There.. I Said It. (24.03.2011), Paul Asadoorian, blog.tenablesecurity.com
• Botnet Reputation and Content Scanning in Nessus (16.03.2011), blog.tenablesecurity.com
• Cryptographic Algorithm Transitions (2010-2011) (24.03.2011), Panos Kampanakis, blogs.cisco.com
• data loss prevention: a red herring (19.03.2011), blackcatsandsmokeandmirrors.blogspot.com
• Debugging Fundamentals for Exploit Development (28.02.2011), Bradshaw Stephen, resources.infosecinstitute.com
• Defining Penetration Testing (04.03.2011), iamit, iamit.org
• Hacking crappy password resets (part 1) (09.03.2011), Ron Bowes, skullsecurity.org
• HD Moore Reveals His Process for Security Research (22.03.2011), Jack Koziol, resources.infosecinstitute.com
• Identifying the Mobile Security Stack (24.03.2011), Tyler Shields, veracode.com
• iPhone Security: 10 Tips and Settings (28.03.2011), resources.infosecinstitute.com
• Least Priviledge in Windows (21.03.2011), Roger, infosecblog.org
• Making sense of RSA ACE server audit logs, (Tue, Mar 29th) (29.03.2011), isc.sans.org
• Metasploit Framework 3.6.0 Released! (07.03.2011)
• Nmap? In my Metasploit? It’s more likely than you’d think! (15.03.2011), todb
• Partitioning my digital life into security domains (13.03.2011), theinvisiblethings.blogspot.com
• Pwn2own considered (somewhat) harmful (12.03.2011), Michal Zalewski, lcamtuf.blogspot.com
• Risk management: what do it mean? (22.03.2011), erratasec.blogspot.com
• RSA Clients Manage Risks (23.03.2011)
• Security and efficiency (27.02.2011), blogs.securiteam.com
• Security firm RSA warns that its servers have been hacked (18.03.2011)
• Software Bugs and Scientific Progress (29.03.2011)
• SpyEye, ZeuS Users Target Tracker Sites (09.03.2011), Brian Krebs
• Stack Based Buffer Overflow Tutorial, part 1 – Introduction (09.03.2011), Bradshaw Stephen, resources.infosecinstitute.com
• Standards for Penetration Testing (18.03.2011), tmiltner, resources.infosecinstitute.com
• Stop Building HTML on the Server (24.03.2011), book, deadliestwebattacks.com
• Study: Breaches Cost $214 Per Record (09.03.2011)
• the most important infosec component (12.03.2011), Mimi Herrmann, blogs.securiteam.com
• Time Line of Major Global Cyber Incidents 2010-2011 (19.03.2011)
• Warning: OBJECT and EMBED are inherently unsafe (07.03.2011), lcamtuf.blogspot.com
• Why Multifactor Authentication Fails (15.03.2011)
• Windows Security Center: Under the Hood (21.03.2011), blog.didierstevens.com

Marc Ruef | G+ (550 Wörter)

► 25.02.2011 – Blog Digest Februar 2011

• Analysis of MBR File System Infector (17.02.2011), f-secure.com
• Analyzing the Compromise – without Going Hungry (21.02.2011), blog.tenablesecurity.com
• Apple iOS Push Notifications: Security Implications, Abuse Scenarios, and Countermeasures (07.02.2011), SANS Institute, blogs.sans.org
• Are you sure SHA-1+salt is enough for passwords? (09.02.2011), f-secure.com
• Blog Post: Breaking up the Romance between Malware and Autorun (09.02.2011), blogs.technet.com
• Browser plugins and security considerations (11.02.2011), Julien Sobrier
• Comic for February 15, 2011 (15.02.2011), dilbert.com
• Controlling the Flow of Information in the 21st Century (08.02.2011), blogs.cisco.com
• Don’t Sacrifice Security on Mobile Devices (22.01.2011), chris, eff.org
• Educating users on the safe use of whole device encryption (29.01.2011), Chester Wisniewski
• Ethics of password cracking/dissemination (24.01.2011), skullsecurity.org
• Feature: Anonymous speaks: the inside story of the HBGary hack (16.02.2011), arstechnica.com
• Feature: Black ops: how HBGary wrote backdoors for the government (19.02.2011), arstechnica.com
• Five Key Design Decisions That Affect Security in Web Applications (10.02.2011), rohitsethi, blogs.sans.org
• How To Outrun A Lion? (17.02.2011), ctrl-alt-del.cc
• HTTP headers fun, (Tue, Feb 15th) (16.02.2011), isc.sans.org
• Ignore the OWASP Top 10 in Favor of Mike’s Top 10 (19.02.2011), deadliestwebattacks.com
• IPv6 Myths (18.02.2011), Earl Carter, blogs.cisco.com
• Kaspersky Antivirus Source code leak (KAV 8 2009) (30.01.2011), unremote.org
• Measuring password re-use empirically (09.02.2011), Joseph Bonneau, lightbluetouchpaper.org
• ModSecurity Advanced Topic of the Week: Passive Vulnerability Scanning Part 1 – OSVDB Checks (23.02.2011), Ryan Barnett
• ModSecurity Advanced Topic of the Week: Real-time Application Profiling (18.02.2011)
• Old programming habits die hard (08.02.2011), Nate Lawson, rdist.root.org
• Probabilities in Random Testing (10.02.2011), regehr
• Shmoocon 2011: Defeating mTANs for profit (29.01.2011), ChrisJohnRiley, blog.c22.cc
• Shmoocon 2011: Printer to Pwnd (29.01.2011), Chris John Riley, blog.c22.cc
• Should Software Evolve? (15.02.2011)
• Societal Security (15.02.2011), schneier.com
• Some common Infosec job roles and related certifications (08.02.2011), resources.infosecinstitute.com
• SSDs prove difficult to securely erase (20.02.2011)
• Stop Exposing Yourself! (08.02.2011), blogs.adobe.com
• The Dead Giveaways of VM-Aware Malware (28.01.2011), Atif Mushtaq
• The Lure of Notoriety for Information Security Experts (23.02.2011), blog.zeltser.com
• The Piano Test for Program Verification (27.01.2011), regehr
• To Improve Mobile Security, Policies Will Need to Change (23.02.2011), blogs.mcafee.com
• Who Verifies the Verifiers? (01.02.2011), regehr
• Why Physical (Network) Security is Important? (18.02.2011), blog.rootshell.be
• Your guide to the seven types of malicious hackers (08.02.2011), Roger A. Grimes, infoworld.com

Marc Ruef | G+ (640 Wörter)

► 27.01.2011 – Blog Digest Januar 2011

• Android Trojan captures credit card details (20.01.2011), thinq.co.uk
• Bot attacks Linux and Mac but can’t lock down its booty (21.01.2011), theregister.com
• Comic for January 7, 2011 (07.01.2011), dilbert.com
• CSP, HTML5, and the aesthetics of security (22.01.2011), Michal Zalewski, lcamtuf.blogspot.com
• Detecting Malice with ModSecurity: CSRF Attacks (11.01.2011), Ryan Barnett, blog.spiderlabs.com
• Don’t Sacrifice Security on Mobile Devices (22.01.2011), chris, eff.org
• Ethics of password cracking/dissemination (24.01.2011), skullsecurity.org
• Faces of Fraud 2011: Beware Cross-Channel Threats (06.01.2011)
• How Good Does The Writing Need To Be? (18.01.2011), regehr
• How Not to Store Passwords in iOS (07.01.2011), blogs.sans.org
• Israeli Test on Worm Called Crucial in Iran Nuclear Delay (16.01.2011), nytimes.com
• January 2011: The Definitive Facebook Lockdown Guide (07.01.2011), zdnet.com
• Mobile Device Security and Android File Disclosure (19.01.2011)
• Mobile Device Users More Susceptible to Phishing Scams (06.01.2011), threatpost.com
• Nessus: Mythbusters Edition (20.01.2011), Paul Asadoorian, blog.tenablesecurity.com
• Penetration Testing Rapidly Becoming Obsolete (30.12.2010), carnal0wnage.attackresearch.com
• Security Awareness Through Proverbs (14.01.2011), blog.rootshell.be
• ‘SMS of Death’ Attacks Can Crash the Simplest of Phones (30.12.2010), Christopher Brook, threatpost.com
• Targeted attacks – going beyond the technicalities (12.01.2011), Iftach Ian Amit
• The Application Security Spending Conundrum (12.01.2011)
• The Future of Software System Correctness (10.01.2011)
• The Synergy Between Delta Debugging and Compiler Optimization (20.01.2011), regehr
• Tunisia Tracks Users with JavaScript Injection? (13.01.2011), blog.rootshell.be
• Unspecified vulnerabilities (29.12.2010)
• What are Heuristics? (30.12.2010), Aryeh Goretsky, blog.eset.com
• What’s in Your iOS Image Cache? (14.01.2011), blogs.sans.org
• WikiLeaks cable dump reveals flaws of State Department’s information-sharing tool (04.01.2011), washingtonpost.com

Marc Ruef | G+ (456 Wörter)

► 30.12.2010 – Blog Digest Dezember 2010

• 12 programming mistakes to avoid (07.12.2010), infoworld.com
• 25 Best AWK Commands / Tricks (27.11.2010), blog.urfix.com
• A Call To Arms For Enterprise Mobile Security (23.11.2010), blogs.forbes.com
• Advanced Topic of the Week: Handling Authorized Scanning Traffic (22.12.2010), blog.spiderlabs.com
• Apple Mac malware: A short history (24.11.2010)
• A short history of Christmas malware (15.12.2010)
• Breaking HTML parsers for fun (25.11.2010), thespanner.co.uk
• Chinese Antivirus Companies Create the Viruses They Kill (20.12.2010), theepochtimes.com
• CSO: Designing A Pragmatic Pen Testing Program (20.11.2010), blog.coresecurity.com
• d0z.me: The Evil URL Shortener (21.12.2010), spareclockcycles.org
• DSA requirements for random k value (20.11.2010), rdist.root.org
• Evaluating Protected Mode in Internet Explorer (03.12.2010), Technocrat
• Final post on Javascript crypto (29.11.2010), rdist.root.org
• How to Fool a Security Researcher (08.12.2010), blog.eset.com
• If an exploit falls in the forest, does anyone hear it being patched? (08.12.2010), blog.tenablesecurity.com
• Internet Explorer 9 ad blocking via ‘Tracing Protection’ — no means yes. (08.12.2010)
• Iptables Logs Mapping on GoogleMaps (16.12.2010), blog.rootshell.be
• Is iPhone identifiable on WiFi network? (30.11.2010), erratasec.blogspot.com
• Low share of enterprises affected by ICT security incidents in 2009 (13.12.2010), epp.eurostat.ec.europa.eu
• Malware Persistence in the Cloud (13.12.2010), Greg Hoglund, fasthorizon.blogspot.com
• Mobile App Top 10 List (13.12.2010), Chris Wysopal, veracode.com
• ModSecurity Advanced Topic of the Week: Mitigating Slow HTTP DoS Attacks (24.11.2010), blog.spiderlabs.com
• New Windows zero-day flaw bypasses UAC (25.11.2010), google.com
• On the effectiveness of DEP and ASLR (09.12.2010), blogs.technet.com
• Security conferences: Why go? (22.12.2010), blogs.csoonline.com
• Security in 2020 (16.12.2010), Bruce Schneier, schneier.com
• Slow CPU equals malware defense? (24.11.2010), f-secure.com
• The Big Easy (01.12.2010), blog.rapid7.com
• The Internet Goes to War (14.12.2010), asert.arbornetworks.com
• The top 50 passwords you should never use (15.12.2010)
• Tips for Submitting a Security Conference Proposal (22.12.2010)
• Understanding and using skipfish (22.11.2010), lcamtuf.blogspot.com
• Updated: Antivirus firms ‘short-changing’ customers (03.12.2010), pcpro.co.uk
• Using password cracking as metric/indicator for the organisation’s security posture (26.11.2010), isc.sans.org
• Visualizing TCP (13.12.2010), research.swtch.com
• What’s Left? (02.12.2010), ha.ckers.org
• Why Assange and WikiLeaks have won this round (09.12.2010), Ian Welsh, crooksandliars.com
• Why Speed & Frequency of Software Security Testing Matter, A LOT (17.12.2010)
• Wikileaks, security research and policy (08.12.2010), lightbluetouchpaper.org
• Windows Phone 7 unlocker released (26.11.2010), chevronwp7.com

Marc Ruef | G+ (620 Wörter)

► 26.11.2010 – Blog Digest November 2010

• 99 problems, but root ain’t one! (31.10.2010), blog.c22.cc
• A Call To Arms For Enterprise Mobile Security (23.11.2010), blogs.forbes.com
• Apple Mac malware: A short history (24.11.2010)
• Changing Passwords (11.11.2010), Bruce Schneier, schneier.com
• Cloud, meet Rainbow (29.10.2010), mozillalabs.com
• Cracking Passwords In The Cloud: Amazon’s New EC2 GPU Instances (16.11.2010), stacksmashing.net
• Crowdsourcing Surveillance (09.11.2010), Bruce Schneier, schneier.com
• CSO: Designing A Pragmatic Pen Testing Program (20.11.2010), blog.coresecurity.com
• Dilbert Comic for November 7, 2010 (07.11.2010), dilbert.com
• DSA requirements for random k value (20.11.2010), rdist.root.org
• Hosting backdoors in hardware (31.10.2010), blog.ksplice.com
• Inside Adobe Reader Protected Mode – Part 4 – The Challenge of Sandboxing (19.11.2010), blogs.adobe.com
• Is BGP the Next Threat on Internet? (19.11.2010), blog.rootshell.be
• Metasploit module : HTTP Form field fuzzer (13.11.2010), corelan.be
• ModSecurity Advanced Topic of the Week: Mitigating Slow HTTP DoS Attacks (24.11.2010), blog.spiderlabs.com
• New Windows zero-day flaw bypasses UAC (25.11.2010), google.com
• Online services security report card (03.11.2010), digitalsociety.org
• OS Identification : SSL Certificates (11.11.2010), scip.ch
• Password Auditing With a Password Filter (15.11.2010), blog.didierstevens.com
• Searching for Sensitive Data Using URL Shorteners (12.11.2010), blog.rootshell.be
• Security concerns make 1 in 3 users avoid online banking (12.11.2010)
• Slow CPU equals malware defense? (24.11.2010), f-secure.com
• Sophos: the early years (04.11.2010), google.com
• Spammers get creative: spoofing email from social networking sites and using visual tricks (29.10.2010), symantec.com
• Statistics Don’t Lie – Or Do They? (03.11.2010), blog.tllod.com
• Stuxnet: A Breakthrough (13.11.2010), symantec.com
• Real World Security Professional (RWSP) Certification (19.11.2010), professionalsecuritytesters.org
• Understanding and using skipfish (22.11.2010), lcamtuf.blogspot.com
• Updated iPhone Forensics white paper released (17.11.2010), viaforensics.com
• What Do You Investigate First? (31.10.2010), taosecurity.blogspot.com
• Why Counting Flaws is Flawed (18.11.2010)

Marc Ruef | G+ (466 Wörter)

► 29.10.2010 – Blog Digest Oktober 2010

• Advanced Topic of the Week: Request Header Tagging (20.10.2010), Ryan Barnett, blog.modsecurity.org
• Attack of the monster frames (a mini-retrospective) (15.10.2010), Michal Zalewski, lcamtuf.blogspot.com
• Computational science: ...Error (13.10.2010), nature.com
• Cyber Security Awareness Month – Day 19 – VPN Architectures – SSL or IPSec?, (Tue, Oct 19th) (19.10.2010), isc.sans.org
• Detecting Malice with ModSecurity: GeoLocation Data (28.10.2010), blog.modsecurity.org
• Determining variable ranges (Part I) (15.10.2010), seanhn, seanhn.wordpress.com
• Employee browsing habits: the good, the bad, and the ugly (21.10.2010), symantec.com
• English Research Page About SuisseID & nPA is available (30.09.2010), Max Moser, remote-exploit.org
• Exploit Hub Aims to be iTunes for Exploits (14.10.2010), Paul Roberts, threatpost.com
• Global Web 2.0 Report Released (28.09.2010), Toralv Dirro, google.com
• IDS rule idea (30.09.2010), Matt, attackvector.org
• Implementing Active Lists in OSSEC (25.10.2010), blog.rootshell.be
• Inside Adobe Reader Protected Mode – Part 1 – Design (06.10.2010), Kyle Randolph, blogs.adobe.com
• iPhone Spy Tool Available For Sale in Cydia Store (22.10.2010), f-secure.com
• Is Facebook’s one-time password system safe? (13.10.2010), Graham Cluley, Sophos, sophos.com
• IVIL : An XML schema to exchange vulnerability information (18.10.2010), Frank Breedijk, cupfighter.net
• Nessus Reaches Plugin 50000 (21.10.2010), Paul Asadoorian, blog.tenablesecurity.com
• New Nessus Feature: Public Exploit Availability (01.10.2010), Paul Asadoorian, blog.tenablesecurity.com
• New Password Not Enough to Secure Hacked E-mail Account (04.10.2010), threatpost.com
• New Signals in Search: The Bing Social Layer (13.10.2010), bingteam, bing.com
• Peering Into the Storm Worm (01.10.2010), Chintan Shah, google.com
• Phishing eBanking Credentials Using Web-Proxies (14.10.2010), admin, google.com
• Protect Your Applications Using EMET (17.10.2010), Xavier, blog.rootshell.be
• Real time Google Hacking (09.10.2010), Mark Baggett, pauldotcom.com
• Reported Attack Site! – Security Tool’s Latest Trick (20.10.2010), f-secure.com
• Secret Button Sequence Bypasses iPhone Security (26.10.2010), wired.com
• Soft Hyphen – A New URL Obfuscation Technique (06.10.2010), Samir Patil, symantec.com
• Stuxnet (07.10.2010), schneier, schneier.com
• Stuxnet Questions and Answers (13.10.2010), f-secure.com
• Survey Reveals How Stupid People are With Their Passwords (12.10.2010), Mike Lennon, google.com
• Taking a Look at W32/Ramnit (05.10.2010), Guilherme Venere, google.com
• The Smart Card Detective: a hand-held EMV interceptor (19.10.2010), Omar Choudary, lightbluetouchpaper.org
• Voice-routing call fingerprint system fights ‘vishing’ (06.10.2010), go.theregister.com
• Whitepaper: GPU-Assisted Malware (28.09.2010), Technocrat, google.com
• You can no longer rely on encryption to protect a BlackBerry (01.10.2010), InfoWorld Tech Watch, infoworld.com

Marc Ruef | G+ (608 Wörter)

► 30.09.2010 – Blog Digest September 2010

• Apple’s secret ‘wispr’ request (07.09.2010), Robert Graham, erratasec.blogspot.com
• Automated Padding Oracle Attacks with PadBuster (14.09.2010), Brian Holyfield
• Cell Phones Powered by Conversation? (13.09.2010), Eric Bland
• Consumerization and Corporate IT Security (07.09.2010), schneier, schneier.com
• Exploring Stuxnet’s PLC Infection Process (22.09.2010), Nicolas Falliere, symantec.com
• Feature: Compromising Twitter’s OAuth security system (02.09.2010), segphault@arstechnica.com (Ryan Paul), arstechnica.com
• Hackers blind quantum cryptographers (29.08.2010), nature.com
• How dangerous is image file metadata? (15.09.2010), The Assurer, TheAssurer.com
• Iceberg – Dead Ahead (30.08.2010), admin, mocana.com
• Implementing two Factor Authentication on the Cheap, (Tue, Sep 21st) (21.09.2010), isc.sans.org
• Integrity Levels and DLL Injection (07.09.2010), Didier Stevens, blog.didierstevens.com
• Is that Bill Gates staring back at you from Outlook 2010? (24.09.2010), peter.bright@arstechnica.com (Peter Bright), arstechnica.com
• IT Security Workers Are Most Gullible of All: Study (02.09.2010), redir.internet.com
• Making Penetration Testers Lives Awful (09.09.2010), Paul Asadoorian, blog.tenablesecurity.com
• Malware Analysis and Response Step by Step Decision Tree (17.09.2010), Netrunner, symantec.com
• Not every elliptic curve is the same: trough on ECC security (26.09.2010), naif, infosecurity.ch
• ‘Padding Oracle’ Crypto Attack Affects Millions of ASP.NET Apps (13.09.2010), Dennis Fisher, threatpost.com
• Prior Knowledge Of User’s Cert Warning Behavior (02.09.2010), RSnake, ha.ckers.org
• Product management and organization (12.09.2010), naif, infosecurity.ch
• Researcher Claims ‘Evercookie’ Can’t Be Removed (22.09.2010), Paul Roberts, threatpost.com
• Security issues on Android (19.09.2010), Avira GmbH, techblog.avira.com
• Setting a Bad Example: How Not To Validate User Input (20.09.2010), Dan Crowley, blog.coresecurity.com
• SIP / VoIP Firewall: Differencies between Telephony and Security world (24.09.2010), naif, infosecurity.ch
• Spammers Introduce New Email Internet Headers (06.09.2010), Suyog Sainkar, symantec.com
• Static Analysis Fatigue (01.09.2010), regehr, blog.regehr.org
• The brain speaks: Scientists decode words from brain signals (07.09.2010), physorg.com
• The Effect of Snakeoil Security (04.09.2010), RSnake, ha.ckers.org
• The names and faces behind the ‘onMouseOver’ Twitter worm attack (22.09.2010), Graham Cluley, Sophos, sophos.com
• Thoughts on ‘Cyber Weapons’ (22.09.2010), Richard Bejtlich, taosecurity.blogspot.com
• Website Security Statistics Report (2010) – Industry Bechmarks (23.09.2010), Jeremiah Grossman
• What to do if your Facebook profile has been hacked (09.09.2010), spinman, thesecuritypub.com
• Why do you spend time verifying vulnerability reports? (08.09.2010), secunia.com
• Why Not Mix Signed and Unsigned Values in C/C++? (15.09.2010), regehr

Marc Ruef | G+ (575 Wörter)

► 27.08.2010 – Blog Digest August 2010

• 15 Great Ways to Secure Your Website (17.08.2010), Justin Stravarius, web.appstorm.net
• Access Controls for Network Infrastructure, (Thu, Aug 5th) (06.08.2010), isc.sans.org
• Analysis of using CPE for Nmap OS signatures (07.08.2010), seclists.org
• Anti-virus Products Mostly Ignore Windows Security Features (03.08.2010), Brian Krebs
• Blog Post: Painting by Numbers (09.08.2010), mmpc, blogs.technet.com
• Citi iPhone banking app contains security flaw (27.07.2010), Graham Cluley, Sophos, sophos.com
• Corporate Identity Theft Used to Obtain Code Signing Certificate (25.08.2010), f-secure.com
• Details of 100 million Facebook users were already exposed on the net (29.07.2010), Graham Cluley, Sophos, sophos.com
• How large is a piece of Malware? (27.07.2010), Robert, SophosLabs CA, sophos.com
• How Secure Is A Password? (11.08.2010), Martin, ghacks.net
• How to Hire a Hacker (16.08.2010), Stefan Friedli, stfn.ch
• Image Spam (16.08.2010), Marissa Vicario, symantec.com
• Intel Should Not Consummate McAfee Acquisition (19.08.2010), Richard Stiennon, blogs.forbes.com
• It’s not what you write, but the words you use (19.08.2010), Fraser Howard, SophosLabs UK, sophos.com
• JailbreakMe: Security warning for iPhone and iPad owners (04.08.2010), Graham Cluley, Sophos, sophos.com
• Linux distribution popularity trends plotted (20.08.2010), LinuxTrends, linuxtrends.com
• Nmap favicon visualization (17.08.2010), seclists.org
• Passwords in the wild, part I: the gap between theory and implementation (27.07.2010), Joseph Bonneau, lightbluetouchpaper.org
• Playing in the Chrome Sandbox (13.08.2010), google.com
• Potential Evasion Where IPS Fails to Validate TCP Checksums (31.07.2010), Judy Novak, packetstan.com
• Redesigning the Credential Cracking Strategy (18.08.2010), todb
• Return of the Facebook Snatchers (27.07.2010), Ron Bowes, skullsecurity.org
• Russia’s FSB Receives Decrypted BlackBerry Messages From Mobile TeleSystems (16.08.2010), Jeffrey Carr, blogs.forbes.com
• Security Analysis of Smudges on Smart Phone Touch Screens (12.08.2010), Bruce Schneier, schneier.com
• Snooping on Dot Matrix Printers (14.08.2010), Moonraker069
• Technical Analysis on iPhone Jailbreaking (06.08.2010), Matt Oh, community.websense.com
• The Nine Circles of Responsible Vulnerability Disclosure Hell (23.08.2010), Stefan, stfn.ch
• Trends in Malware and Phishing (25.08.2010), Avira GmbH, techblog.avira.com
• Trojan horse suspected of contributing to 2008 Madrid aircrash (20.08.2010), Graham Cluley, Sophos, sophos.com
• UAE to Ban BlackBerrys (03.08.2010), schneier, schneier.com
• UAE to block the Blackberry? (01.08.2010), Mike Halsey, ghacks.net
• W32.Changeup: Visual Basic Polymorphic Code Uncovered (28.07.2010), Takayoshi Nakayama, symantec.com
• Who is Writing the Viruses? (04.08.2010), Randy Abrams, blog.eset.com
• Windows LAN Addressing Validation (and a Scapy lesson) (16.08.2010), Joshua Wright, packetstan.com
• Wordle: Words Used by Major Spam Sending Botnets (30.07.2010), Marissa Vicario, symantec.com
• Zurich Insurance slammed with 2.28 million fine for losing customer data (24.08.2010), Graham Cluley, Sophos, sophos.com

Marc Ruef | G+ (636 Wörter)

► 30.07.2010 – Blog Digest Juli 2010

• 10 Devices Attackers May Think About Attacking (21.07.2010), Paul Asadoorian, blog.tenablesecurity.com
• CAPTCHAs – breaking into the shadow economy (15.07.2010), MarissaVicario, symantec.com
• Citi iPhone banking app contains security flaw (27.07.2010), Graham Cluley, Sophos, sophos.com
• Data at Rest vs. Data in Motion (30.06.2010), Bruce Schneier, schneier.com
• DEP / ASLR Neglected in Popular Programs (03.07.2010), secunia.com
• Do you reuse your passwords? (26.07.2010), f-secure.com
• How large is a piece of Malware? (27.07.2010), Robert, SophosLabs CA, sophos.com
• Introducing Adobe Reader Protected Mode (20.07.2010), Brad Arkin, blogs.adobe.com
• Linux 2.4/2.6 Kernel Off-by-one TCP Timestamp Issue and Potential IDS/IPS Evasion (14.07.2010), Judy Novak, packetstan.com
• Metasploit’s New GUI (15.07.2010), Carlos Perez, pauldotcom.com
• Out of Office (30.06.2010), Roger, google.com
• Passwords in the wild, part I: the gap between theory and implementation (27.07.2010), Joseph Bonneau, lightbluetouchpaper.org
• Plugin Highlight – Web Application Tests : Load Estimation (ID 33817) (26.07.2010), Paul Davis, blog.tenablesecurity.com
• Rebooting Responsible Disclosure: a focus on protecting end users (20.07.2010), Jay, google.com
• Return of the Facebook Snatchers (27.07.2010), Ron Bowes, skullsecurity.org
• Snake-oil security claims on crypto security product (19.07.2010), naif, infosecurity.ch
• Social Engineering and Body Language (26.07.2010), xyberpix, blogs.securiteam.com
• The Threat of Cyberwar Has Been Grossly Exaggerated (07.07.2010), Bruce Schneier, schneier.com
• The War That We Don’t Recognize Is The War We Lose (13.07.2010), Jeffrey Carr, blogs.forbes.com
• UTwitter: your secret spy? (17.07.2010), Francisco Amato, blog.infobytesec.com
• W32.Changeup: Visual Basic Polymorphic Code Uncovered (28.07.2010), Takayoshi Nakayama, symantec.com
• Why Is Free Vuln Disclosure so Damn Difficult? (29.06.2010), Aviram, blogs.securiteam.com
• Why Steal Digital Certificates? (23.07.2010), Randy Abrams, blog.eset.com
• Writing Fuzzable Code (07.07.2010), sdl, blogs.msdn.com
• Youtube Adds HTML5 Embedding To Videos (25.07.2010), Martin, ghacks.net
• HTML5, Local Storage, and XSS (13.07.2010), ShadowHider, hi.baidu.com

Marc Ruef | G+ (462 Wörter)

► 25.06.2010 – Blog Digest Juni 2010

• 1 in 10 IT pros cheat on an IT audit (08.06.2010), Help Net Security News
• Anatomy of a Symbian Malware (22.06.2010), Donato Ferrante, sophos.com
• anti-waf-software-security-only-zealotry (17.06.2010), Jeremiah Grossman, google.com
• Are Comparative Tests of AV Products Useful? (16.06.2010), Igor Muttik, google.com
• A Zero-day Connection (15.06.2010), Security Intel Analysis Team, symantec.com
• Cyberwar is fiction (08.06.2010), Robert Graham, Errata Security, erratasec.blogspot.com
• Delete Data On SSD Permanently (20.06.2010), Martin, ghacks.net
• Don’t click on ‘Paramore n-a-k-ed photo leaked!’ Facebook link (02.06.2010), Graham Cluley, Sophos, sophos.com
• Full Disclosure for Attacker Tools (21.06.2010), Richard Bejtlich, taosecurity.blogspot.com
• Google top 1000 sites: Interesting stats about them (03.06.2010), Sucuri Security, sucuri.net
• Hiring Hackers (10.06.2010), schneier, schneier.com
• Invasion of Privacy. The Sequel. (27.05.2010), Matt, Attack Vector, attackvector.org
• Mass infection of IIS/ASP sites (08.06.2010), google.com
• Meterpreter for Pwned Home Pages (14.06.2010), egypt, google.com
• Microsoft Releases Anti-XSS Web Protection Library (02.06.2010), Ryan Naraine, threatpost, threatpost.com
• Penetration Testing Summit 2010 (17.06.2010), Paul Asadoorian, blog.tenablesecurity.com
• Security Concerns Less Considered (28.05.2010), Shannon Cole, McAfee Avert Labs
• Social sites, profile pictures and privacy. (09.06.2010), Matt, attackvector.org
• Test Toot Suite: Antivirus Vendors Blowing Own Horn (28.05.2010), David Harley, ESET ThreatBlog, eset.com
• The Mission of Security Awareness (18.06.2010), dre, google.com
• The True Story Behind the Cisco Identification Port (21.06.2010), blogs.cisco.com
• Those Scrambled Word Tests For Stopping Spambots Are Tough For Humans Too (18.06.2010), Andy Greenberg, blogs.forbes.com
• Trying to Rely on the Right Platform Provides the Wrong Protection (02.06.2010), Zulfikar Ramzan, Symantec Connect, symantec.com
• URL Sentences (02.06.2010), Chris Shiflett, shiflett.org
• Website Vulnerability Research and Disclosure (14.06.2010), Chris Wysopal, veracode.com
• What a difference a year makes – SMBs are cracking down on information protection (21.06.2010), Gina Sheibley, symantec.com
• Whatever Happened to Voice Recognition? (21.06.2010), codinghorror.com
• Which Vulnerabilty to exploit first? (03.06.2010), cdupuis, The Professional Security Testers Warehouse, professionalsecuritytesters.org
• Who’s your Verisign? Malware faking digital signatures (23.06.2010), Mike Wood, Threat Researcher, SophosLabs, Canada, sophos.com
• Why publishing exploit code is generally a bad idea if you’re paid to protect (22.06.2010), Robert A., google.com
• Windows Mobile dialup fraud (06.06.2010), David Harley, ESET ThreatBlog, eset.com
• Wordpress user: Be careful where you get your theme from (01.06.2010), Sucuri Security, sucuri.net
• World’s Smallest PDF (21.06.2010), FE Malware Researcher, google.com

Marc Ruef | G+ (618 Wörter)

► 28.05.2010 – Blog Digest Mai 2010

• A bit of a reality check (18.05.2010), Beth Jones, SophosLabs US, sophos.com
• A Brief Look at Zeus/Zbot 2.0 (03.05.2010), Karthik Selvaraj, symantec.com
• A New Type of Phishing Attack (25.05.2010), Aza Raskin, http://www.azarask.in
• A Rise in Java Vulnerabilities (30.04.2010), Greg Ahmad, symantec.com
• A Virus Is Coming! Tell All Your Friends! (04.05.2010), John McDonald, symantec.com
• Are low standards better than no standards? (21.05.2010), netsecpodcast@mckeay.net (Martin McKeay), google.com
• AV Testing double standards and independence (03.05.2010), noreply@blogger.com (Rick Moy), google.com
• Analyzing Malwares Using Microsoft Tools (29.04.2010), Matt Oh, community.websense.com
• Defeating expensive lockdowns with cheap shellscripts (18.05.2010), Ron Bowes, skullsecurity.org
• Encryption Can’t Stop The Wiretapping Boom (30.04.2010), Andy Greenberg, blogs.forbes.com
• Exploiting hard filtered SQL Injections 2 (conditional errors) (07.05.2010), Reiners, websec.wordpress.com
• Facebook’s ‘Evil Interfaces’ (29.04.2010), tim, eff.org
• General Alexander’s Confirmation And The Failure Of Cyberwar Transparency (13.05.2010), Sean Lawson, blogs.forbes.com
• Has Apple Gotten Religion on Software Security? (27.04.2010), Dennis Fisher, threatpost.com
• HTML5 Security in a Nutshell (17.05.2010), Chris Eng, veracode.com
• Invasion of Privacy. The Sequel. (24.05.2010), Matt, http://www.attackvector.org
• KHOBE – 8.0 earthquake for Windows desktop security software (05.05.2010), matousec.com
• Leaking private IP addresses via DNS (03.05.2010), http://sucuri.net, google.com
• More ‘the air is full of packets’ (13.05.2010), Robert Graham, erratasec.blogspot.com
• New Study Shows Nearly No Difference in Security of Web Frameworks (05.05.2010), Dennis Fisher, threatpost.com
• On Formally Verified Microkernels (and on attacking them) (03.05.2010), noreply@blogger.com (joanna), theinvisiblethings.blogspot.com
• Replacing Happiness with Pride (Rugged) (07.05.2010), Jeremiah Grossman, google.com
• Spam Filter Bypass attempts (19.05.2010), Avira GmbH, techblog.avira.com
• Strong Passwords for Dummies? (10.05.2010), Xavier, blog.rootshell.be
• Survey Shows Most Flaws Sold For $5,000 Or Less (20.05.2010), Dennis Fisher, threatpost.com
• Technical details of the Street View WiFi payload controversy (19.05.2010), Robert Graham, erratasec.blogspot.com
• Ten years of innovation in reverse engineering (17.05.2010), Sebastian Porst, blog.zynamics.com
• The Sality Botnet (14.05.2010), Nicolas Falliere, symantec.com
• Worst-Case Thinking (13.05.2010), schneier, schneier.com
• Zip Files All The Way Down (18.03.2010), rsc, research.swtch.com

Marc Ruef | G+ (537 Wörter)

► 30.04.2010 – Blog Digest April 2010

Nachfolgend interessante Beiträge zum Thema IT-Security des vergangenen Monats:

• After the Afterword (09.04.2010), crypto.com
• Anti-virus products compared in proactive test (14.04.2010), Graham Cluley, Sophos, sophos.com
• BeyondTrust Report on Removing Administrator: Correct? (06.04.2010), Richard Bejtlich, taosecurity.blogspot.com
• CSRF Isn’t A Big Deal – Duh! (14.04.2010), RSnake, ha.ckers.org
• Call Centers for Computer Criminals (20.04.2010), BrianKrebs, krebsonsecurity.com
• Charting the Carnage from eBanking Fraud (23.04.2010), BrianKrebs, krebsonsecurity.com
• Close the Security Holes in your Firewalls! (29.03.2010), Xavier, blog.rootshell.be
• Exploring Heap-Based Buffer Overflows with the Application Verifier (29.03.2010), blogs.cisco.com
• Exploring the Facebook API (13.04.2010), Mark Baggett, pauldotcom.com
• e-Banking Guidance for Banks & Businesses (06.04.2010), BrianKrebs, krebsonsecurity.com
• Facebook privacy given a poor scorecard by WhatApp project (20.04.2010), Graham Cluley, Sophos, sophos.com
• Finding Remote Vulnerabilities in a Trojan (23.04.2010), f-secure.com
• From XSS to root: Lessons Learned From a Security Breach (14.04.2010), Toralv Dirro, google.com
• Immunet: A Second Opinion Worth a Second Look (14.04.2010), BrianKrebs, krebsonsecurity.com
• Manual Verification of SSL/TLS Certificate Trust Chains using Openssl, (Sun, Apr 25th) (25.04.2010), isc.sans.org
• Measurement Over Models (18.04.2010), Richard Bejtlich, taosecurity.blogspot.com
• Optimizing John the Ripper’s ‘Single’ Mode for Dictionary Attacks (23.04.2010), Matt Weir, reusablesec.blogspot.com
• Penetration Testing: Learn Assembly? (04.04.2010), H.D. Moore, blog.metasploit.com
• Protecting Sensitive Data in Email (29.03.2010), infosecblog.org
• ROP and iPhone (16.04.2010), Vincenzo Iozzo, blog.zynamics.com
• Some Large Website Please Do This Study (26.04.2010), Robert Graham, erratasec.blogspot.com
• Study Reveals that Fewer than One in Ten Companies Evaluate Vendors or Train Employees on Cloud Security (06.04.2010), John Magee, symantec.com
• Stuffing Javascript into DNS names (20.04.2010), Ron Bowes, skullsecurity.org
• Targeted web-based malware – Case study (05.04.2010), sucuri.net
• The Top 500 Worst Passwords of All Time (13.04.2010), riva11, symantec.com
• To Each According To His Needs, Sam Curry, rsa.com
• Trojanised Mobile Phone Game Makes Expensive Phone Calls (23.04.2010), f-secure.com
• Why I’m right to use the word ‘hacker’, and will carry on using it (26.04.2010), Graham Cluley, Sophos, sophos.com
• Young People, Privacy, and the Internet (20.04.2010), schneier, schneier.com

Marc Ruef | G+ (528 Wörter)

► 26.03.2010 – Blog Digest März 2010

Nachfolgend interessante Beiträge zum Thema IT-Security des vergangenen Monats:

• 8000 iPhone and Android users duped into joining smartphone botnet (09.03.2010), Graham Cluley, Sophos, sophos.com
• A gentle introduction to return-oriented programming (12.03.2010), Tim Kornau, blog.zynamics.com
• Beyond the Initial Compromise (18.03.2010), Greg Ahmad, symantec.com
• ‘Cloud’ Security Recommendations (24.03.2010), Paul Asadoorian, blog.tenablesecurity.com
• Conversations With a Blackhat (14.03.2010), RSnake, ha.ckers.org
• Cyber Crooks Leave Traditional Bank Robbers in the Dust (09.03.2010), BrianKrebs, krebsonsecurity.com
• Data Exfiltration: How Data Gets Out (12.03.2010), csoonline.com
• Evaluating statistical attacks on personal knowledge questions (04.03.2010), Joseph Bonneau, lightbluetouchpaper.org
• Forget ROI and Risk. Consider Competitive Advantage (22.03.2010), Richard Bejtlich, taosecurity.blogspot.com
• Fraudsters hone their attacks with spear phishing (04.03.2010), Posted by cdupuis, professionalsecuritytesters.org
• Grade Hacking (13.03.2010), google.com
• Hijacking Blackberry Internet Browsing (21.03.2010), MAX, remote-exploit.org
• HPING3 Cheatsheet (03.03.2010), Posted by cdupuis, professionalsecuritytesters.org
• IT Metrics Need a Shot of Innovation (12.03.2010), Jeff Foucher, ca.com
• New Research Suggests That Governments May Fake SSL Certificates (24.03.2010), schoen, eff.org
• Password Managers, is this the best option user’s have? (12.03.2010), Jeremiah Grossman, google.com
• PDF Based Targeted Attacks are Increasing (17.03.2010), f-secure.com
• Phishing craigslist – but is it malware? (12.03.2010), Pete, SophosLabs AU, sophos.com
• SAP (12.03.2010), dennis, blogs.conus.info
• SCADA, from a Security Point of View (06.03.2010), Xavier, blog.rootshell.be
• Security Policies Must Be Enforced! (22.03.2010), Xavier, blog.rootshell.be
• Smart Aleck Passwords (25.03.2010), f-secure.com
• The Morphing PDF (17.03.2010), f-secure.com
• The REIL language – Part I (07.03.2010), Sebastian Porst, blog.zynamics.com
• The ultimate faceoff between password lists (11.03.2010), Ron, skullsecurity.org
• Why Bob Maley’s Firing is Bad for All of Us (11.03.2010), Dennis Fisher, threatpost.com
• XSS, SQL Injection and Fuzzing Barcode Cheat Sheet (24.02.2010), Robert A., google.com
• Yep, There’s a Patch for That (05.03.2010), BrianKrebs, krebsonsecurity.com
• Your APT Anti-Hype (01.03.2010), Paul Asadoorian, blog.tenablesecurity.com

Marc Ruef | G+ (500 Wörter)

► 26.02.2010 – Blog Digest Februar 2010

Nachfolgend interessante Beiträge zum Thema IT-Security des laufenden Monats:

• Accuracy and Time Costs of Web Application Security Scanner Report (03.02.2010), RSnake, ha.ckers.org
• Breaking Weak CAPTCHA in 26 Lines of Code (23.02.2010), andres.riancho, bonsai-sec.com
• How online card security fails (01.02.2010), lightbluetouchpaper.org
• Infrastructure vs. Application Security Spending (18.02.2010), Jeremiah Grossman, google.com
• Is Your BlackBerry App Spying on You? (07.02.2010), Chris Eng, veracode.com
• Looking for ‘more useful’ malware information? Help develop the format., (Sun, Feb 21st) (21.02.2010), isc.sans.org
• Malware-URL Extension Statistics January 2010 (29.01.2010), Avira GmbH, techblog.avira.com
• Please Rob Me site exposes danger of sharing too much information online (18.02.2010), Graham Cluley, Sophos, sophos.com
• Postgres Fingerprinting (05.02.2010), todb, google.com
• Reaction to Cyber Shockwave (21.02.2010), Richard Bejtlich, taosecurity.blogspot.com
• Reputation-based Security: Suspicious.Insight detections on Virus Total (19.02.2010), Gerry Egan, symantec.com
• The world’s top 10 dirtiest web-hosting countries (03.02.2010), Graham Cluley, Sophos, sophos.com
• Time to.. Track More Data (19.02.2010), blog.osvdb.org
• Timeline: A Decade of Malware (02.02.2010), csoonline.com
• Twitpic, EXIF and GPS: I Know Where You Did it Last Summer, (Wed, Feb 10th) (11.02.2010), isc.sans.org
• Twitter in the workplace – the threats (12.02.2010), David Kelleher, google.com
• Using Google Images to Investigate Fraud (19.02.2010), f-secure.com
• Where’s WhiteHat? Re: Scanner Comparisons (09.02.2010), Jeremiah Grossman, google.com
• White Box Better Than Black Box (21.10.2009), Chris Wysopal, veracode.com
• XSS, SQL Injection and Fuzzing Barcode Cheat Sheet (24.02.2010), Robert A., google.com

Marc Ruef | G+ (384 Wörter)

► 28.01.2010 – Blog Digest Januar 2010

Nachfolgend interessante Beiträge zum Thema IT-Security des vergangenen Monats:

• The Shortcut to Control Rationalization, feeds.ca.com
• Facebook Mischief, f-secure.com
• Breaking Koobface’s Captcha Solving Process, abuse.ch
• News Experiment To Rely Only On Facebook, Twitter, rss.slashdot.org
• SMS or Not to SMS – Why Should I Care?, rsa.com
• Study of BlackBerry Proof-of-Concept Malicious Applications -SMobile Global Threat Center, threatcenter.smobilesystems.com
• Adding Data Leakage Protection into Apache, blog.rootshell.be
• Should You Be a Generalist Or a Specialist?, hackerboss.com
• Ray McGovern on Intelligence Failures, schneier.com
• Honeypot analysis – Looking at SSH scans, feedproxy.google.com
• Facebook Privacy Doesn’t Really Exist, f-secure.com
• Only 27% of Organizations Use Encryption, rss.slashdot.org
• Afterbytes with Marcus Ranum – Using A Dedicated PC For Online Banking, blog.tenablesecurity.com
• 2000 – 2009: The Spam Explosion, symantec.com
• Half of All Data Centers Understaffed, Symantec Survey Finds, csoonline.com
• Malicious App In Android Market, rss.slashdot.org
• W32/Fame, feedproxy.google.com
• David Brooks on Resilience in the Face of Security Imperfection, schneier.com
• Flash drive manufacturers warn: Hackers can decrypt ‘secure’ USB sticks, sophos.com

Marc Ruef | G+ (344 Wörter)

Labs Übersicht

• Letzte Beiträge
  • Computer Forensik – Ein Überblick
  • Vortrag zu Security Testing an SGRP Veranstaltung
  • Staatstrojaner – Kritik am neuen Bundesgesetz
  • Overview of Microsoft’s security toolkit EMET
  • Blog Digest April 2013
  • Wie statisch sollten Sicherheitsrichtlinien sein?
  • Timing für effiziente unentdeckte Portscans
  • Interpreting a Logfile with Grok
  • Spamhaus DDoS mit DNS Amplification
  • Blog Digest März 2013
• Archiv
  • 2013 | 2012 | 2011 | 2010 | 2009 |

• Blog Digest

• Blogroll
  • abuse.ch
  • c22.cc
  • computec.ch
  • darkreading.com
  • infosecisland.com
  • krebsonsecurity
  • metasploit.com
  • schneier.com
  • securiteam.com
  • stfn.ch
  • zeltser.com
  • 5e4n.ch
• Syndication
  • RSS
  • Twitter