scip AG

Labs: Blog Digest Juli 2012

at Thursday, 26. Juli 2012
by Marc Ruef | G+

The scip Blog Digest is a monthly released summary of the most important, thrilling and crazy posts from the international blogosphere. While reading this digest it remains very easy to keep up to date with the events of modern information security. Follow our team on Twitter, to get the most actual news.

• 4 Reasons Why IT Security Needs Risk Management (darkreading.com)
• Accelerating Password Recovery: the Addition of FPGA (blog.crackpassword.com)
• Android Security 101: A Short Guide (blog.fortinet.com)
• App detects compromised, jailbroken iOS devices (scmagazine.com.au)
• Appeals Court Calls Bank’s Security ‘Commercially Unreasonable’ (threatpost.com)
• Apple Security ‘Grows Up’ With Pair Of Malicious Threats (blog.fortinet.com)
• Apple’s Mountain Lion to offer automatic security updates (appleinsider.com)
• A Step-by-Step Guide for Choosing the Best Scanner (infosecisland.com)
• Creating Metasploit Exploits (pentestlab.wordpress.com)
• Decoding Common XOR Obfuscation in Malicious Code (isc.sans.edu)
• How much data? Apache, Ubuntu and the Lies of the Logs (blog.spiderlabs.com)
• How To Select A DDoS Mitigation Service (darkreading.com)
• Linux 3.5 released (lkml.org)
• Pharma Hack Backdoor Analyzed (blog.sucuri.net)
• Reducing web application attack surface (blog.spiderlabs.com)
• Spam from an Android botnet (blogs.msdn.com)
• Statistics about Yahoo leak of 450.000 plain-text accounts (blog.eset.se)
• Survey Reveals Traditional Vulnerability Scanners Not Working (skyboxsecurity.com)
• Ten Things I’ve Learned About Cloud Security (infosecisland.com)
• The Differences Between Security Certifications (infosecisland.com)
• The fallacy of remote wiping (zdnet.com)
• Thieves placed bugs and hacked onboard computers of luxury cars (telegraph.feedsportal.com)
• Unvalidate Redirects and Forwards (hackingtricks.in)
• Using Chip Malfunction To Leak Private Keys (darkreading.com)
• VirusTotal += Behavioural Information (blog.virustotal.com)
• WebDriver (w3.org)
• What do Sony and Yahoo! have in common? Passwords! (troyhunt.com)
• When is Undefined Behavior OK? (blog.regehr.org)
• Windows short (8.3) filenames – a web security nightmare (acunetix.com)

(480 words)

Tags: Bank, Android, Apple, Backdoor, DDoS, Identity, Linux, PIN, Spam, Windows, Word, iOS

Labs Overview

• Latest Postings
  • Computer Forensik – Ein Überblick
  • Vortrag zu Security Testing an SGRP Veranstaltung
  • Staatstrojaner – Kritik am neuen Bundesgesetz
  • Overview of Microsoft’s security toolkit EMET
  • Blog Digest April 2013
  • Wie statisch sollten Sicherheitsrichtlinien sein?
  • Timing für effiziente unentdeckte Portscans
  • Interpreting a Logfile with Grok
  • Spamhaus DDoS mit DNS Amplification
  • Blog Digest März 2013
• Archive
  • 2013 | 2012 | 2011 | 2010 | 2009 |

• Blog Digest

• Blogroll
  • abuse.ch
  • c22.cc
  • computec.ch
  • darkreading.com
  • infosecisland.com
  • krebsonsecurity
  • metasploit.com
  • schneier.com
  • securiteam.com
  • stfn.ch
  • zeltser.com
  • 5e4n.ch
• Syndication
  • RSS
  • Twitter