Home > del.icio.us > Bookmarks for April 19th through May 19th

Bookmarks for April 19th through May 19th

May 19th, 2010 admin Leave a comment Go to comments

These are my links for April 19th through May 19th:

  • Dasient Blog: Q1’10 web-based malware data and trends – Each quarter we pull together data for web-based malware attacks from across the web. Our proprietary malware analysis platform allows us to monitor millions of websites and draw results from a wealth of data which we summarize in this blog. What we continue to see is that the web malware threat continues to grow significantly. Hackers are becoming increasingly sophisticated and bold in their attacks, which means that legitimate websites are more threatened than ever. Putting web site security best practices in place such as malware monitoring and containment is becoming an absolute must if businesses do not want to expose themselves and their customers to these attacks. A particularly interesting observation has been an increase in 'malvertising' attacks in which hackers plant malicious ads on high-profile ad networks and websites
  • SkullSecurity » Blog Archive » Taking apart the Energizer trojan – Part 1: setup – As most of you know, a Trojan was recently discovered in the software for Energizer's USB battery charger. Following its release, I wrote an Nmap probe to detect the Trojan and HDMoore wrote a Metasploit module to exploit it.<br />
    <br />
    I mentioned in my last post that it was a nice sample to study and learn from. The author made absolutely no attempt to conceal its purpose, once installed, besides a weak XOR encoding for communication. Some conspiracy theorists even think this may have been legitimate management software gone wrong — and who knows, really? In any case, I offered to write a tutorial on how I wrote the Nmap probe, and had a lot of positive feedback, so here it is!<br />
    <br />
    Just be sure to take this for what it is. This is *not* intended to show any new methods or techniques or anything like that. It's a reverse engineering guide targeted, as much as I could, for people who've never opened IDA or Windbg in their lives. I'd love to hear your comments!
  • Security Breach Notification Laws – Forty-six states, the District of Columbia, Puerto Rico and the Virgin Islands have enacted legislation requiring notification of security breaches involving personal information.
  • YouTube – Bogota Review
  • YouTube – CUSTOM BOGATA LOCKPICKING INSTRUCTIONAL VIDEO – CUSTOM BOGATA LOCKPICKING INSTRUCTIONAL VIDEO:<br />
    this is a reference instructional video<br />
    on my custom-made bogata rakes,<br />
    made for the "tutorials" thread @ www.keypicking.com<br />
    in this video i use a Titanium-shackle Wison-Bohannan,a 45mm Guard,& a 50mm Garrison,as picking subjects<br />
    NOTE: these custom rakes are entirely hand-made, and do occasionally become available through me.
  • MySQL Security Best Practices (Hardening MySQL Tips) |  GreenSQL – The MySQL database has become the world's most popular open source database because of its consistent fast performance, high reliability and ease of use. MySQL is used on every continent – yes, even in Antarctica! – by individuals, Web developers, as well as many of the world's largest and fastest-growing organizations such as industry leaders Yahoo!, Alcatel-Lucent, Google, Nokia, YouTube and others to save time and money powering their high-volume websites, business-critical systems, and packaged software.<br />
    <br />
    As most products do, MySQL comes "ready-to-work" out of the box. Usually, security is not a major consideration when installing this kind of product. Often, the most important issue is to get it up and running as quickly as possible so that the organization can benefit. This document is intended as a quick security manual to help you bring an installed MySQL database server into conformity with best security practices.
  • PANscan – SecurityMetrics – PANscan simplifies the testing process by enabling non-technical merchants to quickly find prohibited credit card data on their systems. It will:<br />
    <br />
    * Search the local system for cardholder data.<br />
    * Triple-check all threats to ensure they are valid.<br />
    * Run 10 times faster than a normal disk scan.<br />
    * Report summary results immediately.<br />
    * Allow scans to be performed as frequently as desired on any number of merchant machines.<br />
    <br />
    Free downloads available in May

Related posts:

  1. Bookmarks for April 2nd through April 18th
  2. Bookmarks for April 1st through April 2nd
  3. Bookmarks for April 26th through April 29th
  4. Bookmarks for April 13th through April 23rd
  5. Bookmarks for March 26th through April 13th
Categories: del.icio.us Tags:
blog comments powered by Disqus