Hi folks,
Mark has a lot of useful tools written for pentesters:
And the support from him is simply awesome!
So check the site out…
Cheers,
Matti
Link: Brain Hacking
Hi folks,
The following link is partly because it is interesting which ways Social Engineering and brain hacking are going in the future and partly because I think that girl is looking really nice 😉
Have fun…
Cheers,
Matti
Link: Awesome Forensic Overview
Hi folks,
I came across this awesome poster from SANS about forensic and I thought I need to share it:
Really nice work here…
Cheers,
Matti
The gamification of pen-testing, and other ideas from Haroon Meer
I missed Haroon’s talk at 44Con last year, and finally watched it online: http://www.youtube.com/watch?v=GvX52HPAfBk
I wasn’t sure about gamification, and had a lot of half-thought out doubts about it, which I was ready to write up on here. So to firm up my disagreements I watched the talk again… and they all vanished. I think there’s a lot of good ideas in this talk, with a lot of value; it’s worth forty five minutes of your time.
Everything you need to know about Flame
I’m an incredibly busy person and „time poor“, or easily distracted by all the other interesting things in life that aren’t Information Security, or worn down by trying to „drink from the fire hose“ and have given up on trying to be up to date on everything all the time… or all of the above, so it’s rare for me to read about something that doesn’t directly affect me or my customers. This, however, is an excellent summary of what Flame is capable of, and why it is such an important piece of malware: http://www.f-secure.com/weblog/archives/00002383.html , „Flame is Lame“ by Mikko Hypponen of F-Secure.
Podcast
Just in case you’re not already a listener, do check out the Risky Business podcast – http://risky.biz/netcasts/risky-business – an excellent summary of the week’s news, and an in-depth interview, every week.
While the „mates drinking on Skype“ podcasts along the lines of EuroTrash and PaulDotCom are fun, and occasionally of value, I think Risky Business is the most consistently useful security podcast out there, especially that doesn’t take up a great deal of time. Can anyone recommend any others?
Link: Check the site before you surf it
lo folks,
We all have to surf to different sites we do not trust.
Good to have a general idea what the site might have installed for you:
Cheers,
Matti
PS: We are benign: http://zulu.zscaler.com/submission/show/70f1d1dc97d2b6e291e2f7c4f63a9c1d-1337103508
Link: Russian Cyber Crime 2011
Hello folks,
This is a really interesting read:
http://group-ib.com/images/media/Group-IB_Report_2011_ENG.pdf
page 5 if you do not like to read. The numbers are impressive.
Also I like it that this is not just numbers but also has some stories at the end.
Really good write up—
Cheers,
Matti
Solution to wicd problem
Hi,
Just putting this out in the Internet so that when someone faces the same problem that I do this will, hopefully, give them a solution.
You’re using wicd-client to connect to wireless networks, you click Connect, the usual sequence appears… „Putting interface up“, „Validating Authentication“, „“Obtaining IP Address“, „Done connecting…“ but then wicd says „Not connected“. Your wicd.log file ends in something like this:
DHCP connection successful
not verifying
Connecting thread exiting.
Sending connection attempt result success
The solutions are either:
- Kill your dhcpcd process, either simply with „
killall dhcpcd“ or „/etc/init.d/dhcpcd stop„. - Less reliably, just keep trying the connect button, sooner or later dhcpcd gets the idea, and will grab an IP address for you.