Instead of updating the post in question (again), I figured I’ll post all the new info here and call this a wrap. So, we all know about the security scammer now, and the different ways he is working to defraud innocent users and steal their data and money. It has been quite an experience tracking [...]
Posts under ‘Security Research’
The Turkish hack and another case for IL-CERT
You have been living under a rock if you haven’t heard of the Turkish hack a couple of days ago. Basically – a Turkish hacker forum that bolsters a strong anti-Israeli attitude has been practicing hacking and mostly defacing Israeli sites for the past few months (years). Now, this is nothing new, and as I [...]
How [not to] scam security people
An analysis of a rogue security tool that tries to steal passwords and scam people out of their paypal money and accounts.
Cloud Security Alliance Conference (Israel) – CFP
Just wanted to let you all know (as a member of the CSA-IL board) that we will be having a conference on September 2nd who’s title is “Cloud Security Technology and Innovations” in Tel-Aviv, Israel. We expect to have great participation from all areas of the industry, are working on a great venue to host [...]
Identity crisis
Here’s a common question I get asked a lot: “What technology should I use to secure my server/network/[some technology]?” The question is usually presented by someone who’s in charge of “Security” in an organization. Now, I wouldn’t have had a problem with this if this was a technician, or a pen-tester of sorts, but I [...]
Being in the middle (or: things we didn’t manage to learn in a decade)
Things that we should be fixing in security.
Cyber[Crime|War] – connecting the dots – BlackHat EU 2010
Hola from Barcelona! It’s been a very productive couple of days here. Quite a lineup for this version of the BlackHat briefings out here. I had the great fortune of speaking right after a fantastic opening by Jeff Moss (BlackHat founder and director) and Max Kelly (Facebook’s CSO) that just set me up perfectly – [...]
Cyber[FUD]Fare – repost from fudsec.com
As promised – here is the “official” cross-post from my guest appearance on fudsec.com. Enjoy! I’ve been intravenously fed with FUD for as long as I’ve been in the business. The main strategy for understanding that you are facing FUD is to realize that there is a financial motivation behind the FUD-spreading entity. This has [...]
New post on fudsec.com – CyberFUDfare
Just a quick FYI – a new post by yours truly has been published over at fudsec.com. One of my favorite blogs with some really cool contents (still wondering how I ended up publishing there ) Have fun reading: http://fudsec.com/cyberfudfare
It’s all about the money
Coverage of the latest developments in the ZeuS botnet software licensing, and fighting the botnet internet connectivity.