Research
Security Practitioners' Forum (February 25, 2008) [Building Malware]
Submitted by tintagel on Mon, 2008-02-25 18:30. Exploits | Meetings | Methodology | Research | Software | SPF2008-02-25 18:30
2008-02-25 20:30
Etc/GMT-7
The monthly meeting of the Security Practitioners' Forum (Security Users' Group)
- Topic: Building Malware.
- Learn to think like the Black Hats to better defend ourselves.
- Presenter: Erik Graham et. al. plus forum participation!
At the February '08 AZSPF meeting we will discuss the the topic of Building Malware. This will be a highly interactive discussion lead by an industry expert with practical hands-on malware analysis experience. During the discussion we will conceptually design a piece of malware in pseudocode to illuminate the subject and facilitate discussion of catching/preventing malware.
The Arizona Security Practitioner's Forum is an organic group for InfoSEC Professionals.
Capture the Flag / War Gamez / White Hat Hacking Competition (February 17, 2007)
Submitted by tintagel on Sat, 2007-02-17 08:30. Applied | Events | Exploits | Methodology | Research | Risk Analysis | SPF | Vulnerabilities2007-02-17 08:30
2007-02-17 16:30
Etc/GMT-7
A Special Event of the Security Practitioners' Forum (Security Users' Group) in collaboration with DC480 and Interface Technical Training.
- Topic: Capture the Flag (CTF) / WarGamez.
- Be involved in a White Hat hacking competition!
- Presenter: Multiple (Christian, Dale, Ken, etc.)
Please visit the discussion forum to participate in the planning process. This page will be updated as the details are worked out.
Security Practitioners' Forum (January 22, 2007) [Phoenix CTF Planning]
Submitted by tintagel on Mon, 2007-01-22 18:30. Applied | Events | Exploits | Meetings | Methodology | Research | SPF | Vulnerabilities2007-01-22 18:30
2007-01-22 20:30
Etc/GMT-7
The monthly meeting of the Security Practitioners' Forum (Security Users' Group)
- Topic: Capture the Flag (CTF) / WarGamez Planning Session.
- Be involved in the creation of a White Hat hacking competition!
- Presenter: Multiple (Christian, Dale, Ken, etc.)
At the January '07 AZSPF meeting we will be planning a White Hat hacking event for the Valley of the Sun. This is a follow-up to the planning in the November '06 meeting. Bring your ideas for construction, and designing in certain exploits and milestones. Also, we expect to have several workstations available with VMware Server/Player and or MS Virtual PC so that we can validate some of the November design ideas. If you're feeling ambitious and want build a VM to bring to the meeting, please do. Also, any other ideas/contributions such as known exploitable web-apps (only stuff we can mess with legally please...) would be appreciated.
Remember to save the date for February 17th when we will conduct the White Hat hacking event! This is our first time organizing an event like this so I expect it will be very fluid in nature and we will learn alot (both on the intended topic and about event organization!)
Hackers: Under the hood
Submitted by tintagel on Mon, 2006-08-14 15:47. ResearchI was busy searching for something at Google and just stumbled across this article from 2004 at zdnet.com.au. It wan't really related (clearly my search terms needed work) and is a little dated but it is a nice backgrounder on several of the more prominent hackers.
SANS: Resources Pages
Submitted by tintagel on Mon, 2006-08-14 15:21. Research | TrainingSANS have a series of resource pages thay can be quite useful. I realize that this isn't really news, but it is nice to have an article that points to usefull stuff, so here it is:
SANS Resources Page
SANS Popular Resources Page
SANS What Works Page
SANS Reading Room Page
Exploiting Website Vulnerabilities - XSS, Cookies, Sessions
Submitted by tintagel on Mon, 2006-08-14 09:33. Applied | Research | VulnerabilitiesInformit.com have a rather nice walkthrough, of breaking a website using Cross-Site-Scripting (XSS) and abusing cookies and sessions.
Shared Libraries, Code Execution & Security
Submitted by tintagel on Mon, 2006-08-14 09:05. Applied | Research | SoftwareSecurity Focus have Part 1 in a series of articles about shared libraries in Linux and Windows posted. It is a good primer for the security professional with some coding experience.
Open Source Malware Search Engine
Submitted by tintagel on Wed, 2006-07-19 16:11. Exploits | Research | Software | VulnerabilitieseWeek are reporting that HD Moore has released a Malware Search Engine that can find live malware binaries and source through Gogle. From the article: "The new Malware Search project provides a Web interface that allows anyone to enter the name of a known virus or Trojan and find Google results for Web sites hosting malicious executables." According to a Slashdot post: "The tool then searches for actual malware signatures and uses the signature output from ClamAV to find the name of the malware. This is then used in conjunction with a PE signature matching method to form a Google query. Afterwards the malware can then be downloaded directly from Google."
Microsoft Acquires Winternals and Sysinternals
Submitted by tintagel on Wed, 2006-07-19 16:01. Research | Software | VendorMicrosoft have acquired the famed Winternals and Sysinternal started by Mark Russinovich and Bryce Cogswell.
Now might be a good time to ensure that you have the latest edition of their invaluable tools.
First seen on Slashdot
Windows Rootkit Wars Escalate
Submitted by tintagel on Thu, 2006-07-13 10:24. Applied | Exploits | ResearchFrom Slashdot:
"The rootkit wars have started to escalate with a rootkit named Rustock which is able to remain hidden from all the popular anti-rootkit tools. It uses some new techniques including not only putting itself in a ADS (NTFS alternate data stream) which isn't seen by normal file system enumeration tools, but even blocks ADS aware tools from seeing the stream. Works in Vista, too! Analysis in both Symantec and F-Secure blogs."
