Practical Information Security

HITB Magazine Issue #5 is now available

2011-02-28T22:42:00.000-08:00

New issue of HTIB magazine already available

Inside:

Investigating Kernel Return Codes with the Linux Audit System
Secure Shell Attack Measurement and Mitigation
ARP Spoofing Attacks & Methods for Detection and Prevention
Exploiting Web Virtual Hosting –Malware Infections
Windows CSRSS Tips & Tricks

Download from:

http://magazine.hackinthebox.org/issues/HITB-Ezine-Issue-005.pdf

New issue of Hakin9 available: Identity Theft

2011-02-28T22:31:00.000-08:00

New issue of Hakin9 magazine already available!

Inside:

Identity Proof Your Personal Data by Julian Evans
Guarding Against Identity Theft by Gary Miliefsky
The Best Way to Learn and Apply Cryptography by Arkadius C. Litwinczuk
Analysis of a Scam by Rich Hoggan
Secure Env for PT by Antonio Merola
Knowing VoIP – part III by Winston Santos
Bluetooth Mice Can Leak Your Passwords! by Aniket Pingley, Xian Pan, Nan Zhang, Xinwen Fu
Choosing an IDS/IPS Engine by Matthew Jonkman

Free e-book: Web Application Security for Dummies

2011-02-21T11:29:00.000-08:00

Qualys has published a new comprehensive free guide on Web Application Scanning (WAS) to help readers understand web application security - including how to quickly find and fix vulnerabilities in web applications.

WAS for dummies ebook

Hackito Ergo Sum 2010

2011-02-21T11:19:00.000-08:00

Hackito Ergo Sum is focusing on all technology hacks, hardcore reverse engineering and vulnerability research, exotic network and platform hacking, and all the new domains of the hacking domain

Here you can find 2010 presentations

http://hackitoergosum.org/archive-201/

New Good Practice Guide for Incident Management from ENISA

2011-01-24T07:27:00.000-08:00

The European Network and Information Security Agency (ENISA) has issued a practical information and guidelines for the management of network and information security incidents by CERTs.

The good practice guide for incident management focuses on the incident handling process. This involves the detection and registration of incidents, followed by so called 'triage' (classifying, prioritizing and assigning incidents), incident resolution, closing and post-analysis.

The guide will help establishing and building Security Incident Response capability

Good Practice Guide for Incident Management

Step 1 - Understand the business

2010-12-12T12:01:00.000-08:00

Always there is a gap between information security and business requirements.

Successful information security program must add value to business. the value will be added only if the one responsible for implementing information security understand the business.

Successful information security program will protect the business core and will be linked to the business objectives.

To understand the business the following shall be done first

Read and understand

The business vision and mission
The business strategy for the next 3 years or least the current year.

Get a copy of the organizational chart with description of each department, business unit, sector etc
Meet each one of the management team (i.e directors, executive managers, managers etc)

Collect information about the core of the business, why the organization exists
Develop org chart (if not exist) and list functions of each department
Who are the stakeholders.
Who are the decision makers.
What incidents have been happened before and what was the damage of each.
Know if any security concerns.
Understand what regulatory or standards must comply with.

Meet the Internal Audit department manager

Collect previous audit report and identify issues related to security

The information has been collected will

Help you understand the business
Identify business priorities
Identify major risks that require attention and mitigation

Next will discuss Information classification and Categorization.

SecurityTube Tools Wiki

2010-12-03T22:03:00.000-08:00

SecurityTube Tools is a collaboratively edited community wiki which aims to list all the security and hacking tools out there.

280+ popular tools have been listed and categorized in a way that can be matached to most of Peneteration testing methodologies.

SecurityTube Tools

Free Security Magazines

2010-12-02T02:43:00.000-08:00

To protect your busines information you have to understand the value of the infromation and you have to know what type of threats and how those threats work against valuebale information.

The following magazine is a great source to keep you updated and aware of latest and greatest threats and for free.

Hakin9 http://hakin9.org/
Hack In The Box. http://magazine.hackinthebox.org/

I suggest to review each magazine quickly, identify important articles, print them and read an article every 2 days.

December issue of Hakin9 magazine

2010-12-02T02:31:00.000-08:00

Another month of free education, can be downloaded from

http://hakin9.org/magazine/1566-botnets-malware-spyware

In December issue:

A brief analysis of the cyber security threat by Julian Evans
Cyber State-Bullying by Matthew Jonkman
The Spyware Within You by Rajat Khare
The Ear of Sauron by John Aycock
dasbot: controlling IRC via bash by Israel Torres
Knowing VoIP Part II – Getting deeper to the settings by Winston Santos
TDSS botnet – full disclosure. Part II by Andrey Rassokhin and Dmitry Oleksyuk
Search Engine Security and Privacy – Part 2 by Rebecca Wynn

Penetration tests: 10 tips for a successful program

2010-11-18T08:56:00.000-08:00

Penetration tests: 10 tips for a successful program is an article sheds the light on some of the factors that must be considered before conducting a penetration testing by internal team.

Also it will help developing RFP and maximizing the value of the penetration testing conducted by external consultant.

Introduction to penetration testing

2010-11-18T08:41:00.000-08:00

Penetration testing is a method to evaluate the security of network, systems, application and computers, It can be done using internal resources or external consultants.

It is very important to be aware of different methodologies used to conduct Penetration testing as well definitions and terms, as an introduction, The following link can be useful

http://en.wikipedia.org/wiki/Penetration_test

Where to start

2010-11-12T13:38:00.000-08:00

You are responsible for securing small or medium business organization?
Too much security standards ?
Too much consultants, meetings and presentations?
Limited budget?
Not enough resources?
Frustrated ?
Do not know where or how to start ?

Soon will tell you how to start and where to start