Conferences | SWITCH Security-Blog

28/10/2013
by Frank Herberg

IT-Security-Links #42

VB2013 / hack.lu 2013: Slides from the Virus Bulletin 2013 Security Conference in Berlin are available now…
…as well as the slides from hack.lu 2013.
Security 101: Watering holes remove the challenge of finding and chasing an elusive target. Stefanie Hoffman wrote about Watering Hole Attacks in the Fortinet Blog.
Global DDoS Attack Map: Google and Arbor Networks visualize DDoS attacks around the globe. The tool allows you to see where attacks are taking place and where they are coming from. And you can also investigate historic attacks.
How open source projects should handle security vulnerabilities – a blog article by Alex Gaynor.
Q3 findings from ATLAS: the quarterly data pull from ATLAS to glean new insight into DDoS attack trends

German:

Cloud-Richtlinien für Schweizer Schulen: Die Vereinigung der Schweizerischen Datenschutzbeauftragten hat Richtlinien für den Einsatz von Cloud-Services veröffentlicht.

18/10/2013
by Frank Herberg

IT-Security-Links #41

HITB2013KUL: The Security Conference ‘Hack in the Box‘ took place this week. Slides of the talks are available here.
Malware “Dexter”: Infected point-of-sale terminals in South African restaurants costs banks millions.
Bring your own Shadow IT: How people avoid the “clunky” network their organisation offers.
Insecurities of /dev/random: A security analysis (PDF) of Linux’ pseudo-random number generator.
Can we trust ‘NSA-proof’ TrueCrypt? Security researchers are raising funds to conduct an independent audit of TrueCrypt, the popular disk encryption utility.
NSA collects millions of address books: According to a newly disclosed presentation, the NSA collects contact lists from personal e-mail and instant messaging accounts around the world.
Windows XP support ends April 2014! After this date customers will no longer receive new security updates.

German:

Wie sicher sind Computersysteme von Schweizer Firmen? Die First Security Technology AG scannte Schweizer IP-Adressen und hat daraus einen Swiss Vulnerability Report erstellt. Kritik dazu gibt’s auch.

05/08/2013
by Daniel Stirnimann

IT-Security-Links #32

The Washington Post published an article by Andrea Peterson on why stolen European credit card numbers cost 5 times as much as U.S. ones on the underground market. There are several reasons for this, different credit card technology or how monetization for stolen cards works out are two of them but in the end it’s a function of supply and demand and the structure of the online underground economy.
Distributed Denial of Service (DDoS) attacks are not a matter of if but when they happen to you. Sean Leach of Verisign provides 5 key steps enterprises can take to be prepared for a future attack.
In an anti-botnet takeover of .pl domains, NASK (the .pl ccTLD registry) and CERT Polska have shutdown over 641 malicious domains, with 179 being used for C&C purposes. They terminated the agreement with the Registrar Domain Silver, Inc, which only had one benign domain name (domainsilver.pl itself) registered.
Jeremiah Grossman and Matt Johansen of White Hat Security presented their research at Black Hat USA 2013 showing that you can “build” a browser botnet by leveraging advertising networks such as AdSense or DoubleClick.
Another Black Hat speaker Paul Stone of Context Information Security showed how you can steal data from a web browser with the use of JavaScript-based timing attacks.
Simon Mullis of FireEye posted part one and two of a three-part series on why old malware such as Carberp or Zeus are still successful. Part one: Why Carberp, ZeuS, and Other Vintage Malware Have a Bigger Bite Than You Think. Part two: Cybercriminal Intent: How to Build Your Own Botnet in Less Than 15 Minutes.
David Kriesel found out that Xerox scanners/photocopiers randomly alter numbers in scanned documents! Apparently, the problem only exists with small font sizes and with low-resolution.

15/07/2013
by Frank Herberg

IT-Security-Links #29

DEF CON 21, Black Hat 2013 and the NSA: We need some time apart – DEF CON founder Jeff Moss has asked federal agents not to attend this year’s DEF CON. At the same time the Director of the NSA, General Keith Alexander, will talk at Black Hat USA 2013.
Android Security: Last week we reported about a vulnerability that allows to modify a legitimate, digitally signed Android application (.APK-File) without breaking the app’s cryptographic signature. In the meantime Google released a fix to OEMs. But only a few have released the patch to customers yet. A proof of concept exploit code is there, released by Pau Oliva Fora. And yes, there’s also a “Master key” Security Scanner App available from Bluebox to test if your device is vulnerable.
PRISM: How Microsoft collaborates with the NSA. An article in ‘The Guardian’ which is worth reading (not only) for Hotmail, Outlook.com, SkyDrive and Skype users.
DDoS: To provide insights on the latest DDoS threats – and effective mitigation strategies – Information Security Media Group has launched a DDoS Resource Center.
Windows 7 Reinstall-How-to: Your PC has become infected with malware? You don’t know how to correctly reinstall your system, and reduce the risk of becoming reinfected at the same time? Have a look at the new How-to from EBAS. (Available in 4 languages.)

09/07/2013
by Michael Hausding

Einbrüche in Datenbanken, gestohlene persönliche Daten, manipulierte Transaktionen im E-Banking, Eingriffe von staatlichen Akteuren in die Kommunikation im Internet und Angriffe auf die Verfügbarkeit von Diensten: Fast täglich wird mittlerweile über diese Sicherheitsvorfälle in den Medien berichtet.

Computer Security Incident Response Teams (CSIRTs) sind mit die Ersten, die auf solche Vorfälle reagieren und versuchen, Gegenmassnahmen zu treffen. Im Forum of Incident Response and Security Teams (FIRST) sind weltweit rund 240 dieser Teams aus der Industrie, von Regierungen und Akademischen Institutionen zusammengeschlossen, das SWITCH-CERT ist eines davon.

Continue reading →

24/06/2013
by Frank Herberg

Neues aus dem IPv6-Universum

Was tut sich in Sachen IPv6?

Dieser Juni war der Monat der IPv6-Konferenzen. Am 6. und 7.6. fand in Frankfurt/Main der fünfte Heise IPv6-Kongress statt. Eine Woche später gab es die vom Swiss IPv6 Council organisierte eintägige IPv6 Business Conference in Zürich.

Beiden Veranstaltungen gemein waren eine hohe Dichte an hochkarätigen Speakern, die nicht – wie vielleicht befürchtet – die letztjährigen Talks wiederaufbereiteten, sondern viel Neues zu berichten hatten. Beiden Veranstaltungen gemein war auch, dass sie in Kinosälen stattfanden. Mit riesigen Leinwänden für die Präsentationen und gemütlichen Sesseln anstelle von Tageslicht und der üblichen Konferenzmöbel.

Beide Konferenzen boten sowohl reichlich technisch versierte Vorträge, als auch genügend Stoff zum Nachdenken fürs IT-Management. Verschiedene parallele Tracks sorgten dabei für eine breite Auswahl.

Continue reading →

27/05/2013
by Frank Herberg

IT-Security-Links #24

HITB2013AMS: Videos from Day 1 of the the Security Conference ‘Hack in the box’ are now available on youtube.
FIRST: The first security podcasts of the 25th Annual FIRST Conference podcast series can be downloaded.
Want to improve the security of your SSH private key files? Here’s how it works.
Brian Krebs on a Denial-of-service-for-hire-Service with FBI backdoor.
Read in the NY Times Online how sales experts sell hacker services at a trade show in China.
Twitter now provides two-step authentication: Read how you can activate it and if it makes sense.
Kaspersky released information on IT Threat Evolution in Q1/2013.

SWITCH Security-Blog

SWITCH-CERT IT-Security Blog

Category Archives: Conferences

IT-Security-Links #42

IT-Security-Links #41

IT-Security-Links #32

IT-Security-Links #29

Neues aus dem IPv6-Universum

Was tut sich in Sachen IPv6?

Continue reading →

IT-Security-Links #24