News – Page 11 – SWITCH Security-Blog

IT-Security-Links #3

A report from Black Hat USA in Las Vegas, one of the biggest IT security conferences in the world published by Compass Security. (Scroll down for the paper.)
A new Linux rootkit which injects iframes to websites has been discovered. Georg Wicherski did a first analysis in the Crowdstrike blog.
The next trends in cyber security: Some of the top security threats we can expect to see developing over the next year – compiled by Gordon Makryllos (CSO Australia)
The IETF has published RFC 6797: HTTP Strict Transport Security (HSTS) – read a short summary here.
How Java exploit code bypasses 44 Antivirus products – A nice step by step demo.

IT-Security-Links #2

A content analysis of a major hacker forum has been released by iMPERVA (PDF).
A nice poster about common exploit kits can be downloaded from Deep End Research
Tim Sammut from Cisco explains the term “Zero-day Vulnerability”
BackTrack introduction: The Infosec Institute is working on a walktrough for the famous penetration testing and security auditing suite
av-comparatives.org released the 2012 issue of their Malware Removal Test Report

IT-Security-Links #1

DigiNotar Certificate Authority breach: Final investigation report published by Fox-IT
Security-Researcher Tavis Ormandy finds severe problems with sophos products (PDF)
And Sophos’ reaction: “Sophos has seen no evidence of this vulnerability being exploited in the wild.”
Trend Micro published a “Russian Underground 101” paper (PDF) illustrating the cybercrime marketplace
Deep Packet Inspection in a nation wide scale: Russia deploys a massive surveillance network system
Monatlicher SWITCHcert Report zu aktuellen Trends im Bereich IT-Security und Privacy (PDF)

Dear Reader

We – the SWITCH-CERT Security Team – welcome you to our IT-Security Weblog!

The aim of this blog is to provide you with relevant news, articles, workshops, conference write-ups and other interesting topics from the world of IT security. Continue reading “Dear Reader”