HackDig : Dig high-quality web security articles for hackers

ACM WiSec 2020

Last week I attended ACM WiSec. Of course, only virtually. The first virtual conference I attended. Coincidentally, it was also the first conference I presented at. While the experience was quite different from a “real” conference, the organizers did a great job to make the experience as good as possible with, for example, a mattermost instance t
Publish At:2020-07-26 15:58 | Read:145 | Comments:0 | Tags:Breaking Building Events

GReAT Ideas follow-up

On June 17, we hosted our first “GReAT Ideas. Powered by SAS” session, in which several experts from our Global Research and Analysis Team shared insights into APTs and threat actors, attribution, and hunting IoT threats. Here is a brief summary of the agenda from that webinar: Linking attacks to threat actors: case studies by Kurt Baumgartner T
Publish At:2020-07-15 06:12 | Read:191 | Comments:0 | Tags:Events Featured APT Cybercrime honeypot Internet of Things S

Cyberthon 2020: Valuable Discussions, For a Worthy Cause.

Thank you to everyone who joined us for our virtual charity event, Cyberthon 2020 on the 9th June.Given our company started out over 20 years ago as a piece of freeware pioneering many of the early approaches in intrusion detection, there has always been a strong seam of altruism running through Tripwire.This extends far beyond providing open source software
Publish At:2020-06-16 16:30 | Read:281 | Comments:0 | Tags:Events Charity Cyberthon 2020

Cyberthon 2020: Helping Support Front Line Carers

With everything going on in the world currently, it feels wrong to lament the cancellation of cybersecurity exhibition season in Europe.Typically a time when vendors and end-users are huddled around busy tables in cavernous event spaces, we have decided to pour our resources into something a bit different and altogether more altruistic: Cyberthon 2020.We are
Publish At:2020-06-04 04:29 | Read:290 | Comments:0 | Tags:Events Cyberthon 2020 online event

SAS, sweet SAS

As you may already know from our social network posts, we have rescheduled the SAS 2020 conference for November 18-21 due to the COVID-19 pandemic and to ensure your safety. Though we still think that Barcelona is a great place to meet and it will not be a “real” SAS if we cannot hug, shake hands and touch beer glasses in that beautiful city, we
Publish At:2020-05-03 08:09 | Read:413 | Comments:0 | Tags:Events Featured Security conference Security technology

What does it take to become a good reverse engineer?

How much money and effort does it take to become a good reverse engineer? Do you even need to be one? There are no universally acceptable answers to these questions. Software reverse engineering (RE) is not a science but a skillset combined with specific knowledge and backed by a lot of experience. For several years, we have been sharing the RE knowledge tha
Publish At:2020-05-03 08:09 | Read:329 | Comments:0 | Tags:Events Opinion Security conference

YARA webinar follow up

If you read my previous blogpost Hunting APTs with YARA then you probably know about the webinar we conducted on March 31, 2020, showcasing some of our experience in developing and using YARA rules for malware hunting. In case you missed the webinar – or if you attended and want to re-watch it – you can find the recording here: As requested by m
Publish At:2020-04-06 14:15 | Read:657 | Comments:0 | Tags:Events APT Malware Technologies Security technology Vulnerab

Hunting APTs with YARA

For the past few years, we have been spreading our knowledge and experience of using YARA, often called a pattern matching swiss knife for malware researchers (and everyone else). Most of the time, this took the form of the Kaspersky training course titled, “Hunting APTs with YARA Like a GReAT Ninja”. The first YARA training session of that kind
Publish At:2020-03-18 12:30 | Read:867 | Comments:0 | Tags:Events APT Malware Technologies Security technology

Coronavirus impacts security conferences and events: check your schedule

With coronavirus starting to take hold globally, international travel restrictions are kicking in and more workplaces are advising to work from home whenever possible. When self-isolation is a potential solution, public gatherings are increasingly looking like a terrible idea. Events are becoming a bit of a hotspot for cases, leading to inevitably bizarre sc
Publish At:2020-03-12 15:31 | Read:743 | Comments:0 | Tags:Security world black hat bsides cancellations conferences co

TROOPERS20 Training Teaser: Attack And Defence In AWS: Chaining Vulnerabilities To Go Beyond The OWASP Top 10

Attackers are everywhere. They are now on the cloud too! Attacking the most popular cloud provider – AWS, requires the knowledge of how different services are setup, what defences do we need to bypass, what service attributes can be abused, where can information be leaked, how do I escalate privileges, what about monitoring solutions that may be presen
Publish At:2020-02-27 17:57 | Read:573 | Comments:0 | Tags:Events AWS TROOPERS TROOPERS20

Mental Health for Hackers: Contents Under Pressure

In 2011, I was in the middle of sitting down when I suddenly felt prickling sensations start from my toes, spread up my legs, and make their way into my arms. I was gasping for air. As the sensation traveled up my spine, it overwhelmed my head, and my heart struggled to keep up. Desperate for air and covered in tears, I started praying. I was scared for my l
Publish At:2020-02-19 00:33 | Read:593 | Comments:0 | Tags:Events Infosec mental health RSAC

Red Teaming for Blue Teamers: A Practical Approach Using Open Source Tools

For the majority of people in the information security world, the act of offensive hacking is something they are tasked with protecting against but have little ability to do themselves. That is like asking a professional boxer to enter the ring without knowing how to throw a punch. Sure, you may be able to get in and last a few rounds, but eventually, a form
Publish At:2020-02-19 00:33 | Read:603 | Comments:0 | Tags:Events Blue Team Red Team RSA

10 Must-See Talks to Attend at RSA Conference 2020

RSA Conference USA is one of the most anticipated digital security events of the year. Last year, its 31 keynote presentations, more than 621 speaker sessions, 700 presenting companies on the exposition floor attracted over 42,000 attendees. Given such popularity, how could the State of Security not include this event in its list of the top information secur
Publish At:2020-02-18 01:48 | Read:904 | Comments:0 | Tags:Events

Cyber Governance 2020

The Governance Challenge: exploring emerging issues in cyber governance for 2020 The challenge of compliance with international regulations. Date: Thursday 26th March Time: 8.30am – 10.30 Location: The Merrion Hotel Dublin The governance on how organisations process and protect a user’s data has changed significantly in the last 20 months. The introduction o
Publish At:2020-02-12 07:25 | Read:544 | Comments:0 | Tags:Events

TROOPERS20 Training Teaser: Hacking Node.js & Electron apps, shells, injections and fun!

Did you know that in the ever evolving field of Web and Desktop apps, it turns out these can all now be powered with JavaScript? You read that right: JavaScript is now used to power both web apps (Node.js) as well as Desktop apps (Electron). What could possibly go wrong? So, the burning question is: how does this affect Web and Desktop app security? If you w
Publish At:2020-02-06 12:15 | Read:462 | Comments:0 | Tags:Events JavaScript TROOPERS TROOPERS20

Tools

Tag Cloud