Dancho Danchev exposes the master of Koobface (anagram of Facebook) botnet
See his blog post here :http://ddanchev.blogspot.com/2012/01/whos-behind-koobface-botnet-osint.html
Thursday, January 12, 2012
See the face of a botnet master and his BMW
http://ddanchev.blogspot.com/2012/01/whos-behind-koobface-botnet-osint.html
Thursday, December 15, 2011
50% off on Check Point exam re-takes
To encourage and support your certification goals, Check Point has implemented automatic 50%-off re-takes for the following exams at Pearson VUE
CCSA R71
CCSE R71
VSX
CCEPE
CCSA R75 (coming soon)
CCSE R75 (coming soon)
Note: All R70 exams will be retiring on 31 December, 2011
Tuesday, November 15, 2011
Inspecting HTTPS traffic on gateways
INTRODUCTION
In the past, security devices inspecting application content for attack patterns, misuse or malware, had been blind to encrypted traffic and due to this encrypted protocols like Hypertext Transfer Protocol Secure (HTTPS) have been a safe method used by attackers to bypass security inspection. Though reverse proxies and Web Server modules have been there for long, but they only inspect incoming traffic i.e. connections made to protected web servers in the organization. Inspecting outgoing traffic or traffic of connections made by users to outside world servers, not protected by the device, had been on the wish lists. Devices these days come with the capability to inspect Secure Sockets Layer (SSL) based outgoing traffic, however there are some concerns enabling such kind of inspection. In this article we cover some basics of SSL, the challenges in inspecting SSL traffic, and also see how Check Point's HTTPS Inspection feature starting from R75.20 is able to inspect HTTPS traffic at the gateway. After reading this article you will know the pros and cons of enabling SSL inspection on a gateway.
Read further or download the entire document in PDF format below:
Inspecting HTTPS Traffic on Gateways
Friday, May 27, 2011
SPG - informal meeting
Security Professional's Group (SPG) is having an informal bar meet on Sunday 29th May '11. If you are interested, send in your mobile no. to spg@ksecure.net
Thursday, March 31, 2011
Saturday, February 26, 2011
Hackers meet at Nullcon 2, GOA
Heard of Black Hat, White Hat and also Gray Hat but what does this Brown Hat??
Does it mean the chief of all the hats? or something else??
Had a great time at GOA and the second Nullcon conference in Feb 2011.
2.4 Million email account passwords leaked
Have you ever entered your email account password on some sites like social networking, contact management, birthdates management or may be email marketing? Well the site you used could be legitimate, but how good is their security?? Are they collecting your password or redirecting to a login page on the email server?
Hackers have got 2.4 million email account passwords of gmail, hotmail, yahoo, live etc. The no. is expected to go up to 24 mil soon and as this is not likely to be the result of compromising all the providers at a go, hence it seems to be data from 3rd party sites in possession of the password. If you like to see if you are one of the victims, you can check your email id here - http://dhamaka.nullcon.net
Hackers have got 2.4 million email account passwords of gmail, hotmail, yahoo, live etc. The no. is expected to go up to 24 mil soon and as this is not likely to be the result of compromising all the providers at a go, hence it seems to be data from 3rd party sites in possession of the password. If you like to see if you are one of the victims, you can check your email id here - http://dhamaka.nullcon.net
Subscribe to:
Posts (Atom)
Posts
