Security Balancetrying to bring balance to the Force |
 |
A few months after mentioning on his podcast that he wanted to be a Security Evangelist, Martin McKeay was hired by StillSecure for this position. Hey security companies out there, this is my dream job too!
An important thing to say, Martin made it by deserving it. Congratulations. I hope to achieve the same [...]
The SANS ISC diary today is mentioning a javascript function present in today’s browsers called onUnload(). What does it do?
The browser will execute it when the user is leaving that page. Very interesting feature, isn’t it?
Well, not when you start looking with the eyes of security, as the post on the diary [...]
It’s old news, but just now I’ve found time to comment about the MS Security Intelligence Report.
Some things confirmed some of my opinions about the Brazilian security field.
First, banks here are quite more advanced on figthing phishing and malware against their clients than other contries. The report shows that password stealers and key loggers malware [...]
I’ve just read an interesting paper from SIFT about log injection. It just remebered something that I think it’s very interesting, but not very new. I remember a very good presentation from the Sensepost guys in Blach Hat US 2004.
They showed a number of ways to fool people running attack tools against their network. Among [...]
I’ve been away from the blog for a few days (lots of work to do before Black Hat), but I took note of this little article from Dark Reading.
This is a discussion about the value and results of training users. I have mixed feelings about it. I really believe that training users must be part [...]
Finally I’ve found time to write about my new challenge: to speak at the BH Europe!
I’m working on a botnet trends review with André Fucs and Victor Pereira, my old friends in security research. We already built some interesting things to show there, and I hope that some others will be ready for [...]
I’ve just read a very interesting analysis of a new malware on SANS ISC. They’ve found a malware that downloads a password protected zip file from a HTTP location. The contents of this package is encrypted. The malware also uses a certificate to establish SSL connections to the IRC control servers, avoiding detection by network [...]
I am a huge fan of anomany-based detection, instead of using the old and innefective signature-based. I’m always saying that about IDS and antivirus. However, it’s always good to see different opinions and information. I’ve found this article very interesting, as it shows some problems related to anomaly-based detection. It’s a very valuable reading.
I’ve heard last week, on a Executive Board meeting, a CEO complaining about IT budget requests that he was receiving trying to justify the expenses by showing a ROI. He mentioned that almost all were wrong, as they were based on cost avoidance and not cost reduction. Although none of them were related to security, [...]
I really like to work with logs when the subject is security monitoring. In fact, all my Master Thesis is based on log analysis. However, Richard Bejtlich is right about some weaknesses on doing it only based on logs. He is quite right on saying that the absence of logs does not confirm integrity. [...]
