I remember this evening… More than two years ago, at RSA Europe, I was sitting in the hotel bar with my friends Craig Balding and Brian Honan talking about everything and nothing. Which topic was at the source of this? It’s too old but I had the idea to register
BlackHat Europe 2012 Day #3 Wrap-Up
And this is already the last day! My first choice for today was the talk of Andrey Belenko and Dmitry Sklyarov: “Secure Password Managers” and “Military-Grade Encryption” on Smartphones: Oh Really?. They presented their research about the security of keyword managers on smartphones. It’s recommended to not use the same password
BlackHat Europe 2012 Day #2 Wrap-Up
And I’m back with my wrap-up for the second day. Here are a review of the talks I followed today. Rafal Los and Shane MacDougall spoke about “offensive threat modeling on its head“. Threat modeling primer: analysis for defensive purpose. The goal is to develop countermeasures. In what offensive threat modeling
BlackHat Europe 2012 Day #1 Wrap-Up
BlackHat is back in Europe and, this year, they moved back to Amsterdam! This edition also introduced a new format: A three-days conference with three simultaneous tracks. Three trainings are organized, one per day. From my personal point of view, it does not impact me. But people attending a training
March 2012 ISSA-Be Chapter Meeting Wrap-Up
This week is a very busy week! After the OWASP & Beltug meetings, I attended the ISSA Brussels Chapter Meeting tonight. Two excellent speakers (and friends) were invited to talk about their favorite topics. Peter from the Corelan Team talked about “Memory Corruption in the Win32 world” (or “2012.eip=0x41414141“). Didier
Social Networks: The Good and The Bad
Yesterday, I gave a presentation for the Beltug Security SIG (“Special Interest Group“) about the usage of social networks in companies, the risks associated to them and how to reduce/avoid them. Social Networks are wonderful tools to promote your company or brand but can also generate some horror stories! Nobody
March 2012 OWASP Belgium Chapter Meeting Wrap-Up
Tonight was already organized the second OWASP Belgium Chapter meeting of this year. Two great (should I say “as usual”?) speakers were invited: Ken van Wyk and Jim Manico. Jim already talked during a chapter meeting last year and I was happy to see it back in our small country.
Ranking People Like Domains or IP Addresses?
Real time events or network traffic analysis is interesting to track suspicious behaviors. And, if you add some external sources of information, you could increase even more the capability of detecting real events. Such ranking sources applies usually to IP addresses and domain names. They are plenty of online resources
Tracking Tweets in your SIEM
My previous post about monitoring pastebin.com within your SIEM gave ideas to some of you. On aftershell.com, you will find a fork of my script to monitor WordPress RSS feeds. If pastebin.com may contain relevant piece of information as well as blogs, do not underestimate the value of social networks!
More Granularity in Your Apache Logs
The Apache Foundation released the new version of their very popular Apache web server. Lot of interesting changes have been introduced in this release. From my point of view (and because it’s one of my favorite topics), a very interesting change is the way Apache handles now its logs. Your