In my last post, I gave some inputs about the implementation of basic security. It can be increased by following simple rules and procedures. This was purely theoretical. So, I decided to continue on this topic and show you how basic security checks can be implemented without spending too much
Tag: Security
“LulzSec vs The Sun”, a Case Study?
Lot of media (and not even those related to info security) reported this story today: LulzSec is back! Their last victim was the well-known English newspaper: the Sun. They redirected the site to a fake page which announced the death of Rupert Murdoch. When reading this kind of news, our
Suspicious WordPress Plugins Scan
Here is an interesting example I would like to share with you. It proves how log management is important. If you read my blog, you already know that I’m addicted to logs. They can be very useful to trace incidents or suspicious activities. Today I received several alerts from my
Dropbox? gpgdir to the Rescue!
During the last months, Dropbox, the well-known synchronization tool, was hit by bad stories. First, they changed their EULA (“End User License Agreement“) which clearly stated that Dropbox employees could access your files in case of very specific cases like law enforcement procedures. I always blogged about this. Then, researchers
Is Security Looping Permanently Like Fashion?
Just a small reflection about the current Lulzsec stories… They’re staying on top of news for a few weeks by successfully breaking in big organizations like Sony, the CIA, the US Senate and much more. They released thousands of stolen credentials… They posted a manifesto and admitted that, performing hacking
Hack in Paris 2011 Wrap-Up
Yesterday, I went to Disneyland Paris! Not for a family trip but to attend a security conference. Great place isn’t it? Everybody knows the Disney park but the nearby hotels propose facilities to organize events. That’s what did Sysdream, the organizer of Hack in Paris 2011. I left home very
June ’11 OWASP Belgium Meeting Wrap-up
Back from the latest OWASP Belgium Chapter meeting… Two speakers were scheduled tonight: Colin Watson presented the OWASP AppSensor project then Andreas Falkenberg talked about modern attacks against web services like Twitter. A last-minute guest joined us: Josh Corman who spoke about “rugged software“. What’s new at OWASP? First OWASP
Will Security Researchers Need a License to kill?
The European Commission is capable of the worst as best ideas! A few days ago, they announced the imminent setup of a CERT (“Computer Emergency Response Team”) to protect the institutions, agencies and bodies against cyber-attacks. Good idea! But, a few days ago, a press-release announced that Justice Ministers, who
Review: BT4: Assuring Security by Penetration Testing
If you are working in the “information security” field, you must know the BackTrack distribution (otherwise you must be an alien coming from a far away planet!). If you search for the word “backtrack” on Amazon, you will find lot of references but only one book is fully dedicated to
PH-Neutral, My First and Last One
I’m writing the final touch of my PH-Neutral wrap-up from the Berlin airport waiting for my flight back to Belgium. The 0x7DB edition was the first time for me but also the latest one as FX, the founder, decided to not organize the event next year. A page is over!