This is probably the breaking news of this weekend on security blogs and websites: mysql.com and other related sites have been compromised! This was disclosed via an e-mail sent to the full-disclosure mailing list (copy here). If you take the time to read the message, you will learn that the
Tag: Security
InfoSecurity.be
Just after BlackHat Europe, InfoSecurity Belgium was organized in Brussels this week. Something completely different: other atmosphere, other people, business oriented. It is the place to be for Belgian people working in information security. To make a rough comparison, suits and ties are at InfoSecurity what t-shirts are at BlackHat.
Are You “NG” Ready?
“Next Generation” or “NG“… Two magic letters used by more and more v€ndor$ to promote new versions of their products… Next Generation firewalls, Next Generation SIEM, Next Generation IDS. They are many examples. Google reports 34M of hits while searching for “next generation security“! In my humble opinion, “next generation”
#BlackHatEU Day-1 Wrap-up
The first day started (too) early with Rafal Los’s (@Wh1t3Rabbit) briefing about “Defying Logic – Theory, Design, and Implementation of Complex Systems for Testing Application Logic“. Rafal explained some techniques not “brand new” but which are really interesting. The goal of application logic testing is to discover what an application
BlackHat Europe 2011
BlackHat stopped in Barcelona for the 2011 European edition. Second time at the same place, the “Palau de Congressos de Catalunya“. Same format as the previous editions: two days of trainings and two days of briefings. Strange, lot of trainings were canceled! Is it due to the crisis and less
BSidesLondon is on its Way!
The first edition of BSides London is moving forward at good speed. The crew of volunteers worked hard and announced today the schedule. During the call for papers, 54 submissions were submitted then registered visitors were invited to vote for their preferred subjects. Fifty-four submissions for the first edition of
Tomahawk, your IDS/Firewall Best Friend
“Tomahawk” is the name of a popular cruise missile developed by General Dynamics in the seventies. But it is also the name of a free tool which helps to stress test security devices like firewalls or IDS. It has been written by Brian Smith from TippingPoint. This is well-known manufacturer
Your Firewall is Stupid!
The title of this post may sound extreme but it describes exactly the story below. Never forget that firewalls (like any other security device or application) is just a tool that must be used in the right way. If you use a drill with the wrong bit, you will miss
Why Physical (Network) Security is Important?
When talking about security, companies often focus on the “security perimeter“. Inside this perimeter, you have the “good” guys and all the rest is considered as the “wild” world, the Internet. Once you passed the access controls, you are free to walk and do what you want. Can you approve
Yeti – Footprinting your Network
“Footprinting” is a technique to gather information about information systems. The goal is to collect as much information as possible and correlate them to build some kind of “business card” of the target. Relevant information are: DNS names, network topologies, software versions, localization and much more. To achieve footprinting, lot