Hack In The Box (or “HITB“) is a well known community on the security landscape which defines itself as “a single place, or community, on the Internet where people and corporations can go to find security information and the latest news from the underground and computer technology sectors“. HITB maintains
Tag: Security
Increase your Surf Privacy with IPFuck
The debate is ongoing for a while and has partisans on both sides: Can an IP address be considered as private data? Europe said yes and the “fight” between privacy protectors and authorities is still present. Having your IP address considered as private from a legal point of view or
Identification is not Authentication
I received a notification from my bank about the availability of my new credit card. This morning, I went to my local agency to pick it up. Because I don’t receive a new credit card every six months, I always discover the new procedure implemented by my bank. This time,
Vulnerability Scanner within Nmap
Port and vulnerability scanners are common tools used by good as bad guys. Performing a port scanning is one of the first operations required to find potential vulnerabilities on a target system. That’s why vulnerability scanners have built-in port scanners. Writing a port scanner is really easy with a few
OWASP Belgium Chapter Meeting Wrap Up
I’m back from the latest OWASP Belgium Chapter meeting. Belgium is a small country with lot of political issues (off-topic here 😉 ) but also a great electronic identify card or “eID“. Almost all Belgian citizens have an eID for a while (8.2 millions of cards have been delivered up
ISACA-BE Round Table: the Impact of Cloud Computing
“Cloud computing”… A buzz word for a while now! It’s a fact that security professionals will face, one day or another, a situation where the company applications and data will be hosted “in the cloud” and whatever your activity is! (auditor, system admin, investigator, etc). This evening, the ISACA Belgium
Detecting Rogue Gateways on a LAN
There was an interesting thread on the pentest@securityfocus.com mailing list a few days ago. A member asked how to detect illegal or “rogue” gateways in a big international organization. Rogue devices can be seen from different point of views. For the network administrators or the security auditors, it’s really a
ISSA-Be Chapter Wrap Up: Cybercrime
I’m back from the last ISSA-Be meeting held in the Verizon offices in Leuven. Today’s topic was “Cybercrime: The actors, their actions, and what they’re after“. The speaker was Matthijs van der Wel, EMEA, manager of Verizon Business’ Forensics practice, who contributed to the Data Breach Investigation Report. The talk
Strong Passwords for Dummies?
User authentication… If there is a long and never ending story, it is definitively this one! All of us have plenty of passwords to write on post-its keep in mind. They are several ways to increase the user authentication safety. By forcing very difficult passwords and learn them, by using
Belnet Security Conference Wrap up
I’m back from the second edition of the Belnet Security Conference organized today in Brussels. Belnet is the “Belgian National Research Network“. In other words, this is the federal organization which connects universities, governments infrastructures, schools to the Internet using high-speed pipes. Since the beginning of 2010, they also extended