A new tool has been released (version 0.1) today on code.google.com: OpenDLP. “DLP”, “Data Loss Protection” or “Data Leak Protection”, a buzz-word! Even if the problem is real and critical for some organizations, my opinion is the following: Instead of spending money in expensive solutions (and DLP solutions ARE expensive!),
Tag: Security
Remote Nmap Scanning with Zenmap
I’m not going to insult you by describing the tool Nmap. This is probably the best scanner available on the Internet. Not because it is often used in movies, but just because it does an excellent job! Nmap has plenty of options. So much that reading the Nmap book is
Message to Web Developers: OWASP Top10 2010 is Out!
If you are not aware of this news, OWASP released yesterday its annual Top-10 Web Application Vulnerability Risks. I won’t list them again here, lot of security bloggers already did it in the next hours following the official press release. Instead, I checked if the news was also relayed by
BlackHat Briefings Day #2
Second briefings day always in Barcelona. For the first talks of the day, I decided in last minute to change my wishlist. I attended the presentation of Thai Duong and Juliano Rizzo called “Practical crypto attacks against web applications“. Their started from a common error in security: “encryption is not
BlackHat Briefings Day #1
After two days of intensive training with SensePost (“Hacking by Numbers”), the briefings started today. Jeff Moss opened the keynote session with fresh information about the conference. First, the number of registrations increased (+100) compared to the last year. This is a good news! The crisis did not affect the
Belgian Citizens Ready to Sacrifice Some Privacy?
From time to time, surveys reveal human behavior that are scary. On 2008, a survey revealed that woman love chocolate more than password security. I just read another one on a Belgian news website: To stay safe, the Belgian citizen is ready to sacrifice some of his privacy! (Source: rtbf.be
My BlackHat Wishlist
Like I wrote yesterday, the next Black Hat conference will start in less than 2 days now. The two first days will be dedicated to trainings. The briefings (or talks) are scheduled during the two remaining days. The schedule has been published and it’s now time to make some (difficult)
Help Your Laptop to Survive a Security Conference
BlackHat Europe is at our doors! I’ll flight to Barcelona on Sunday evening. Just enough time (amongst other things) to prepare my laptop against the “Jungle”. Today, you can’t attend a security conference without a laptop and some Internet connectivity. To take notes, to visit websites reported during talks, to
My First Visit @ FIC2010
I’m back from Lille (France) where was organized the 4th edition of “FIC” – “Forum International sur la Cybercriminalité” – during two days. This was my first edition and I was pleasantly surprised: I was a bit afraid to attend an event organized in France for French speaking people about
Detecting Fraud with OSSEC
For a while, it looks that “Fraud detection” is a hot-topic for many SIEM vendors (“Security Information and Event Management“). Recent presentations or webcasts I attended had always some time dedicated to “fraud”! The vendors can’t be blamed to find new opportunities to sell their products. Today they are solutions