Log in

No account? Create an account

security news and discussion community

Recent Entries

You are viewing the most recent 10 entries

January 26th, 2009

shadow_daz @ 04:37 pm: sec links
after sitting in one of the security web-casts, noted couple of interesting infosec links, which I wanted to share:

  • http://w3af.sourceforge.net/ - Web Application Attack and Audit Framework
  • http://inguardians.com/pubs/articles.html - A bunch of very good published papers by Inguardians
  • http://samurai.inguardians.com/ - Samurai Web Testing Framework
  • http://ethicalhacker.net/ - Ethical Hacker Network
  • http://www.sockpuppet.org/nysec/ - New York Security Forum

    Also, saw recently increase of traffic from the tool written by Romanian (supposedly white-hat) hacker Ghost Kilah, here's a good link to what its been targeting lately:

    Current Music: skryabin
  • October 9th, 2008

    shadow_daz @ 01:03 pm: security certifications
    according to the above article, security certifications proven to increase salary

    "Of the 165 certified skills we survey, only 17 increased in value over last year," said David Foote, the firm's founder and CEO. Included in that handful of skills are several security certifications, such as the Certified Information Systems Security Professional (CISSP) and Certified Information Security Manager (CISM).

    In fact, seven of the 17 certifications that increased in value were from the security sector, with those who had earned the GIAC Security Expert (GSE) certification posting a whopping 36.4% average salary increase during the last 12 months: the largest salary growth of any certified professional. Overall, pay for security certifications was up 0.4% during the last six months and 2% during the last year (through July 1, 2008), compared with the downward trend of all IT certifications, which lost 2.5% during the last six months and 3.5% during the past year..."

    very good


    October 6th, 2008

    shadow_daz @ 12:54 pm: daily security resources
    Here's a list of the latest security related resources that I visit on daily basis:

  • EmeringThreats - security news, IDS signature updates
  • DarkNet.co.uk - security news, tools reviews, etc.
  • BreachBlog - Blog about the latest sites compromised recently
  • cybercrime.gov - Officially reported hacks
  • gnucitizen.org - PDP blog, very interesting

    and in the end of the post, here's a good list of papers to read from Dave Aitel's (Immunity)

  • September 23rd, 2008

    shadow_daz @ 02:03 pm: Information Security events - Calendars
    Came across list of info sec events and calendars.
    Thought it might be interesting to post it here:

  • Information Security Conferences calendar
  • Compilcation of InfoSec Events from HoH
  • InfoSec Diary
  • InfoSecEvents.net
  • September 2008 Security Conferences from Virtually Informed for 2008

    Current Location: work
    Current Mood: calmcalm
  • August 7th, 2008

    shadow_daz @ 11:53 am: security conferences
    a couple of words about security conferences

  • The Last HOPE - HOPE (Hackers On Planet Earth), just recently went to this conference in July. Loved it. the NextHOPE is on 2010, which is in 2 years. Conference location: New York City. Time: July.
  • ShmooCon - Security Conference in Washington DC area. Have not been to this one, but from what I heard a really good one as well. Planning on going to the next one. Time: February.
  • USENIX WOOT - Smaller security conference in San Diego area. Many papers on the web-site.
  • BlackHat - One of the most popular security conference. Held twice a year, one in Las Vegas (USA) and the other one in Europe. Time: August (each year). Just recently went to the training held by them.
  • DefCon - DefCon is probably the most popular security conference. Location: Las Vegas. Time: August (each year).

    There are more of course, these ones are just the ones I know of so far.

  • shadow_daz @ 11:17 am: back
    aaand half a year later I am back.
    now that I actually work in InfoSec field, and I deal with security much more than earlier, I realize that news is of course a nessesty but there's just too much of companies that do much better job than I would.
    Although I am going to post occasional news here, I am thinking of putting useful security links here.
    I am using Firefox 3 on MAC and its a hassle keeping all bookmarks together. GoogleBookmarks don't work for MAC and if anyone has any suggestions, I'll definitely can use them.

    So, a bunch of links for today's post:

  • UnprotectedHEX - sec blog
  • SmashtheStack - Wargaming network
  • EmergingThreats - Sec blog; Signature/Rule development site
  • Milw0rm - this site does not need introduction, one of the most popular for the new exploits hosting sites ever.
  • Penetration testing Framework - most extensive site I have seen on PenTesting
  • ip2location my favorite IP to location resolver, to my knowledge most accurate.

    and in the end, some strawberrys:
    SEXY HACKING - might be NSFW ;) depends were you work.

    untill next time

    Current Music: Tartak
  • November 30th, 2007

    shadow_daz @ 07:43 am: the somewhat irregular update
    Havn't had much time to update recently, but here are couple of articles that interested me lately:

  • 'Crackstation' Uses Game Console for Hacking - very interesting idea to use PS3's for cracking. Next project, I suppose would be to organize PS3's into clusters and multiply the speed by the number of consoles.

  • Skype crypto stumps German cops - not an easy job decrypting Skype traffic =)

    Thats it for now

  • Powered by LiveJournal.com