Fatma Bazargan’s blog

Various # 09 – 105
May 5, 2009, 12:07 pm
Filed under: Security



Couple of interesting snippets for today…


I just came across a wonderful website called Wepawet. Interestingly, Wepawet is a service for detecting and analyzing web-based malware and it currently handles Flash, Java Script and PDF Files. So now you wont need to think twice about clicking a website and opening a file that you feel is malicious just take sometime test it and you are good to go. Simply the things you can do is…


Determine if a page or file is malicious

wepawet runs various analyses on the URLs or files that you submit. At the end of the analysis phase, it tells you whether the resource is malicious or benign and provides you with information that helps you understand why it was classified in a way or the other.


Analyze a malicious resource

wepawet displays various pieces of information that greatly simplify the manual analysis and understanding of the behavior of malicious samples. For example, it gives access to the unobfuscated malicious code used in an attack. It also collects the URLs accessed by a sample.


Identify the attacks launched by a malicious resource

wepawet does not just tell you that a resource is malicious, it also shows you the exact vulnerability (or, more likely, the vulnerabilities) that are exploited during an attack.


There is an interesting entry from Lori about the Real Meaning of Cloud Security, how to distinguish “cloud security” from “cloud-based security”. The former is about securing the cloud and its infrastructure, the latter about services hosted in a cloud environment. He goes then on talking about Cloud Security in particular.   


For all those who will be attending the 21st Annual FIRST Conference in Japan to be held from 28th June to 3rd of July, here you can find some very interesting podcasts prior to the event. In addition, FIRST has announced that those who hold CISSP, CISA, CISM and CGEIT will have an opportunity to earn CPEs if they attend the FIRST conference. Other than that if you are a Twitter person then you can follow them at firstdotorg for latest updates.


Talking about training courses, now that we all know that Virtualization is one of the must-know hot topics when it comes to information security, SANS have introduced a new course called Virtualization Security and Operations SEC557. As mentioned by SANS, the course aims to provide a firm foundation for all aspects of virtualization technology, covering the hosts, guests, networks, and management components. When students leave this class, they’ll have all the tools they need to properly secure their virtual environments and maintain their desired security and compliance posture.


Finally, Bill gives some Career Advice for Security Geeks.



That’s all for now. Enjoy!