Fatma Bazargan’s blog


Various # 09 – 105
May 5, 2009, 12:07 pm
Filed under: Security

 

mouse

Couple of interesting snippets for today…

 

I just came across a wonderful website called Wepawet. Interestingly, Wepawet is a service for detecting and analyzing web-based malware and it currently handles Flash, Java Script and PDF Files. So now you wont need to think twice about clicking a website and opening a file that you feel is malicious just take sometime test it and you are good to go. Simply the things you can do is…

 

Determine if a page or file is malicious

wepawet runs various analyses on the URLs or files that you submit. At the end of the analysis phase, it tells you whether the resource is malicious or benign and provides you with information that helps you understand why it was classified in a way or the other.

 

Analyze a malicious resource

wepawet displays various pieces of information that greatly simplify the manual analysis and understanding of the behavior of malicious samples. For example, it gives access to the unobfuscated malicious code used in an attack. It also collects the URLs accessed by a sample.

 

Identify the attacks launched by a malicious resource

wepawet does not just tell you that a resource is malicious, it also shows you the exact vulnerability (or, more likely, the vulnerabilities) that are exploited during an attack.

 

There is an interesting entry from Lori about the Real Meaning of Cloud Security, how to distinguish “cloud security” from “cloud-based security”. The former is about securing the cloud and its infrastructure, the latter about services hosted in a cloud environment. He goes then on talking about Cloud Security in particular.   

 

For all those who will be attending the 21st Annual FIRST Conference in Japan to be held from 28th June to 3rd of July, here you can find some very interesting podcasts prior to the event. In addition, FIRST has announced that those who hold CISSP, CISA, CISM and CGEIT will have an opportunity to earn CPEs if they attend the FIRST conference. Other than that if you are a Twitter person then you can follow them at firstdotorg for latest updates.

 

Talking about training courses, now that we all know that Virtualization is one of the must-know hot topics when it comes to information security, SANS have introduced a new course called Virtualization Security and Operations SEC557. As mentioned by SANS, the course aims to provide a firm foundation for all aspects of virtualization technology, covering the hosts, guests, networks, and management components. When students leave this class, they’ll have all the tools they need to properly secure their virtual environments and maintain their desired security and compliance posture.

 

Finally, Bill gives some Career Advice for Security Geeks.

 

 

That’s all for now. Enjoy!

Fatma.

 

Advertisements

7 Comments so far
Leave a comment

salaam Fatma,
Thanks for the useful info. Wepawet definitly souds like something we have to look into and try out.

hey by the way, I have an interesting file would like you to read. I hope you you find it useful 🙂 .

http://i.i.com.com/cnwk.1d/html/itp/Sophos_non_windows_wpus.pdf

Comment by Abdulla Abbas

thanks for the article “Career Advice for security Geeks” it taught me many things to put into consideration.

Comment by Abdulla Abbas

Email threats such as spam are well known, but there’s another major entry point into your network, the Web! As companies have become more adept at stopping email threats, cyber-criminals have discovered new ways to infiltrate corporate networks through the Internet. Uncover the newest Web-based threats targeting businesses and learn how to stop them before they can disrupt your business. This white paper discusses how cyber-criminals use converged threats (email and wWeb combined attacks) to manipulate users and gain access to networks. In this whitepaper you’ll also learn about the newest security tactics for combating these Web-based attacks.

“Article taken from http://www.zdnet.com (security section)”

http://i.zdnet.com/whitepapers/MessageLabs_US_WP_NewWebThreats2009.pdf

In addition, I’ve finally created my own blog, but its not yet ready I’m still editing it and adding resources. So I wont advice you to check it out now its very ugly as of now lol.

ciao
🙂

Comment by Abdulla Abbas

Botnet master hits the kill switch, takes down 100,000 PCs
http://arstechnica.com/security/news/2009/05/zeus-botnet-hits-the-kill-switch-takes-down-100000-pcs.ars

Comment by abdulla abbas

Hi there again,

I found this interesting article about a very critical Vulnerability discovered in the latest firefox 3.5. the problem resides in its Just-in-Time (JIT) JavaScript compiler, where an attacker can infect the machine of a victim duped into visiting a malicious Web page.

enter the link below to read more about the problem and ways to protect yourself against it.

http://www.darkreading.com/security/vulnerabilities/showArticle.jhtml?articleID=218500758&subSection=Vulnerabilities+and+threats

ciao

Comment by cobra

Ahlan wasahlan Fatma..

Bounced into your blog while browsing through Linkedin – great to see you on the net and that you’re doing well. All the best.

Bruce
http://www.linkedin.com/in/brucedsena

Comment by Bruce D'Sena

Abdulla: thanks for passing by I will post something soon. Just been busy with the new career.

Bruce: many thanks for passing by 🙂

Comment by Bazargan




Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s



%d bloggers like this: