background preloader

Dark Reading

http://www.darkreading.com/

Related:  Privacyétude slamer

How To Permanently Delete Your Account on Popular Websites - Smashing Magazine Advertisement We all have an increasing number of sites and online services we’re members of, and sometimes it all gets a little overwhelming. At times, we just need to delete our memberships to some sites, either in an effort to simplify our lives or just because we’ve grown tired of a particular site or service. What we often don’t realize when signing up for all these accounts, though, is how difficult it can be to permanently delete our accounts when we’ve had enough. Google's Safe Browsing Diagnostic Tool A week ago Google announced the release of a safe browsing diagnostic tool. To use the tool, just append a URL to the end of For example, to test this site, you would enter Google will then return four sets of security information about that page. (1) The current listing status of a site and also information on how often a site or parts of it were listed in the past. (2) The last time Google analyzed the page, when it was last malicious, what kind of malware Google encountered and so fourth. (3) Did the site facilitated the distribution of malicious software in the past?

Malware Malware Characteristics Initial Infection Vector How did the malware initially get on the system? Some malware may be a secondary or tertiary download, so the IIV may not appear to be related. IIVs can include USB devices, malicious JavaScript in HTML pages, a SQL injection attack, email attachment, etc. Propagation Mechanism How does the malware move about and get on other systems? For secondary and tertiary infections, this may appear to be the IIV. Some means may be USB devices, the use of psexec.exe (or similar code), etc.

Snort Documentation Download The official documentation produced by the Snort team at Sourcefire Snort Setup Guides The following setup guides have been contributed by members of the Snort Community for your use. Comments and questions on these documents should be submitted directly to the author. Authors who want comments and feedback may be emailed by clicking on their names below. If you have a document you’d like to contribute to the Snort community contact us at snort-team@sourcefire.com.

Anonymouse.org AnonWWW Many mice surf the web under the illusion that their actions are private and anonymous. Unfortunately, this is not the way it is. Detect How can you detect if your computer has been violated and infected with DNS Changer? An industry wide team has developed easy “are you infected” web sites. They are a quick way to determine if you are infected with DNS Changer. Each site is designed for any normal computer user to browse to a link, follow the instructions, and see if they might be infected. Each site has instructions in their local languages on the next steps to clean up possible infections.

Yogesh Khatri's forensic blog: Tracking USB First insertion in Event logs The tracking of USB removable disks has been discussed and analyzed in detail with the usual methods of looking at the windows registry for plugged in devices (USBSTOR keys), registry shell bags, SetupApi logs, etc. A while back researching something else I happened to hit upon an artifact not known for this purpose, the 'Windows Event Log'. The first time a USB device is inserted into your windows PC, it is logged in a little obscure log which is maintained for the 'ReadyBoost' functionality. This is only true for Windows Vista and above, as XP did not have ReadyBoost. Windows Registry The GUI control panel is a long-standing feature of Microsoft Windows, facilitating granular changes to a vast collection of system features. It can be disabled via Group Policy but is largely available to most user accounts (administrative permissions are required for some changes). From a forensic perspective, we can audit control panel usage to identify a wide range of user activity:

Chasing APT Author: Joe Stewart, Dell SecureWorks Counter Threat Unit™ Threat IntelligenceDate: 23 July 2012URL: Summary Since February 2011, members of the Dell SecureWorks Counter Threat Unit(TM) (CTU) have been engaged in a project to uncover and track as many elements as possible of the so-called "Advanced Persistent Threat" (APT), the term commonly used to refer to cyber-espionage activity carried out against governments, activists, and industry. "Elements" can be anything that provides a point of information — malware, command and control (C2) domains, hostnames, IP addresses, actors, exploits, targets, tools, tactics, and so on. Even though this project is not (and probably never will be) complete, CTU researchers have learned a great deal about the scope and scale of the threat so far, and the insights have been disturbing. The scale of cyber-espionage

Related:  russgouveiaseguridad