Posted by Jaime Raphael Licauco, CISSP, GSEC on March 6, 2011
Check out the ROOTCON 5 page here, and the Top 10 Reasons to Attend ROOTCON 5.
The Call For Papers has also officially opened and you can check out the CFP Guidelines Here.
Aside from the presentations, I’m sure there will be a lot of great networking going on (pun intended) since ROOTCON has already garnered a following and Cebu has a lot of software developers… and we all know one needs to know how to code to graduate from script-kiddie hood 
Posted in conferences, seminars | Tagged: cebu, conference, hacking, rootcon | 3 Comments »
Posted by Jaime Raphael Licauco, CISSP, GSEC on February 6, 2011
I just recently went through a great, albeit difficult, Malware Analysis course. It was very informative and it stretched my ability to understand and follow. The usual DISCLAIMER applies: use the tools at your own risk and your own malware.
Here are some of the free tools we used (and there are a lot of free tools available):
We first installed Virtual Box
Then used the following for Surface Analysis:
Hash Analysis – HashTab (free for personal or private use)
File Type Analysis – TrID
String Analysis – BinText and Sysinternals’ String.exe
Binary Editor – HxD
Pack Analysis – CFF Explorer
Runtime Analysis:
Sysinternals’ Process Explorer
regshot
WinPcap
Wireshark
Sysinternals’ Process Monitor
TCPView
FUndelete (Sysinternals’ old software)
Autoruns
ADSSpy
Static Analysis:
IDA Pro Free
MSDN Library
OllyDbg Version 1
Immunity Debugger
Python 2.5
Practical Malware Analysis PDF by Kris Kendall from BH 07
PenTestIT’s Atool (I’ve never used this but you may want to check it out)
Malware Analysis Tools – from the SANS diary of 2006
Malware Analysis for Fun and Profit PDF
Malware Analysis Presentation from HK’s Professional InfoSec Association
Posted in Malware Analysis, tools | Tagged: analysis, malware, tools | 2 Comments »
Posted by Jaime Raphael Licauco, CISSP, GSEC on January 11, 2011
The Ministry of Economy, Trade, and Industry of Japan (METI) will hold a free, half-day, “Seminar on Information Security within Firms”. The seminar is being held to emphasize the importance of information security measures in increasing business, especially within Japanese firms. The intended audience is government personnel, personnel from local business, and personnel from Japanese firms operating in the Philippines.
Event Title: Seminar on Information Security within Firms
Venue: EDSA Shangri-La
Date: January 26, 2011 (Wednesday)
Time: 2PM to 6PM
Organizers: Ministry of Economy, Trade, and Industry of Japan, Mitsubishi Research Institute
Coordinator: Philippine Computer Emergency Response Team
For more information, kindly e-mail:litoa@phcert.org with the following info:
- Name
- Title
- Company
Attendees will be accepted on a first-come, first-served basis, and seats are limited.
Posted in Philippines, seminars | Tagged: METI, seminars | Leave a Comment »
Posted by Jaime Raphael Licauco, CISSP, GSEC on June 27, 2010
Because every Windows machine ought to have some form of Anti-Malware
Version 1.0
June 27, 2010
One of the most common questions I get asked when someone finds out I work in Information Security is, “What is the best anti-virus?” And my answer has always been, “It depends on your criteria….” There really isn’t a good definitive answer for that, especially since threats come out every hour and virus writers and their anti-virus counterparts are stuck in this whole cat and mouse game… in other words, at a certain point in time, you can say one product is better than another, but then what about in the next few hours? Also remember that Anti-Malware (as Google and a lot of other companies out there) can’t protect you from all the bad stuff out there, especially if its a targeted persistent attack. It’s but a layer of protection and won’t protect you from all attacks.
Sites that rank anti-virus products or sites that test files for viruses are the following:
Virus Total
European Expert Group for IT-Security
AV-Comparatives.org
AV-Test GmbH
Virus Bulletin
Top Ten Reviews: AntiVirus Software
One other common question I get asked is, “Can I protect my computer using free software?” And my answer would be, “You can reasonably protect a home PC using free tools as long as you practice good computer use habits (i.e. don’t surf high risk sites, be suspect of file attachments, not run in Admin, etc) and you use layers of defense.”
Avira AntiVir Personal – FREE Antivirus
avast! Free Anti Virus
AVG Antivirus Free Edition 9.0
Microsoft Security Essentials
Panda Cloud Antivirus
There are other anti-malware out there, however they are online only or don’t get high marks in some reviews. I’ll eventually include them here.
Also check out the NIST.org site on Free Anti-Malware
and PC World’s great, though dated, article on 15 Great, Free Privacy Downloads
Note: This will be a work in progress and I intend to have a page dedicated to free Anti-Malware and other Free Home User Security Software.
Posted in Anti-Malware, Free | 9 Comments »
Posted by Jaime Raphael Licauco, CISSP, GSEC on March 24, 2010
Updated the Blogs/Personal Websites Page and added Social Media Security, Qualys’ The Laws of Vulnerabilities and The RSA Blog and Podcast Speaking of Security.
Since I had no better page to put it, I included the site Cryptome to the White Papers and References Page. Also added to that page is Team Cymru’s Reading Room and The Register’s Whitepapers and tech resources.
In case you aren’t familiar with Cryptome, they publish leaked customer privacy policies of corporations like Google, Microsoft, etc.
Team Cymru describes themselves as, “an Illinois non-profit and a US Federal 501(c)3 organization. We are a group of technologists passionate about making the Internet more secure and dedicated to that goal.”
Posted in Site News | Tagged: Site News | Leave a Comment »
Posted by Jaime Raphael Licauco, CISSP, GSEC on February 11, 2010
PWC Global state of information security survey
Survey by CIO Magazine, CSO Magazine and PwC
Structure is as follows:
I. Spending: A decline in growth rate – but a manifestly reluctant one
Finding #1
The economic downturn has shaken up the normal roster of leading drivers of information security spending—and very nearly jumped to the top of the list.
Finding #2
Not surprisingly, security spending is under pressure. Most executives are eyeing strategies to cancel, defer or downsize
security-related initiatives.
Finding #3
Yet far fewer executives are actually “cutting security back”. And among the half or less that are taking action, most are taking the
least dramatic response.
II. Impacts of the downturn: Rising pressure amid evidence of gains
Finding #4
Although given a reprieve, of sorts, from the budget knife, the information security function is under pressure to “perform”.
Finding #5
After years of “thinking differently”, business and IT leaders may be starting to think like each other.
Finding #6
Companies have made strong advances in several critical arenas over the last 12 months including strategy, assessment and
compliance as well as people and organization.
III. New trends: What this year’s decision-makers are focusing on
Finding #7
After years in the limelight, protecting data elements is now a top priority—arguably—at the most critical time.
Finding #8
Companies are beginning to focus acutely on the risks associated with social networking.
Finding #9
While IT asset virtualization is a growing priority, only one out of every two respondents believes that it improves information security.
IV. Global shifts: South America steps out – while China takes the lead
Finding #10
With more mature security practices than any other regions of the world, North America eases up on investment—unlike Asia, which
relentlessly presses ahead.
Finding #11
South America achieves major, double-digit advances in security practices—bypassing Europe at a breathless clip.
Finding #12
As China muscles its way through the economic downturn, its security capabilities have stepped nimbly ahead of India’s—in a
dramatic shift from last year’s trend—and, in the same one-year sweep, ahead of those in the US and most of the world.
Download the full report here.
Sophos Security Threat Report 2010
Structure is as follows:
Social media
- Battle lines are drawn
- Why businesses are concerned
- Koobface
- The Mikeyy Mooney worms
- Also a “localized” problem
- Emerging vectors for social networking attacks
- How to mitigate the risk
Data loss and encryption
- Data leaks lead to broken businesses
- Preventing data loss
Web threats
- The web remains the biggest vehicle for malware
- Fake AV and SEO malware stir up trouble
- Reducing web risks
Email threats
- Email malware is far from dead
Spam
- How spam spreads
- IM and social networking spam
- Other forms of spam
Malware trends
- Malware: A money-making machine
- Adobe Reader is a key malware target
- Conficker worm gains notoriety in 2009
- Other malware vehicles
Windows 7
- New platforms, new challenges
- Windows 7 security features
Apple Macs
- Soft but significant targets
Mobile devices
- BlackBerry malware
- iPhone malware
- Google Android, Palm Pre and Nokia Maemo
Cybercrime
- The cybercrime economy
- Partnerka: Criminal affiliate networks
- Timeline of cybercrime incidents, arrests and sentencings in 2009
Cyberwar and cyberterror
- Government involvement in cyberwar in 2009
The future: What does 2010 hold?
References
Posted in Annual Security Reports | Leave a Comment »
