Infosec

APT1 Exposing One of China’s Cyber Espionage Units [PDF]

http://intelreport.mandiant.com/Mandiant_APT1_Report.pdf report from a computer security company that links Chinese hack group APT1 to China’s government [Army] ————— aPt1 is believed to be the 2nd Bureau of the People’s Liberation army (PLa) General staff Department’s (GsD) 3rd Department (总参三部二局), which is most commonly known by its Military unit Cover Designator (MuCD) as unit 61398 (61398部队) —————

APT1 Exposing One of China’s Cyber Espionage Units [PDF]

http://intelreport.mandiant.com/Mandiant_APT1_Report.pdf report from a computer security company that links Chinese hack group APT1 to China’s government [Army] ————— aPt1 is believed to be the 2nd Bureau of the People’s Liberation army (PLa) General staff Department’s (GsD) 3rd Department (总参三部二局), which is most commonly known by its Military unit Cover Designator (MuCD) as unit 61398 (61398部队) —————

http://csrc.nist.gov/publications/nistpubs/800-92/SP800-92.pdf

http://csrc.nist.gov/publications/nistpubs/800-92/SP800-92.pdf Guide to Computer Security - Log Management, NIST Publication 800-92 (SEP-2006) / Describes enterprise log management, collection & analysis from policy and technology perspectives.

http://csrc.nist.gov/publications/nistpubs/800-92/SP800-92.pdf

http://csrc.nist.gov/publications/nistpubs/800-92/SP800-92.pdf Guide to Computer Security - Log Management, NIST Publication 800-92 (SEP-2006) / Describes enterprise log management, collection & analysis from policy and technology perspectives.

JBoss Worm Exploiting Old Bug to Infect Unpatched Servers | threatpost

https://threatpost.com/en_us/blogs/jboss-worm-exploiting-old-bug-infect-unpatched-servers-102111 Worm uses bug in jmx-console to execute shell code, then it installs perl-based control daemon that connects to IRS, and tries to discover other JBoss’es near by by using jgroups UDP multicast. Here is more details, including the source code http://pastebin.com/U7fPMxet

JBoss Worm Exploiting Old Bug to Infect Unpatched Servers | threatpost

https://threatpost.com/en_us/blogs/jboss-worm-exploiting-old-bug-infect-unpatched-servers-102111 Worm uses bug in jmx-console to execute shell code, then it installs perl-based control daemon that connects to IRS, and tries to discover other JBoss’es near by by using jgroups UDP multicast. Here is more details, including the source code http://pastebin.com/U7fPMxet

BlackHat USA 2011: SSL And The Future Of Authenticity - YouTube

http://www.youtube.com/watch?v=Z7Wl2FW2TcA

BlackHat USA 2011: SSL And The Future Of Authenticity - YouTube

http://www.youtube.com/watch?v=Z7Wl2FW2TcA MOXIE MARLINSPIKE talk at BlackHat USA 2011 about current problems with SSL and CA sustem, and the feature of SSL w/out CAs.

Penetration Testing Policy for Amazon EC2

http://aws.amazon.com/security/penetration-testing/

Penetration Testing Policy for Amazon EC2

http://aws.amazon.com/security/penetration-testing/ read this if you need to conduct pen and security testing on / from EC2 instances