Secure your Twitter account with two-factor authentication now
YIBADA English
News of hacking incidents among social media and millions of users' account credentials being sold online have been making rounds in recent weeks. On Wednesday, 32 million accounts of Twitter users have ... of emails, usernames and passwords ...
32 million Twitter passwords go for sale on the dark web, but Twitter 'not hacked'IT PRO

all 324 news articles »


5 things we learnt at Infosecurity Europe 2016
Infosec was back for another year at London's Olympia. The show was jam-packed with information about the biggest security threats and the latest products and services to help businesses combat them. Here are five interesting things we found out at ...

ESA-2016-062: EMC Data Domain Multiple Vulnerabilities

Cloud Pro

Kickass Torrents adds dark web .onion address
Cloud Pro
Tor Browser news: Kickass Torrents adds dark web .onion address .... "The site was made by a small group of people of different genders, who are tired of Jake victimising and harassing our friends in the infosec and internet freedom communities," it read.


Sometimes students ask me the best way to jump into the security world. I usually compare informationsecurityto medicine: You start with a commonbase (a strongknowledge inIT) thenyou must choose a specialization: auditor, architect, penetrationtester, reverse engineer, incident handler, etc.Basically, those specializations can be grouped in two categories: offensiveand defensive. Many people like the first one because it looks more funny andthe portrait of the hackeras depicted inHollywood moviesis tough! Being involved in a few call for papers for security conferences, I see a clear trend in submissions focusing on offensive security.

If breaking stuff is always nice (playing the red team), being able to defendthem against attackers is also very rewarding (playingthe blue team). So, back to the firststudents question: Which side of the force to choose? I cant answer this question for you! Its a very personal choice based on your feelings but one thing is certain.There is clear overlapping between offensive and defensive security. Why? Here are two examples.

First from a defender perspective. To be able to properly defend your assets, you must know what techniques and tools will use the bad guys against you. This is the principle of Know your enemy!.If youre involved in a security incident, your knowledge ofthe bad side will be very helpful to find how your server was compromised. If youre implementing a solution or writing some code, try to think as a bad guy and ask yourself How would I try to break my setup.

On the other side, from an attacker perspective, you can improve your tasks by using defenders techniques. While performing a pentest, we dont have unlimited time.A good idea is to rely on forensicsinvestigation techniques. Indeed, operating systems like Microsoft Windows are well-known to keep trace of all the user activities in multiple places. It is possible to trace back all the actions performed by a user (which applications he started, the last files opened, network sharesmounted, etc).This is a gold mine for a pentester too. Imagine that you just compromised a computer. Youve your Meterpreter shell ready. And now? To save your time, just check the latest files opened by the victim, there are chances that they will be business related and contain juicy information. Which internal sites he visited? Thats nice targets to pivot!

So, offensive ordefensive security? Choose the one you like but think about both!

Xavier Mertens (@xme)
ISC Handler - Freelance Security Consultant

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.


Finland's F-Secure Lays Code 'Honeypots' To Catch Cybercriminals
The IT security market is very crowded. Along with death and taxes, this is a truth we can pin down irrefutably. London has just played host to its annual InfoSec event and the Olympia conference centre was crammed with over a hundred firms all ...

Internet Storm Center Infocon Status