Responding To The Unexpected
This post on SANS ISC mentioned a great presentation of Lenny Zeltser’s talk on “How To Respond To An Unexpected Security Event”
http://isc.sans.org/diary.html?storyid=8470
This post on SANS ISC mentioned a great presentation of Lenny Zeltser’s talk on “How To Respond To An Unexpected Security Event”
http://isc.sans.org/diary.html?storyid=8470
Two part article by SecTechno:
http://www.sectechno.com/2010/02/27/building-your-own-malware-lab-part-1/
http://www.sectechno.com/2010/03/07/building-your-own-malware-lab-part-2/
Here’s a nice article (in German) in Heise Security about analyzing malware:
http://www.heise.de/security/artikel/Malware-auf-der-Spur-940407.html?view=print
nice
http://emergentchaos.com/archives/2008/10/the-only-time-it-makes-sense-to-use-a-pie-chart.html
http://farm3.static.flickr.com/2351/2055396526_1de9a115d0.jpg
Here’s a nice article summarizing things to play with when auditing Citrix or Terminal Server:
http://narkolayev-shlomi.blogspot.com/2010/02/hacking-citrix-and-terminal-server.html
Here’s a video by PaulDotCom showing how to create / delete / execute special files (CON, COMx, LPTx, …) on Windows:
http://vimeo.com/9484706
The list of “2010 CWE/SANS Top 25 Most Dangerous Programming Errors” is out: http://cwe.mitre.org/top25/
Here’s a nice article about toos used for forensics: http://praetorianprefect.com/archives/2009/12/forensics-beverages-aside-a-look-at-incident-response-tools/
Very interesting reading: “Criticism, Cheerleading, and Negativity”: http://al3x.net/2009/12/06/criticism.html
Here’s a nice post detailing implications of using Windows Vista / Windows 7 with the Volume Shadow Copy feature:
http://blog.szynalski.com/2009/11/23/volume-shadow-copy-system-restore/