Weekly Rewind – d0x3d!, MASTIFF, ShmooCon Epilogue & More…

Welcome to another edition of our Weekly Rewind – where we summarize all our posts from the last week. The top stories this week were 3) “NovaHackers ShmooCon Epilogue Videos”, 2) “MASTIFF Analysis of APT1”, and 1) “[d0x3d!] A Board Game for Teaching Non-Techies Computer Security”. If you missed anything or happened to be offline, we hope you find this summary post useful as a quick reference.

A la Schneier … you can also use this rewind post to talk about the security stories in the news that we haven’t covered.

NovaHackers ShmooCon Epilogue Videos: For the second annual 2013 ShmooCon Epilogue after-con the NoVA Hackers Association experimented with streaming the talks live via Google Hangouts. As a result of this all of the content automatically becomes available on YouTube for people to view after the fact. Unfortunately due to nuances of this Hangouts, things didn’t go as planned and instead of one contiguous video they actually have five. The good news is that as far as we can tell all the talks were captured! (continued here)

[d0x3d!] – A Board Game for Teaching Non-Techies Computer Security: Looking for a fun way to teach basic computer security concepts and terminology to non-techies? Yeah, you have “Control-Alt-Hack” that we covered before but this one, called [d0x3d!], is open-source and freely available for all. Inspired by the 2010 game Forbidden Island, it also introduces attack and defend mechanics and other basic computer security constructs. Head on over to their GitHub repository and download all the materials required to play. For those that would like the game in a professionally produced boxed format, you can order it for only $25 from the TheGameCrafter.com.  Have you ever played this game and have some comments on it? Know of any other similar games like this? Let us know in the comments below. (continued here)

Certifications – P0wning the Necessary Evil with TrainACE: Right on the heals of a spirited debate at RSA in a panel session titled “Information Security Certifications: Do They Still Provide Industry Value?,” we thought we’d add our thoughts as well as let you know of one local training facility that’s helping us out with this sponsored blog post. (continued here)

Surviving RSA & BSidesSF: Unfortunately, we won’t be going to RSA but we’ll be following it closely to see if anything interesting comes about. To start things off Bill Brenner put together a nice survival guide with four key points  for those attending. Got any other advice for those attending RSA/BSidesSF? Let us know in the comments below. (continued here)

ISC2?s GISWS Right in Time for RSA Conference: For the sixth straight year (ISC)2 has released its Global Information Security Workforce Study (GISWS) based on surveys completed by over 12,000 security professionals. As expected the big take-away is that there is a huge shortage of information security professionals, especially for those in the highly-selective government sector. The advice … get them while they’re young so they don’t get led astray. Any comments on the key takeaways? Let us know in the comments below.  (continued here)

Subscribe to Our Daily & Weekly Email Digests!: There’s a certain part of the community out there that lives on Twitter, Facebook, and LinkedIn and we try to push our content out to as many of those sites as possible. However there is a certain group of infosec professionals that run it old school style and live or die by their inboxes. With that in mind we would like to introduce our new Daily and Weekly blog post email digests. You can choose to receive a daily email to your inbox with all our blog posts, or a weekly digest recapping that week’s articles. Are there any features you would like to see in our Newsletter? Let us know in the comments below. (continued here)

Despite JavaScript Roots, Mozilla PDF Reader Shows Promise: Last week Mozilla announced that Firefox 19 will include a JavaScript-based PDF viewer. According to the article, you’ll soon be able to rid yourself of the vulnerability laden Adobe Reader software. We don’t see this happening though as you’ll still need it for local PDF files but we think it’s an excellent step in the right direction for most of what people work with. Yeah, it will have vulnerabilities too based on it’s HTML5 and JavaScript roots however at least it’s open source. What do you think about the Mozilla PDF reader? Post your comments below. (continued here)

MASTIFF Analysis of APT1: While there are many tools and resources for performing automated dynamic analysis on malware samples there are few that focus on automation of static analysis. At Shmoocon this year we were please to find that there is a project focused on this specifically called MASTIFF. (continued here)

Searching for Write-Protected Thumb Drives: You remember years ago when the first USB thumb drives came out? If you were lucky, you’d pick up one with a whole 10M capacity. As the years progressed, the capacity gradually increased to today where you can actually buy thumb drives that hold 1TB or more of data. But one of the things that I’m a little reminiscent about from the old days was that practically every thumb drive sold came with a physical write-protect switch. Somewhere along the line this great feature disappeared … probably because the average user doesn’t really have a need for that function however for those of us in the security field it’s a definite must. Have any other suggestions for read-only USB thumb-drives? Let us know in the comments below(continued here)

DoD Opens Contracts for Apple/Google Mobile Devices: And the hits just keep on coming for the flogging company that is BlackBerry as the Department of Defense (DoD) recently opened up contracts with Apple and Google to supply mobile devices. Overall, BlackBerry still supplies a substantial portion of the more than 600,000 mobile devices in the DoD however they have all but lost momentum in the lucrative government sector. The DoD dropping its exclusivity with them is yet another nail in the proverbial BlackBerry coffin. Even though BlackBerry was the first out of the gate and at one time had an insurmountable lead in terms of secure mobile computing, clearly the old horse is tiring down in the final stretch as Apple and Google approach. Does you think BlackBerry has a fighting change? Let us know in the comments below. (continued here)

Welcome to the U.S. Copyright Alert System: This story about a six strike voluntary agreement among content owners and ISPs is interesting. For each copyright violation accusal subscribers receive an alert. After six such alerts the repercussions are up to the ISP but in most cases users could get put in “slow Internet jail” for a few days or be forced to watch boring “copyright education” videos. Ok … not as bad as some of the previous incarnations supported by content owners but still things seem a bit one-sided. What do you think of this new agreement between contents owners and ISPs? Let us know in the comments below. (continued here)

Implications of Facebook Graph Search: It seems that Facebook enabled it’s new Graph search feature on my account recently. This reminded me that a few weeks ago Help Net Security asked me to comment on Graph and its implications. Although they only used a portion of what I wrote, as expected, I thought I’d share my full writeup here. And if anyone else needs a comment for a story or announcement, feel free to hit me up via our Contact Us form or on Twitter at @grecs. Is Facebook Graph a useful tool to learn more about your friends … or is it a privacy disaster waiting to happen? Let us know in the comments below. (continued here)

How to Keep Up with RSAC When Not at RSAC: One of the questions that often comes up for those not attending the annual shindig known as the RSA Conference (RSAC) is “How do I keep with everything going on at RSAC when I’m not there?” I was wondering the same thing and worked up a few ways. How do you keep up with all the activities at RSAC? Let us know in the comments below. (continued here)

Analyzing APT1 with Cuckoobox, Volatility, and Yara: It is an exciting time to be a hobbyist or working in the Malware Analysis field. With tools and frameworks like MASTIFF, CuckooBox, Volatility, and many others, malware doesn’t stand a chance against a persistent malware analyst. (continued here)

How-To: SSH Proxy 101: There’s probably 1001 posts and presentations written on this topic … however this is a version I wrote to better understand the process as well as be able to reference it in the future. Hopefully you will find it useful as well… If you are interested in using SSH for more nefarious purposes, check out the first video in our NovaHackers ShmooCon Epilogue Videos post where Andrew Morris presents “Ruining Security Models with SSH” starting at 3:25:20 for several other tricks. The presentation continues into the second video. Any other suggestions for improving using SSH as a proxy? Let us know in the comments below. (continued here)


Hope everyone had a wonderful week. Have a great weekend!


1 comment for “Weekly Rewind – d0x3d!, MASTIFF, ShmooCon Epilogue & More…

  1. March 1, 2013 at 1:27 am

    BLOGGED: Weekly Rewind – d0x3d!, MASTIFF, ShmooCon Epilogue & More… http://t.co/Kw3CwQruiS

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.