Welcome to another edition of our Weekly Rewind – where we summarize all our posts from the last week. The top stories this week were 3) “Free Stanford Crypto Course Beginning in January”, 2) “ShmooCon FireTalks Sponsor / CFP Updates & Other Conference News”, and 1) “Washington Post Servers Hacked” If you missed anything or happened to be offline, we hope you find this summary post useful as a quick reference.
A la Schneier … you can also use this rewind post to talk about the security stories in the news that we haven’t covered.remote-access.
ShmooCon FireTalks Sponsor/CFP Updates & Other Conference News: We’d like to announce that we now have a Platinum sponsor that most of you are probably familiar with … Cobalt Strike. From the same guy that brought you Armitage, Cobalt Strike is his commercial follow-on that makes replicating advanced threats easy. Featuring build in capabilities for low and slow command and control, communication over DNS, and a wicked cool man-in-the-browser technology, why not visit them and check it out. (continued here)
Washington Post Servers Hacked: Apparently attackers successfully broke into Washington Post servers and accessed employee usernames and passwords. Post officials noted that their systems stored the credential information in “encrypted form.” Hopefully this statement means that the passwords were at least salted and hashed. (continued here)
The Basics – Encoding, Encryption, and Hashing: I have been meaning to document the concepts of encoding, encryption, and hashing for reference purposes but as usual came across a post that already explains them well. Here’s a consolidated quick reference version of that post from DanielMiessler.com. (continued here)
Free Stanford Crypto Course Beginning In January: For those looking for a New Year’s resolution, perhaps learning the basics of cryptography is one option. Stanford is spinning up their free online crypto course again for the spring semester. Beginning January 6 and taught by Dan Boneh, the course covers all the basics including symmetric and asymmetric cryptography, digital signatures, authentication protocols, zero-knowledge proofs, and privacy. Do you plan to attend? Post your comments below. (continued here)
Hope everyone had a wonderful week! Have a great weekend!