Welcome to another edition of our Weekly Rewind – where we summarize all our posts from the last week. The top stories this week were 3) “Windows’ Built-In Wireshark ”, 2) “Hak4Kidz Conferences”, and 1) “Mindcraft Security”. If you missed anything or happened to be offline, we hope you find this summary post useful as a quick reference. A la Schneier … you can also use this rewind post to talk about the security stories in the news that we haven’t covered remote-access.
Minecraft Security: Unfortunately this is not a post on how to secure a Minecraft server but rather a quick reference to a great video on how kids can learn information security through playing Minecraft. Youngster Riese Goerlich gave this awesome presentation at BSidesChicago in 2014 talking about what she learned in battling her Dad in their own Minecraft world. She discusses how she learned the concepts of reducing your attack surface, implementing defense in depth, deploying honeypots, and stabilizing computers. (continued here)
Hak4Kidz Conferences: In my continuing research associated with my KidHack Project, I came across this new conference called Hak4Kidz. The initial event is going to be held in Chicago on June 27th at the TechNexus Venture Collaborative. And the CFP is still open through May 15th for those that are interested. They will also have a presence at CircleCityCon (6/12-14 in Chicago, IL), GrrCON (10/9-10 in Grand Rapids, MI) and BruCON (10/8-9 in Belgium). (continued here)
Mach37 Announces Spring 2015 Class: Looks like the next class of Mach37 recruits has been announced… For those that that are not familiar with them, Mach37 is a Herndon, Virginia based startup incubator that focuses on creating new cyber security product companies. Here is a quick run-down of the new startups from their press release. Congratulations to everyone! (continued here)
New Cuckoo Sandbox Release: The makers of the open source Cuckoo Sandbox have just released a new version of their malware analysis tool. New capabilities in version 1.2 include behavior search, a network streams view, and comparative analysis. They have also added support for bare-metal and XenServer environments, an update to Volatility 2.4, and improvements to the Django-based web interface. (continued here)
Windows’ Built-In Wireshark: The SANS ISC blog had s great tip last week if you ever needed to perform a packet capture but didn’t have ready access to the usual set of tools like Wireshark or tcpdump. On the defensive side you might need something like this to debug a problem. Offensively, this method offers a nice way to perform a local packet capture once you gain a foothold within a target network. (continued here)
Hope everyone had a wonderful week! Have a great weekend!