We have interviewed Georg Wicherski, who is one of the speakers for the Honeynet Workshop in Dubai 10-12 of February. Georg will give a briefing about “Secure Exploit Payload Staging…or how we did not kill an 0day at Defcon”

So Georg, why did you become a security expert?

Pathos: Hacking is my second love after my family and working as a security person allows me to live my passion every day.

We have interviewed Raffy, who is one of the teachers for the Honeynet Workshop in Dubai 10-12 of February. Raffy will give the following talk: How Big Data, Data Mining, and Visualization Enable Security Intelligence and a class on Information Visualization - Bridging the Gap Between Tufte and Firewalls"

So Marty, tell us, why did you become a security expert?

I studied computer science with an emphasis on cryptography. While I loved the mathematical puzzles that the crypto field offered, I couldn’t imagine doing that for a living. However, I was intrigued by all the stories around applied crypto that our professor was telling us. For example, how they printed the source code of PGP into a book and then shipped the book to Switzerland, where it was scanned in again. All of which to circumvent the then in active export laws. These stories got me interested in computer security or hacking. A passion that I still pursue.

Let’s start the new year with a forensic challenge!

I am really pleased to announce Forensic Challenge 13 – “A Message in a Picture”. The challenge has been provided by the Honeynet Project Pacific Northwest Chapter. Submission deadline is 2013, Feb 15th and we will be announcing winners around the first week of March 2013.

Happy new year and have fun!

Angelo Dell’Aera
The Honeynet Project

Let the “Month of the Honeynet Project Tools” begin!

The idea beyond the MoHPT is quite simple. We would be really glad to involve more and more researchers out there in our research stuff and tools. In order to encourage contributions we are proposing you to dive deep into one of the already existing Honeynet Project tool cited below and contribute with feedback, ideas, documentation and/or code.

Ghost USB Honeypot
Glastopf
Thug
Cuckoo
Buttinsky
Pylibemu

For the last few years, I have been participating in a Department of Homeland Security sponsored effort to develop principles and applications for the evaluation of information and communication technology (ICT) research. If you are not familiar with the Menlo Report, you can find a description in Michael Bailey, David Dittrich, Erin Kenneally, and Douglas Maughan. The Menlo Report. Security & Privacy, IEEE, 10(2):71–75, March/April 2012.

I and two of my Menlo colleagues – Wendy Vischer and Erin Kenneally – recently taught a didactic course at the PRIM&R Advancing Ethical Research conference in San Diego. (PRIM&R is the conference for Institutional Review Board, or IRB, professionals, with the annual AER conference having thousands of attendees). Our course primarily described the Menlo Report process to date, but we concluded with a mock IRB committee review of a fictional proposed research project in which researchers develop countermeasures to malicious botnets in social network platforms like Facebook using a combination of deception to build a social network of over 1 million users and to then use “good bots” that infiltrate the “bad bots”. (Just so you know, I have been an affiliated scientist full member on one of the University of Washington’s IRB committees since 2009. I lend my expertise in data security to investigators in designing their research protocols and in committee discussions of research studies associated with the UW. I highly encourage other computer security researchers to do the same for their local research institutions with IRBs.)

Claudio has just released a new version of Cuckoo Sandbox 0.5. The list of new features is very impressive! Check it out at http://cuckoosandbox.org/2012-12-20-to-the-end-of-the-world.html.

This is good. Enjoy!..
https://viaforensics.com/files/viaforensics-42-best-practices-secure-dev.pdf

This looks like a great event.
http://www.sans.org/event/mobile-device-security-summit-2013

In many countries, its the time of the year you can make tax deductible donations to support your favorite charity and non-profit organization. Id like to ask you to consider donating to the Honeynet Project this year. The Honeynet Project is a 501c3 non-profit organization (EIN: 36-4460128) that - over the past decade - learned the tools, tactics and motives involved in computer and network attacks, and shared the lessons learned with the public. Along the way, we have authored and published many open-source tools to capture & analyze attacks. If you would like to support the cause, please donate.

Over the last few weeks I’ve basically rewritten the core of Ghost, our system for USB malware detection. While the new approach promises to be much more effective, it has a drawback: It only works for Windows Vista and later systems. As a consequence, there are now two flavors of Ghost in existence: One supports Windows XP but won’t receive much further development, whereas a lot of interesting new features will be implemented for the other one, which is dedicated to Vista and later. In this post, I’m going to explain the reasoning behind the decision, describe the recent technical advances and outline some of our plans for the future.