venerdì 2 settembre 2016

Spear phishing - CEO fraud

http://www.securityweek.com/austrian-firm-fires-ceo-after-56-million-cyber-scam

http://www.theregister.co.uk/2016/04/07/ceo_email_fraud_cost_2_3bn/

http://krebsonsecurity.com/2015/08/fbi-1-2b-lost-to-business-email-scams/

Belgian Crelan Bank loses 75.8-million dollars in CEO fraud

http://catless.ncl.ac.uk/Risks/29.23.html#subj3

http://www.ehackingnews.com/2016/01/cyber-insurer-sued-after-company-loses.html

The 'bogus boss' email scam costing firms millions

http://www.bbc.com/news/business-35250678

giovedì 1 settembre 2016

Ransomware

https://www.fbi.gov/news/stories/incidents-of-ransomware-on-the-rise

https://en.wikipedia.org/wiki/Ransomware

https://motherboard.vice.com/read/cerber-ransomware-earns-195000

https://www.checkpoint.com/resources/cerberring/

http://www.theregister.co.uk/2015/06/10/trustwave_heres_how_to_earn_84000_a_month_as_a_blackhat/

http://arstechnica.com/security/2016/08/researchers-demonstrate-half-of-people-will-click-on-any-link-theyre-sent/

(Troppi incidenti per mantenere un elenco aggiornato)

http://www.theregister.co.uk/2016/06/08/uni_calgary_pays_ransomware_crims/

giovedì 30 giugno 2016

HSTS - Strict Transport Security

https://www.troyhunt.com/understanding-http-strict-transport/

mercoledì 15 giugno 2016

IPSec Performance

IPSec: Performance Analysis and Enhancements
https://web.cs.wpi.edu/~cshue/research/icc07.pdf

IPSec: Protocol Challenges and Performance Analysis and Enhancements https://www.academia.edu/9339492/IPSec_Protocol_Challenges_and_Performance_Analysis_and_Enhancements

OpenWRT performance (December 2015)
https://wiki.openwrt.org/doc/howto/vpn.ipsec.performance

Antivirus



VirusTotal is a free service that analyzes suspicious files and URLs and facilitates the quick detection of viruses, worms, trojans, and all kinds of malware.
https://www.virustotal.com/


A Closer Look: Email-Based Malware Attacks
http://krebsonsecurity.com/2012/06/a-closer-look-recent-email-based-malware-attacks/

Analisi di 34 mail inviati tra Maggio e Giugno 2012, con mittente (falso) Amazon, DHL etc ed attachment analizzati da VirusTotal (42 antivirus diversi in parallelo).

Noticeable is the lack of antivirus detection on most of these password stealing and remote control Trojans. The average detection rate for these samples was 24.47 percent, while the median detection rate was just 19 percent. This means that if you click a malicious link or open an attachment in one of these emails, there is less than a one-in-five chance your antivirus software will detect it as bad.