We have finally gotten an interview with Mark Schloesser. This is the guy that does not say too much, but delivers as hell. “Less talk more code” could easily describe him. He will take you through Configuring an Environment for Threat Assessment This is building a functional and centralized threat intelligence framework! We are really looking forward to this workshop!
Tell us Mark, why did you become a security expert?
We have interviewed Mahmud ab Rahman, who currently works as an Information Security Specialist for Malaysia Computer Emergency and Response Team (MyCERT) under the umbrella of CyberSecurity Malaysia. His areas of focus are network security,botnet monitoring, and malware analysis.
Ready for the Honeynet Project Meeting in February, we are pleased to announce our second release of HoneyProxy!
Started as a Google Summer of Code 2012 project, HoneyProxy is a lightweight tool that allows live HTTP and HTTPS traffic inspection and analysis. This release features a new Report Editor which allows you to analyze your flows, aggregate data or search for anomalies in your traffic dumps.
We have interviewed Felix Leder, who works as an innovation and new technology architect for Norman ASA. He has has presented classes around the world on malware analysis, reverse engineering, and anti-botnet approaches.
At the last BruCON conference in Ghent last year I had the pleasure to talk to Soraya (Iggi), Bsides London co-organizer. She convinced me into submitting a workshop proposal for the Bsides London 2013.
And guess what, it got accepted.
So I will be doing a workshop on setting up a basic kippo SSH honeypot from Upi Tamminen (http://code.google.com/p/kippo/) and if time permits, using Ioannis Koniaris (Ion) kippo visualization tool kippo-graph (http://bruteforce.gr/kippo-graph).
Bsides London will be held on April 24th 2013 at Kensington and Chelsea Town Hall
We have interviewed Georg Wicherski, who is one of the speakers for the Honeynet Workshop in Dubai 10-12 of February. Georg will give a briefing about “Secure Exploit Payload Staging…or how we did not kill an 0day at Defcon”
So Georg, why did you become a security expert?
Pathos: Hacking is my second love after my family and working as a security person allows me to live my passion every day.
And what will you talk about?
We have interviewed Raffy, who is one of the teachers for the Honeynet Workshop in Dubai 10-12 of February. Raffy will give the following talk: How Big Data, Data Mining, and Visualization Enable Security Intelligence and a class on Information Visualization - Bridging the Gap Between Tufte and Firewalls"
So Marty, tell us, why did you become a security expert?
Let the "Month of the Honeynet Project Tools" begin!
The idea beyond the MoHPT is quite simple. We would be really glad to involve more and more researchers out there in our research stuff and tools. In order to encourage contributions we are proposing you to dive deep into one of the already existing Honeynet Project tool cited below and contribute with feedback, ideas, documentation and/or code.
Let's start the new year with a forensic challenge!
I am really pleased to announce Forensic Challenge 13 – "A Message in a Picture". The challenge has been provided by the Honeynet Project Pacific Northwest Chapter. Submission deadline is 2013, Feb 15th and we will be announcing winners around the first week of March 2013.
Happy new year and have fun!
The Honeynet Project
For the last few years, I have been participating in a Department of Homeland Security sponsored effort to develop principles and applications for the evaluation of information and communication technology (ICT) research. If you are not familiar with the Menlo Report, you can find a description in Michael Bailey, David Dittrich, Erin Kenneally, and Douglas Maughan. The Menlo Report. Security & Privacy, IEEE, 10(2):71–75, March/April 2012.
I and two of my Menlo colleagues -- Wendy Vischer and Erin Kenneally -- recently taught a didactic course at the PRIM&R Advancing Ethical Research conference in San Diego. (PRIM&R is the conference for Institutional Review Board, or IRB, professionals, with the annual AER conference having thousands of attendees). Our course primarily described the Menlo Report process to date, but we concluded with a mock IRB committee review of a fictional proposed research project in which researchers develop countermeasures to malicious botnets in social network platforms like Facebook using a combination of deception to build a social network of over 1 million users and to then use "good bots" that infiltrate the "bad bots".