Security Watch

Sunday, February 27, 2011

End of Year Security Reports, The Complete List

This is a list of annual security reports by vendors, non-vendors and governments that I was able to collect in the last few weeks.

Vendors list:

Akamai, state of the internet report, (pdf)

Arbor, Network Infrastructure Security Report 2010, (pdf)

Blue Coat, 2011 Web Security Report, (pdf)

Cisco 2010 Annual Security Report, (pdf)

Damballa Top 10 Botnet threat Report, (pdf)
GFI Labs, 2010 report on Fake Security Products, (details)

Mcafee, A Good Decade for cybercrime, report, (pdf)

Message Labs 2010 Annual Report, (pdf)

PandaLabs 2010 Annual Report, (pdf)

PandaLabs, The Cyber-Crime Black Market: Uncovered, (pdf)

Qualys, State of browser security, (pdf)
SecureWorks Spambot evolution, 2011, (details)

Secunia 2010 Security Report:, (pdf)
Sophos Security Threat Report, 2011, (pdf)

Symantec Report on Attack Kits, and Malicious Websites, (pdf)

Symantec 2010 end-of-year report, (pdf)

Symantec, 2010 US Cost of Data Breach, (pdf)

Trustwave 2011 global security report, (pdf)

Barracoda Labs 2010 report, (pdf)

HP TippingPoint 2010 report, (pdf)

IBM X-Force 2010 report, (pdf)

McAfee, Underground Economies, (pdf)

Government List:

Dutch 2010 National Cyber Crime, and Digital Safety Trend Report, (pdf)

European Union, statistical office, Safer Internet Day Report, (pdf)

ICS-CERT, Industrial control systems, 2010 report, (pdf)
Internet Crime Complaint Center 2010 report, (pdf)

Whitehat Security statistics report, require registration, (details)

Non-Vendors List:

Global Risks 2011, World Economic Forum, (pdf)

DDOS 2010 Report, (details)

PriceWaterHouseCoopers, Global State of Information Security Survey, (pdf)

Web-based threats, SEI-Carnegie Mellon, (pdf)

Wednesday, January 5, 2011

GSM Security, 2011

The recently ended 27C3 event in Berlin was a good closing of 2010, with some interesting GSM security related topics.

1st presentation is about running your own GSM stack on your phone using OsmocomBB Open Source Baseband software on old Motorola phone, while it does not sound like a threat, but it opened the door into conducting lots of attacks, considering that you now have full access to what is going on the GSM network from the handset side, I would think of mapping the GSM network with geo-location data for example.

2nd presentation is about attacking Android GSM Geolocation, which can be used in several ways:

- mapping GSM network, using old Nokia phone or USRP.

- live tracking of phone location via application

- offline location history, via USB (location while answering specific call, or sending specific SMS)

3rd presentation is the well known wide band GSM sniffing one by Karsten Nohl, which is about cracking A5/1 with 2TB rainbow tables available online for anyone to download using URSP2 or even a low cost Motorola phone running OsmocomBB.

Tuesday, December 14, 2010

Ad Networks Drive-by Download attack

Here is a very nice explanation on how a drive-by-download was done in the recent attack using Ad networks such as DoubleClick and MSN, the attack seems to be started with a social engineering on the Ad networks to allow adshuffle.com to post adds on their networks instead of the legitimate addshuffle.com.