Reports, Microsoft Security Intelligence Report 2H09

Microsoft released its 248 pages Security Intelligence Report volume 8, for 2nd Half 2009.

Here are some regional statistics:

Reports, Symantec 2009 Threat Report

Released in April 2010, a must read report as usual from Symantec.

Materials, Blackhat Barcelona 2010

Blackhat Europe just ended, check the media archive.

Spy Eye Crimeware Toolkit

The Russian crimeware toolkit Spy Eye, the Zeus killer is now offered for much lower prices than the famous Zeus crimekit.

Jerome Segura has a couple of articles ( 1, 2 ) looking at Spy Eye.

Zeus and Spy Eye are competing head-to-head in the underground market, as noted by Symantec and discussed by Brian Krebs.

Perl for Log Analysis

When it comes to log handling and analysis, perl is my preferred scripting language, with loads of ready-made libraries for all your needs, here are some useful resources:

Text::CSV (handling csv files)

Net::Whois::IP (retrieving whois information)

IP::Country::Fast (retrieving country code information)

Net::DNS::Resolver (resolve dns queries)

XML::RSS::Parser::Lite (retrieving RSS feeds)

Mail::POP3Client (email client)

Google::Search (google hacking)

With some Regular Expressions at the end...

Looking for exploits?

Intelligent Exploit Aggregation Network is a new website for aggregating exploits for specific platforms including Windows and some CMS. The exploits are aggregated from multiple sources like Exploit-db , VUPN, and SEBUG.net.

Also check this old list.