Infosec Weekly Roundup, December 5 – 11, 2011

Trustworthy Cyberspace: Strategic Plan for the Federal Cybersecurity Research and Development Program

New document released by the US government that outlines set of interrelated priorities for the agencies of the U.S. government that conduct or sponsor research and development (R&D) in cybersecurity

http://www.whitehouse.gov/sites/default/files/microsites/ostp/fed_cybersecurity_rd_strategic_plan_2011.pdf

The Most Notorious Cybercrooks Of 2011 — And How They Got Caught

Next up is an interesting article By Ericka Chickowski that list top attacks of the year from groups like Anonymous, LulzSec, Goatse Security and Antisec with the way that they got caught , this actually prove that it is always possible to attack any target but it is impossible to hide or cover your tracks

http://www.darkreading.com/security/attacks-breaches/232300124/the-most-notorious-cyber-crooks-of-2011-8211-and-how-they-got-caught.html

Proactive detection of network security incidents, report

New report by Enisa that list tools and strategies may be used by any CERT to improve their capabilities to detect network security incidents. the report include honeypot , sandboxes ,Intrusion detection and prevention tools mostly based on open-source, very useful report for any user.

http://www.enisa.europa.eu/act/cert/support/proactive-detection/

Russian Election: Hackers attack websites

Following the Russian election, Sites belonging to the Ekho Moskvy radio station, online news portal slon.ru and election watchdog, Golos, have been hacked at 5am Central European Time. Targeting media are not very popular among hackers but this incident show that if there is no free political expression at the media this will make them first target.

http://www.euronews.net/2011/12/04/russian-election-hackers-attack-opposition-sites/

Using Transcoding for Hidden Communication in IP Telephony

Voice over IP have made a lot of change in technology, Today all the world connected over webcam and phones with cheap prices, here new paper describe TranSteg (Transcoding Steganography) an innovative method to hide communication without interrupting or influencing the RTP protocol;

“TranSteg proof of concept implementation was designed and developed. The obtained experimental results are enclosed in this paper. They prove that the proposed method is feasible and offers a high steganographic bandwidth. TranSteg detection is difficult to perform when performing inspection in a single network localization” 

http://arxiv.org/ftp/arxiv/papers/1111/1111.1250.pdf

Over This Week on SecTechno We have published the Following:

Share