Passionate about Information Security

It’s been a busy two weeks trying to put together the training material I’ll be using to teach Incident Response and Computer Forensics to some of my colleagues in other geographies across Europe, Asia and Australia, and that will kick-off in Leiden in approximately 10 days. Meanwhile, the latest news about the Indian embassy reported [...]

Earlier this morning I was alerted to this problem by a colleague who was trying to access www (dot) embajadaindia (dot) com to sort out some paperwork related to my employer’s offices in India. When tried to load the site, the Desktop Antivirus displayed the following pop-up alert…

I’m not usually very excited about posting on LinkedIn Discussion Groups. On top of that, I don’t even have the time to blog anything on my own site. However, I could not resist to write a comment on that discussion about what is the best IDS system. Not when I read the following comment: “Actually the idea of an IDS system has been obsolete for a few years now”.

Keep reading then and have a look at the following links to a few interesting security tools, new forensic challenges and even a new Multi-Boot Security Live DVD

It’s been about a week since I arrived in Sydney and it’s passed really quickly. I headed to Sydney last Sunday, via London, and will be here for two weeks to work on an ISO 27001 security project that will extend onto beginning of 2009.

After a week of ISO 27001 auditing in the UK and a busy week aftewards, I finally managed to get some time to read my favourite blogs. I was doing so, when I read an interesting post in the Internet Storm Center that analyses some lessons learnt from a severe incident affecting The Planet, a well known hosting provider. Being a BSi [...]

One of the most time consuming tasks a penetration tester has to face is password attacks. Traditional password attacks involve password guessing, password cracking or a combination of both. While the first can take anything from days to months, the latter can take from hours to days, depending on the quality of the password dictionary [...]

I was discussing with a friend a few weeks ago how challenging is to teach folks that come in from the exclusive Windows-world on advanced Unix topics. Yes, I mean the kind of user that ends up rebooting a Unix box after changing a conf file instead of just restarting the appropriate services . I’m [...]

As promised in my previous post, I have  just uploaded Cracking into embedded devices and beyond, Adrian Pastor’s presentation at ‘Hack in The Box’ Dubai 2008. Thanks Adrian for your promptly response when asked for the slides and congratulations for your excellent contribution to the security community. Hope we can share a pint next time I’m [...]

It’s Sunday evening and I have spent the last hour going through the slides of Cesar Cerrudo’s talk at HiTBSecConf 2008 that took place this week in Dubai. I know it’s sad, but the title of this blog is “passionate about information security”, isn’t it? Let me give you a bit of background before going [...]