Category: InfoSec

Topics related to information security, cyber security, malware analysis, and pretty much anything related to computer security. We are quite involved in organizing OWASP chapter meetings and other security-related events. Analysis of security incidents and malware is quite a personal passion

Posted in InfoSec Software Work

Introducing OWASP Seraphimdroid

About 2 months ago I started thinking about creating Android security application. I was looking where the other application are weak, since there are a lot of android device protection and anti malware application available on Google play. Thing I found that most of those application don’t use application permissions…

Social engineering head
Posted in InfoSec Work

Introduction to Social engineering

Social engineering is one of the main security issues these days. Most of companies invest to infrastructure to be hardly hackable, but they don’t educate people. Social engineering is quite common attack since the begining of 1980′. And many big corporate networks were infiltrated using these attacks. And the only…

social engineering
Posted in InfoSec

Gmail social engineering attack

This morning I recieved email that was signed as Gmail Team and that was saying: Re: Due to recent upgrade in our database, we are terminatin​g all unverified accounts permanentl​y. Reply and give the informatio​n below:User​name,Passw​ord,Date of Birth,Phon​e&Country. Note! You have one week to comply. Gmail Inc. All rights reserved….

Posted in InfoSec Leadership and management Work

Story about OWASP Serbia

Finily I got some time to write about open source community in Serbia that I am leading. I hope it will help also a bit to make it more popular and also I hope it will give some advices to new OWASP chapter leaders or people who want to create…

mobile app threat agents
Posted in InfoSec Software Work

Notes on history of mobile malware

Mobile malware came not so long ago as PC malware. Mobile malware is almost 20 years younger, but today since almost everyone has mobile device it evolved to quite dangerous tools for attackers. Also mobile manifacturers were doing their job, creating sandbox environement in mobile operating systems, so users can…

Posted in InfoSec Software Work

Train with Game Over.iso

Today I have tried to set up GameOver.iso, one of many interesting live linux environement that is meant to be training tool for learning about web application security. I must admit that I like it, altrough I had a little problems and confusion in start. Actually it is linux live…

Posted in InfoSec Work

Pwned by the owner

Couple of months ago I saw one video from Defcon 18, called “Pwned by the owner”. I really liked the story, also the way the presentation was held. So would like to recomend this video both to security guys and to soft skills guys. In short, presentation is actually a…

Posted in InfoSec Software Work

Kratka istorija malware-a | Peti deo: Neka rat počne

Stigli smo i do poslednjeg posta u seriji o istoriji malware-a. Prošli smo početke, pozabavili se onim šta se desilo kad je izašao windows, pozabavili smo se makro virusima, mail crvima, mrežnim crvima, rootkitovima i najzad je došlo vreme da se pozabavimo najkompleksnijim malware-om do sad viđenim. Ovih nekoliko malware-a,…

Posted in InfoSec Software Work

Kratka istorija malware-a | Četvrti deo: rootkit

U predhonim člancima smo se pozabavili prvo DOS virusima, nakon toga smo prešli na prve Windows virusi i prve makro viruse, nakon čega smo prešli opis mail crva, da bi na kraju došli do crva kojim nije potrebna korisnička interakcija. Ovaj članak će biti predposlednji deo u seriji o malware-u i…

Posted in InfoSec Software

Kratka istorija malware-a | Treći deo: crvi (worms)

Nastavljam sa malware serijom. U ovom delu ćemo se pozabaviti crvima, kao i nekim malware-om koji je imao ozbiljne posledice po infrastrukturu.   Prvi crv nije novijeg datuma, već je nastao 1988. godine. Napisao ga je Robert Tappan Moris, koji je bio u to vreme student na MIT-u. Njegova namera…

Posted in InfoSec Software Work

Kratka istorija malware-a | Drugi deo: Windows era

Kako sam u predhodnom postu načeo temu istorije razvoja malware-a, sada ću da nastavim. U ovom delu ću se pozabaviti delom razvoja od nastanka windows operativnog sistema, do dana kada su se crvi krenuli da se koriste i kada je malware krenuo da se upotrebljava za materijalnu dobit, kao i…

Posted in InfoSec Software Work

Kratka istorija malware-a | Prvi deo: Počeci

Još jednom ću se osvrnuti na istoriju malware-a, jer mislim da je tema izuzetno zanimljiva a i otkriva slika o tome gde smo nekad bili, kako je sve počelo, kako se razvilo, gde smo danas i ka ćemu će se ići u budućnosti, kako  u razvoju malware-a, tako i u…