2011年8月17日 星期三

Xecure Lab 上香港壹週刊



香港壹週刊今天(8/18)大篇幅報導全港網站普遍不設防,上週香港交易所被駭客入侵,導致多支股票異常最終全面停牌半日,此次壹週刊專訪 Xecure Lab 共同創辦人 Anthony Lai,深入了解全港網站安全性普查狀況,以此嚴正呼籲港府應加強資安意識。防駭錦囊妙計終極方案,收到可疑檔案,你懷疑對方已巧妙騙過你的防毒軟體,來吧,有我們 Xecure Lab 的 APT Deezer http://aptdeezer.xecure-lab.com/ 挺你。


2011年8月6日 星期六

Xecure Lab at Defcon 19

Last year thousands of Defcon folks had to squeeze at the Riviera, it was a nightmare to move between different tracks; but this year thanks to Defcon goons for choosing Rio, the venue is big and cozy! It feels like paying a Defcon ticket and enjoy a Blackhat venue! xd

Our talk APT Secrets in Asia was given on the first day, first session. We really appreciate everyone that came over and stayed with us for almost 2 hours. The talk was rejected by Blackhat 2011 but accepted by Defcon 2011, otherwise we wouldn't have chance to share with the security community. As we always believe in, hackers and security gurus should team up, have fun, and together we can outsmart the attackers making them in the light.

Special thanks to many good friends of us, Mila, you inspired us; TT and Nanika, you guys sitting in the first row, awesome; Birdman, PK, Mars, Bob, safe guarding our home base, the system ran very smoothly and did not get owned, save Anthony and Benson on the stage; and buddies from Chroot security group in Taiwan, you are always with us. There are also several respected seniors flying over for the talk, we really appreciate their support. Thank you mama!

This year we had developed a free APT online scanning service,
Xecure Lab APT Deezer, http://aptdeezer.xecure-lab.com/, and is now available to everyone*. APT Deezer would tell you whether the document is APT-related or not, and provide visualization of analysis data (clustering of APT taskforces). Both file names and md5 are rounded-off a bit to keep anonymity. If you have more concerns or questions, feel free to write us at benson.wu (at) xecure-lab dot com
*Disclaimer: We have no interest with your PII, we will not collect any of your identity information, e.g. your IP, your geographical location, and so-on.

Oh, this time the Defcon badge is not electronic, but a piece of metal, made from commercially pure titanium. Awesome. (The Blackhat badge is made from Nylon as usual)


The badge on the left is the speaker badge, the one on the right is the human badge, there are also (G)oon, (P)ress, (V)endor, (C)ontest, (U)ber, etc. Enough variants to entertain everyone.

Anyway, the antiqued badge is cool, and moving to a puzzle based reality game is something different.


We want all these swag, but cash only... -.-



More readings:

Sincerely yours,
Xecure Lab team

2011年8月1日 星期一

韓國最大社交網站被黑 3500萬用戶資料泄露,台灣居然是駭客的幫兇!?

新浪科技訊 北京時間7月28日上午消息,由於韓國網絡公司SK Communications遭遇黑客攻擊,導致3500萬韓國網民的個人信息泄露,其中有2500萬是韓國最大社交網站賽我網(Cyworld)的用戶。
  SK Communications旗下擁有社交網站賽我網和搜索引擎Nate。該公司周四表示,黑客攻擊導致用戶的姓名、電話號碼、電子郵箱、居民身份證號碼以及密碼泄露。
  SK Communications稱:“公司已經證實,用戶信息泄露源於7月26日的黑客攻擊。本次攻擊的規模仍在調查之中。估計約有3500萬Nate和賽我網的用戶個人信息被盜。”