The DNS changer malware threat

Following recent media attention on the DNS changer malware threat, and its high rate propagation it might be usefull  to post a quick update.

  • First; the DNS changer malware’s author have been arrested by the FBI and publish a dedicated paper
  • Second;malware still infected on many computers, reaching 0.3% for Luxembourgish’s IP.
  • Third; the malware controls user’s DNS servers, meaning they can control what sites the user connects to on the Internet

 

Additional ressources:

 

Hack.lu 2012

Hack.lu 2012 will take place the 23,24 and 25 October 2012. Update your agenda.

The conference will be held as every year in Luxembourg, a small country between France, Belgium and Germany :)

Hack.lu is an open convention /conference where people can discuss about computer security, privacy, information technology and its cultural/technical implication on society.

The aim of the convention is to : make a bridge of the various actors in the computer security world.

Benelux roads dataset under public domain license

The “Benelux Roads” dataset consists of 2 ESRI Shapefiles containing the highways and major connecting roads in the Benelux area (Belgium, Netherlands and Luxembourg). The intended use of the data is maps at a scale of around 1:1 million, so general overview maps.

The data is under a Public Domain license, so there are no restrictions to use.

Download the data here

Learn more about Red Geographics

Yajug event – JPA on NoSQL

A new great event upcoming at the JAYUGagenda next October 25th

 JPA on NoSQL: an approach with Hibernate OGM by Emmanuel Bernard

1.   The speaker

Emmanuel Bernard (http://emmanuelbernard.com/ )  co-author of Hibernate Search in Action from Manning.

 

2.   Abstract

PaaS, Cloud. How to store data is the real challenge. In a NoSQL store? Could we do that with familiar APIs?

The goal of Hibernate OGM is to explore how we could reuse Java Persistence (known domain model centric API) to store entities in NoSQL stores. It offers a JPA front end (object manipulation and JP-QL query) to applications while storing and querying data from a key/value grid (and other NoSQL later). That includes trying to support existing applications using JPA.

In this presentation, we will:

  • see an overview of the (No)SQL landscape and how a JPA front end can fit some interesting use cases.
  • explore how to store entities and associations into a key/value store and what compromise has to be made.
  • explore the trade-offs between schema vs schema-less, what can be translated from the relational model and what cannot
  • see how one can implement JP-QL queries on top of a non queryable technology (key/value store)

This presentation will contains live demos.

 

3.   When

 Next October 25th

  • 17h30 – Welcome and registration
  • 18h00 – JPA on NoSQL: an approach with Hibernate OGM
  • 20h00 – Drink and Networking

 

4.   Where

Centre de Recherche Public Henri Tudor
29, avenue John F. Kennedy
L – 1855 Luxembourg – Kirchberg

 

More details  on Yajug official website

BeNeLux OWASP Day on 1st and 2nd December 2011

Get ready for the BeNeLux OWASP Day 2011 (1st and 2nd December 2011), it will be held at  University of Luxembourg:

Campus Kirchberg
6, rue Richard Coudenhove-Kalergi
L-1359 Luxembourg
http://wwwen.uni.lu/contact/campus_kirchberg 
Room: Paul Feidert

 

The current agenda include a training day and a conference, both are free

The registration will be open when details are online.

Twitter tag is #owaspbnl11

 

More details and news on the official website

 

www.owaspbenelux.eu

Information security in Luxembourg

Information security in Luxembourg has a very active community, I tried hereafter to summarize the main organisation and group available online:

  • news.hack.lu - infosec news for the infosec community
  • CIRCL (Computer Incident Response Center Luxembourg) is the national Computer Security Incident Response Team (CSIRT – CERT) coordination center for the Grand-Duchy of Luxembourg.
  • CLUSIL - CLUb de la Sécurité de l’Information Luxembourg
  • G-SEC is a non-commercial and independent group of Information Security Specialists based in Luxembourg
  • “Musings on  Information Security” blog is about Information Security and in general anything I regard as newsworthy.

 

 

 

NoSQL event #2 – material available

Following the first NoSQL Event #2, last 26 September, you can now download the presentation made about Redis usage by Alexandre Dulaunoy from CIRCL.

“Design and Implementation of a Fast and Scalable Ranking  Scheme for Internet Resources”
How to Track Suspicious Resources on Internet without Losing your Mind

Download: Redis usage for Internet Ranking

 

NoSQL event #2 in Luxembourg followup

Monday evening, the second NoSQL event in Luxembourg has taken place at CRP Henri Tudor Technoport.

 

As planned, Alexandre Dulaunoy described the design and implementation of BGP Ranking and Passive DNS to cope with the high-volume of information collected everyday upon the Redis key-value data store. CIRCL (the national CERT of Luxembourg) developed and integrated  this two tools helping the ranking of internet resources like ASN, domain name and IP addresses. The presentation raised a lot of interests and questions.

 

Then, Thibaut Britz, Trendiction’s CTO, explained how they operate a cluster of more than 250 Nosql servers running Cassandra. He detailed how jobs are being executed on their cluster in order to crawl and analyze the data collected. The analysis includes automatic detection and normalization for content type/language/duplicate to finally being able to deliver their customers: market research institutes and media analytics companies .He also unveiled an internal tools providing a global overview over the distributed job execution service, allowing to quickly determine the ongoing workloads on the 250 nodes. This presentation raised questions even beyond the scope of the data processing.

 

The session ended with a drink, extending the talks between the participant.

Thanks to everyone for sharing this moment, one more great NoSql event.

 

 

 

Speakers of the #2 event: Alexandre Dulaunoy and Thibaut Britz

 

One month left EMC Forum Luxembourg 2011

EMC
EMC Forum Luxembourg 2011Tuesday October 18th, 2011

Learn more & register here

Cloud Meets Big Data

Get the real story from actual users: Maximize the potential of your Big Data with Cloud. Learn real world techniques and infrastructure tips, how to minimize risk, reduce costs, increase flexibility and take your organization beyond the limitations of conventional virtualization:

EMC Forum, the ultimate combination of technical insights and implementation strategies brought to you by EMC and our Partners.

Local real-world case studies showing the Cloud in action
In-depth technology sessions enabling IT professionals to deep dive into new EMC Cloud technologies
Detailed technology demo sessions with VMware, Cisco and EMC, showing how Cloud/Big Data can work for your organization

Register now
Gold Sponsor
Brocade Cisco Dimension Data
Ebrc Econocom
Silver Sponsor

Anidris EMC | Data Domain Greenplum
Iomega Isilon RSA
Sogeti VMware
Event Details
Date
Tuesday October 18th, 2011Venue:
Chambre de CommerceYour Cloud. Your Big Data. Your Journey.

Register now

Share with a colleague
Keynote Speaker: Peter Hinssen
An entrepreneur, advisor, lecturer and writer, Peter Hinssen is one of Europe’s most sought-after thought leaders on the impact of technology on society and business. He is frequently called upon to lead seminars and consult on issues related to the adoption of technology by consumers, the impact of the networked digital society and the fusion between business and IT.

More about Peter

See full agenda

HACK.LU 2011

The Hack.LU conference takes place at Parc Hotel Alvisse in Luxembourg the 19-21 September 2011.

All details on the conference can be found here

 

Hack.lu is an open convention /conference where people can discuss about computer security, privacy, information technology and its cultural/technical implication on society.

The aim of the convention is to : make a bridge of the various actors in the computer security world.