Interesting Information Security Bits for 09/01/2010

by kriggins on August 31, 2010

Here are today's Interesting Information Security Bits from around the web.

  1. The Professional Security Testers Warehouse for the GPEN GSEC GCIH GREM CEH QISP Q/ISP OPST CPTS - September issue of Hakin9 magazine: Mobile Malware - the new cyber threat
    Tags: ( magazine hakin9 )
  2. 3 Years in the making... | Catsn22 (in)siesuiaitu
    Tags: ( general )
  3. 15 Things Every PC User Should Know - PCWorld
    Tags: ( tips )
  4. Microsoft SDL and the Creative Commons - The Security Development Lifecycle - Site Home - MSDN Blogs
    Tags: ( microsoft sdlc )

That's it for today. Have fun!

Subscribe to my RSS Feed if you enjoy these daily Interesting Bits posts.

Kevin

Share and Enjoy:
  • Digg
  • Sphinn
  • del.icio.us
  • Facebook
  • Mixx
  • Google Bookmarks

{ 0 comments }

Interesting Information Security Bits for 08/30/2010

by kriggins on August 29, 2010

Here are today's Interesting Information Security Bits from around the web.

  1. Looks like CompTIA is creating a more advanced security certification to build on their Security+ certification. They are looking for some feedback via survey. Help'em out.
    A new advanced security certification from CompTIA -- Fill the survey
    Tags: ( certification comptia )
  2. Ever wondered what the bad guys can get if you have a site with a local file inclusion vulnerability. Potentially everything. o_O Check out this post for a walk-through.
    .: ciphermonk research :. >> Blog Archive >> Case Study: LFI to Shell
    Tags: ( vulnerability attack )
  3. This is pretty cool. The Diaspora project, an open source Facebook, is due to release on September 15th.
    Thoughts of a Technocrat: Facebook Alternative Diaspora Launches September 15
    Tags: ( facebook diaspora )
  4. A new way to tell browsers that they should only use HTTPS to access a site.
    HTTP Strict Transport Security at Mozilla Security Blog
    Tags: ( firefox https )
  5. I read a lot of science fiction. I find it very disturbing that more and more of the things I read in novels about tracking the population are becoming true in the real world. I understand the thought processes that can get us where we appear to be heading, but we must be very careful that we don't go too far.
    Schools to Experiment with Tracking Students with RFID Chips
    Tags: ( privacy rfid )

That's it for today. Have fun!

Subscribe to my RSS Feed if you enjoy these daily Interesting Bits posts.

Kevin

Share and Enjoy:
  • Digg
  • Sphinn
  • del.icio.us
  • Facebook
  • Mixx
  • Google Bookmarks

{ 0 comments }

Interesting Information Security Bits for 08/27/2010

by kriggins on August 27, 2010

Here are today's Interesting Information Security Bits from around the web.

  1. Pay attention folks. Deployment is extremely important when implementing a wireless solution. Read this post and you'll understand why.
    Wi-Fi Convenient, but Dangerous << IT Expert Voice
    Tags: ( wifi )
  2. There is a new group meeting to discuss information security topics in a casual setting on a monthly basis in Dublin, Ireland. Check it out if you are in the area.
    The Dublin Security Group << Security Ninja
    Tags: ( general )
  3. In the words of Hal Pomeranz who tweeted about this. "This is cool." It is. Very.
    Digital Forensic Analysis Methodology (PDF)
    Tags: ( forensics tools )
  4. The folks at Securosis have released their SIEM/Log management white paper. Their stuff is always great. You should check it out.
    Securosis Blog | White Paper Released: Understand and Selecting SIEM/Log Management
    Tags: ( siem )
  5. Hmm, interesting what Apple considers non-personal information and also what they say they can and will do with it.
    Non-Personal Information - like where you live?
    Tags: ( privacy apple )
  6. Matt shares his favorite nmap scripts.
    Favorite nmap NSE scripts | Attack Vector
    Tags: ( nmap )

That's it for today. Have fun!

Subscribe to my RSS Feed if you enjoy these daily Interesting Bits posts.

Kevin

Share and Enjoy:
  • Digg
  • Sphinn
  • del.icio.us
  • Facebook
  • Mixx
  • Google Bookmarks

{ 0 comments }

Interesting Press Releases 8-20-2010 thru 8-25-2010

by kriggins on August 26, 2010

Hello one and all. When I first posted about doing these Interesting Press Release posts, I said I would be posting them on Tuesdays and Thursdays. Well, it turns out we probably don't need two posts per week so these will be coming out on Thursdays from now on.

Panda Security has released their 2nd International  Barometer of Security in SMBs. Some interesting tidbits in there. The press release is below and a direct link to the pdf is here.
Forty-Six Percent of SMBs Have Been Infected by Internet Threats, According to Latest Panda Security Survey

IBM X-Force is a research group in IBM and provides security content for IBM customers and makes most of it, if not all of it, available to the world. They have released their 2010 Mid-Year Trend and Risk Report (registration required) which shows that vulnerabilities are at an all time high.
IBM X-Force Report Reveals Global Security Threats Have Reached Record Levels

That's it for this week.

-Kevin

Share and Enjoy:
  • Digg
  • Sphinn
  • del.icio.us
  • Facebook
  • Mixx
  • Google Bookmarks

{ 0 comments }

Interesting Information Security Bits for 08/25/2010

by kriggins on August 25, 2010

Here are today's Interesting Information Security Bits from around the web.

  1. This looks to be a very interesting thesis, particularly for those interested in risk and its measurement.
    No Tricks: Recent PhD Thesis on IT Risk Management
    Tags: ( risk-management )
  2. Breach doesn't just mean that the bad guys got your data or that the data was used for anything. It does mean big dollars in fines though.
    Zurich Insurance slammed with PS2.28 million fine for losing customer data | Graham Cluley's blog
    Tags: ( breach )
  3. Another challenge is up at Packet Challenge.
    "The Spy Hunter" Packet Challenge << I Smell Packets
    Tags: ( challenge )
  4. Hal offers some tips on ways to keep from shooting yourself in the foot when processing digital evidence.
    Computer Forensics: Armor For Your Feet
    Tags: ( forensics )

That's it for today. Have fun!

Subscribe to my RSS Feed if you enjoy these daily Interesting Bits posts.

Kevin

Share and Enjoy:
  • Digg
  • Sphinn
  • del.icio.us
  • Facebook
  • Mixx
  • Google Bookmarks

{ 0 comments }

Interesting Information Security Bits for 08/23/2010

by kriggins on August 23, 2010

Here are today's Interesting Information Security Bits from around the web.

  1. If you are thinking cloud, you need to read this.
    Hoff's 5 Rules Of Cloud Security... | Rational Survivability
    Tags: ( cloud )
  2. Rob has penned a post about a) figuring out if a career in digital forensics is for you and b) some times on how to get started. Good stuff.
    Getting Started in Digital Forensics: Do You Have What It Takes?
    Tags: ( forensics career )

That's it for today. Have fun!

Subscribe to my RSS Feed if you enjoy these daily Interesting Bits posts.

Kevin

Share and Enjoy:
  • Digg
  • Sphinn
  • del.icio.us
  • Facebook
  • Mixx
  • Google Bookmarks

{ 0 comments }

Interesting Information Security Bits for 08/19/2010

by kriggins on August 20, 2010

Here are today's Interesting Information Security Bits from around the web.

  1. Drazen has a very good suggestion for all of us in the information security profession. We should all be writing End of Year State of Security Reports regardless of you role.
    Beast Or Buddha >> Blog Archive >> Security Manager/Management - End of Year State of Security Report
    Tags: ( general )
  2. This looks like it could be an good tool to have in the old tool box.
    FGET v1.0 Goes Live!! | HBGary
    Tags: ( tools forensics )
  3. This post applies to information risk management too. I am still working through it, but it is very interesting.
    Cox's risk matrix theorem and its implications for project risk management << Eight to Late
    Tags: ( risk )
  4. Here are some thoughts on improving ATM (Automatic Teller Machine) security.
    10 Tips to Improve ATM Security
    Tags: ( atm skimming )
  5. Alex offers some interesting points to think about in the private vs public cloud debate.
    Verizon Business Security Blog >> Blog Archive >> Cloud Computing & Polycentric Risk Tolerances
    Tags: ( cloud )
  6. Searches for these 10 celebrities are most likely to return links to malware.
    Top 10 most dangerous celebrity searches
    Tags: ( malware )

That's it for today. Have fun!

Subscribe to my RSS Feed if you enjoy these daily Interesting Bits posts.

Kevin

Share and Enjoy:
  • Digg
  • Sphinn
  • del.icio.us
  • Facebook
  • Mixx
  • Google Bookmarks

{ 0 comments }

Interesting Press Releases – 8/19/2010

by kriggins on August 19, 2010

This is in the inaugural Interesting Press Releases post. I will be playing with format and content as we go along so stay tuned in.

Lockheed Martin Advanced Technology Center Demonstrates Versatile Advanced Monitoring System (VAMS) for Perimeter Security
This is a physical security device that is intended to take the place of fences. Looks pretty cool.

National High School Cyber Defense Competition Registering Teams for Fall
This looks like a great opportunity for high schools to get kids involved in computer security.

Mitek Systems Granted Patent for Mobile Deposit® Application
The patent covers depositing checks with just about any camera enabled smartphone.

Verizon's On-Demand Cloud Computing Solution First to Achieve PCI Compliance
This is very interesting. I suspect we start seeing more and more solutions being approved.

That's it of today. Have a great day!

-Kevin

Share and Enjoy:
  • Digg
  • Sphinn
  • del.icio.us
  • Facebook
  • Mixx
  • Google Bookmarks

{ 0 comments }

New InfoSec Ramblings Feature – Interesting Press Releases

by kriggins on August 18, 2010

One of the mainstays of this blog is the Interesting Information Security Bits posts that come out three times per week. Those posts are taken from the many blogs I read and from my twitter stream. To date, I have largely not addressed the many press releases I get sent and read. That is about to change.

I am adding a new feature to the blog called Interesting Press Releases. These posts will come out on Tuesdays and Thursdays. This of course assumes there is something I consider interesting to post. As with the IISB, interesting is defined by me and may or may not be what you consider interesting. To start, there will probably not be a great deal of commentary from me, but who knows, that could change too.

I plan to try this for a bit and then see if you guys like it or not.

As always, I am open to feedback either in the comments below or via email to kriggins@infosecramblings.com.

-Kevin

Share and Enjoy:
  • Digg
  • Sphinn
  • del.icio.us
  • Facebook
  • Mixx
  • Google Bookmarks

{ 0 comments }

Interesting Information Security Bits for 08/18/2010

by kriggins on August 17, 2010

Here are today's Interesting Information Security Bits from around the web.

  1. Lee offers some thoughts on mentors.
    Career Advice Tuesday = "How Did You Find Your Mentor" : Information Security Leaders
    Tags: ( mentors career )
  2. If you are in the Cleveland, Ohio area, you should check out this hacking contest taking place on September 22nd. It is open to the public and free, you just need to register. Looks like a lot of fun.
    Hurricane Labs Hack Challenge
    Tags: ( challenge )
  3. From the site: "The Journal of Digital Forensics, Security and Law published its first issue in the 1st quarter of 2006 and is now calling for papers in, or related to, the following areas for Volume 5 (2010).." The list of target areas is pretty big. Check it out.
    Journal of Digital Forensics, Security and Law Call for Papers
    Tags: ( cfp )
  4. From the site:ForensicArtifacts.com was built to become a repository for useful information forensic examiners may need to reference during the course of their analysis. Requests for artifacts of system files, programs, and malware are very common to see on computer forensic mailing lists and forums. This site strives to take the place of those requests and become a one-stop shop when it comes to forensic artifacts.
    Artifacts | Forensic Artifacts
    Tags: ( forensics )
  5. LockCon 2010 in happening for those of you interested in physical locks and such.
    LockCon 2010 "the winner takes it all" << Blackbag, Barry's weblog
    Tags: ( lockpicking )
  6. The Security Shoggoth points out that you may only get one chance to grab that malware sample you want to explore.
    The Security Shoggoth: You never get a second chance...
    Tags: ( malware )
  7. Richard is giving a talk at VizSec 2010 next month on Security Visualization and its usefulness in production. To support his talk, he is looking for some real world examples of visualization's use. Help him out.
    TaoSecurity: Do You Use Visualization in Production?
    Tags: ( visualization )
  8. Leave it to Shrdlu to come up with the Lopsided Pyramid of Pain[tm].
    Span of Control
    Tags: ( general )

That's it for today. Have fun!

Subscribe to my RSS Feed if you enjoy these daily Interesting Bits posts.

Kevin

Share and Enjoy:
  • Digg
  • Sphinn
  • del.icio.us
  • Facebook
  • Mixx
  • Google Bookmarks

{ 0 comments }

← Previous Entries