May 2009

Interesting Information Security Bits for 05/13/2009

by kriggins on May 13, 2009

in Interesting Bits

Good evening again. I just returned from Secure360 where I had a great deal of fun meeting and talking with people. I also gave my first conference talk today and that was also a lot of fun.

Here are today's Interesting Information Security Bits from around the web.

  1. Michael points out some more pre-configured targets for you to practice your pen testing skills on.
    lampsecurity hosting vulnerable vm images to attack (terminal23)
    Tags: ( education pentesting )
  2. I love this. Very simple, but very profound.
    Securosis Blog | The Data Breach Triangle
    Tags: ( data-leakage )
  3. Rich is looking for a little help in reviewing some survey questions related to Project Quant.
    Securosis Blog | Project Quant: Draft Survey Questions
    Tags: ( quantitative metrics )

That's it for today. Have fun!

Subscribe to my RSS Feed if you enjoy these daily Interesting Bits posts.

Kevin

{ 0 comments }

Interesting Information Security Bits for 05/12/2009

by kriggins on May 12, 2009

in Interesting Bits

It has been a very busy day that started out with a four hour drive to get to Secure360. Although it has been busy, it has also been good. I'm looking forward to day two of the conference!

Here are today's Interesting Information Security Bits from around the web.

  1. A nice post by Andy.
    It Just Doesn't Does Matter! >> Andy ITGuy
    Tags: ( general )
  2. This resource looks really cool and I am going to dig into it more later, but free education is good.
    100 courses on Computer Information Systems and Security - Malta Info Security
    Tags: ( education )

That's it for today. Have fun!

Subscribe to my RSS Feed if you enjoy these daily Interesting Bits posts.

Kevin

{ 0 comments }

Interesting Information Security Bits for 05/11/2009

by kriggins on May 11, 2009

in Interesting Bits

Good afternoon everybody! I hope your day is going well.

Here are today's Interesting Information Security Bits from around the web.

  1. NIST takes on defining the cloud.
    Are the feds the first to a common cloud definition? | The Wisdom of Clouds - CNET News
    Tags: ( cloud )
  2. Ed has penned a nice article on SCAP and vulnerability management.
    How SCAP Brought Sanity to Vulnerability Management
    Tags: ( vulnerability-management )
  3. Want to help shape cloud guidance documentation? Craig tells you how.
    The Cloud Security Alliance Needs You | Cloud Security
    Tags: ( cloud )
  4. This is a bit scary.
    Breaking Into a Home With an iPhone | GNUCITIZEN
    Tags: ( data-availability )
  5. Adrian has a link to a video you must watch. Then ask yourself how far is it from happening.
    Securosis Blog | Data Harvesting and Privacy
    Tags: ( privacy surveillance )
  6. A very good interview that you should read. I caught Lee and Mike Murray's career talk and the ensuing question period at Defcon 15. Good stuff.
    Art of Information Security >> AoIS Interviews Lee Kushner, Part 2
    Tags: ( career )

That's it for today. Have fun!

Subscribe to my RSS Feed if you enjoy these daily Interesting Bits posts.

Kevin

Reblog this post [with Zemanta]

{ 0 comments }

Secure360 SecurityTwits Tweet-up

by kriggins on May 11, 2009

in Conferences

Secure360 starts tomorrow May 12th.

A group of @securitytwits are getting together tomorrow night at the Great Waters Brewing Co. at 7:00 p.m. I'm not sure where we are going to be in the place or how many of us there will be, but fun will be had :)

If you think you might be coming by, drop a note in the comments so we can keep any eye out for you.

Great Waters Brewing Company is located at:

426 Saint Peter St
St Paul, MN 55102

Here's a map:

{ 4 comments }

Interesting Information Security Bits for 05/07/2009

by kriggins on May 7, 2009

in Interesting Bits

Good afternoon everybody! I hope your day is going well.

Here are today's Interesting Information Security Bits from around the web.

  1. An interesting Q&A. Check it out.
    Q&A: FBI agent looks back on time posing as a cybercriminal | Security - CNET News
    Tags: ( general )
  2. Here are some interesting statistics.
    PDF Most Common File Type in Targeted Attacks - F-Secure Weblog : News from the Lab
    Tags: ( malware attacks )
  3. An interesting note from Don with a warning. Take heed.
    Security Ripcord >> Blog Archive >> Large Memory Acquisitions
    Tags: ( forensics memory )
  4. 34% is a pretty depressing statistic.
    34% of resold hard drives contain personal data, study reveals | Graham Cluley's blog
    Tags: ( data-leakage )
  5. Richard points out that amazon web services is now provided access to logs.
    TaoSecurity: Logs from the Cloud
    Tags: ( cloud amazon )
  6. You really need to check this out :)
    The InfoSec Prayer
    Tags: ( prayer )
  7. Shrldu has some very nice add-ons to the post by Alex that I pointed at yesterday.
    Let go, let Cloud.
    Tags: ( cloud )

That's it for today. Have fun!

Subscribe to my RSS Feed if you enjoy these daily Interesting Bits posts.

Kevin

{ 0 comments }

Interesting Information Security Bits for 05/06/2009

by kriggins on May 6, 2009

in Interesting Bits

Good afternoon everybody! I hope your day is going well.

Here are today's Interesting Information Security Bits from around the web.

  1. Whew! What a relief. Apparently I don't need to be concerned about security when using cloud services. It really isn't that big a deal. Well, at least according to this blog post.
    Clavister: Cloud security concerns are unfounded : Security Watch - Internet Security News: IT security, Business security, Computer security, Network security, and more
    Tags: ( cloud )
  2. An interesting issue still exists in Windows 7.
    Windows 7 Fail - F-Secure Weblog : News from the Lab
    Tags: ( windows-7 )
  3. Dave developed a checklist based on the CWE/SANS Top 25 programming errors. As he says, a checklist doesn't make you secure. However, it sure doesn't hurt either.
    trustedsignal -- blog: Application Security Checklist
    Tags: ( webappsec checklist development )
  4. Bill shares his second set of tips on a career in security. This time for those that are looking for a gig, instead of looking to keep the one they have.
    Career Advice for Security Geeks, Part 2 : The Security Catalyst
    Tags: ( career )

That's it for today. Have fun!

Subscribe to my RSS Feed if you enjoy these daily Interesting Bits posts.

Kevin

{ 0 comments }

Alex On Cloud Computing and the Role of the CISO

by kriggins on May 6, 2009

in Risk Management

I go through quite a few blogs everyday to keep abreast of what is being said in the information security world. My daily bits posts are things that strike me as interesting and that I think you might find interesting too.

I don't usually single out a blog post all on its own, but every once in awhile I come across something that I feel deserves special attention.

Alex Hutton posted the following on the Verizon Business Security Blog today. There are some profound statements in this missive. I won't steal his thunder. Go read it. You will not be disappointed.

On Clouds and The Evolving Role of the CISO


Reblog this post [with Zemanta]

{ 0 comments }

Interesting Information Security Bits for 05/05/2009

by kriggins on May 5, 2009

in Interesting Bits

Good afternoon everybody! I hope your day is going well.

Here are today's Interesting Information Security Bits from around the web.

  1. For those interested in the C|EH certification or others provided by the EC-Council, they have developed a scholarship program.
    EC-Council Secure Aid
    Tags: ( training )
  2. Wanna see what you can get with a botnet? Check this article out.
    Botnet probe turns up 70GB of personal, financial data
    Tags: ( botnet )
  3. Ryan has a nice walk-through showing how to get SSL Strip up and running on Mac OS X.
    Toasty: SSL Strip on Mac OS X
    Tags: ( tools ssl ssltrip )
  4. A nice post with some links to some resources you might find interesting if you are exploring Metasploit.
    Metasploit Resources - Rory.Blog
    Tags: ( metasploit )
  5. I participated in the Mystery Challenge last year at Defcon 16. It was a great deal of fun. The challenge has a new home. See below.
    TEN-FIVE-SEVEN.ORG
    Tags: ( defcon mystery-challenge )

That's it for today. Have fun!

Subscribe to my RSS Feed if you enjoy these daily Interesting Bits posts.

Kevin

{ 0 comments }

Interesting Information Security Bits for 05/04/2009

by kriggins on May 4, 2009

in Interesting Bits

Good afternoon everybody! I hope your day is going well.

Here are today's Interesting Information Security Bits from around the web.

  1. Lori has some good points regarding cloud "security."
    The Real Meaning of Cloud Security Revealed
    Tags: ( cloud security )
  2. Heh.
    Sunbelt Blog: Malware killed this chip
    Tags: ( general )
  3. Matt poses a question many of us ask and then goes on to posit an answer.
    What Motivates C-Level Executive Investments in Security? << Completosec Channel
    Tags: ( general )
  4. Some interesting stuff in this post.
    Rational Survivability >> VMware's Licensing - A "Slap In The Face For Cisco?" Hey Moe!
    Tags: ( cloud networking )
  5. If you've seen Hoffachino or Hoffacino mentioned on twitter or other blog posts and wondered exactly what it was, Christofer explains.
    Rational Survivability >> Just What the Hell Is a Hoffac[h]ino, Anyway?
    Tags: ( ot )

That's it for today. Have fun!

Subscribe to my RSS Feed if you enjoy these daily Interesting Bits posts.

Kevin

{ 0 comments }

Interesting Information Security Bits for 05/01/2009

by kriggins on May 1, 2009

in Interesting Bits

Good afternoon everybody! I hope your day is going well.

Here are today's Interesting Information Security Bits from around the web.

  1. This is a great article that peeks into the realities of whether secure coding is less expensive than fixing vulnerabilities after they are detected in production.
    Jeremiah Grossman: Mythbusting, Secure code is less expensive to develop
    Tags: ( cost secure-coding )
  2. You should be aware that you may get IE8 whether you want it or not.
    Security Fix - Microsoft Pushing Out IE8 Through Auto Update
    Tags: ( microsoft patches ie8 )
  3. A nice how-to on using nmap and Nessus together to produce command line Nessus scans.
    Tenable Network Security: Using Nmap Results With Nessus Batch Scanning
    Tags: ( nmap nessus )
  4. Bill gives us some really good advice on how to avoid being the one that needs to look for that new job.
    Career Advice for Security Geeks, Part 1 : The Security Catalyst
    Tags: ( career )
  5. A very nice article regarding what happens when nothing happens.
    The Irony Of Preventing Security Failures - Hacked Off - Dark Reading
    Tags: ( spending )

That's it for today. Have fun!

Subscribe to my RSS Feed if you enjoy these daily Interesting Bits posts.

Kevin

{ 0 comments }

Next Entries →