August 2009

Interesting Information Security Bits for 08/31/2009

by kriggins on August 31, 2009

in Interesting Bits

Good afternoon everybody! I hope your day is going well.

Here are today's Interesting Information Security Bits from around the web.

  1. The title says it all. SAINT 7 has been released.
    SAINT 7 released
    Tags: ( saint scanner tools )
  2. Anue Systems interviews Jack Daniel.
    Security Pros on Twitter (SPoT): Jack Daniel/@Jack_Daniel - The Network View
    Tags: ( infoec interview )
  3. Lenney Zeltser, who teaches a popular malware analysis course for SANS, has made one of his slide decks available online. The cool part, the speaker notes are included. Note: You can also watch the recorded webcast.
    Introduction to Malware Analysis - Free Webcast by Lenny Zeltser
    Tags: ( malware analysis )
  4. The T2'09 challenge is up.
    T2'09 Challenge - F-Secure Weblog : News from the Lab
    Tags: ( challenge )
  5. This is the second half of a post pointed to recently. Interesting stuff.
    >> The Internet After Dark (Part 2) * Security to the Core | Arbor Networks Security
    Tags: ( general )
  6. So, um, all those wonderful security cameras...basically worth bupkiss in stopping or solving crime. There goes that argument for why Big Brother is your friend.
    Schneier on Security: On London's Surveillance Cameras
    Tags: ( surveillance privacy cameras )
  7. An interesting exploration of free security products.
    Plausible Deniability >> Freegan-ism: how free product might upset the anti malware space
    Tags: ( anti-virus anti-malware opinion )
  8. If you are running an FTP server on top of IIS 5 or 6 on Windows 2000, you will want to check this out and put in some extra logging if you can't turn that puppy off.
    IIS5&6 FTP Stack Overflow Zeroday : Liquidmatrix Security Digest
    Tags: ( iis ftp win2k )
  9. The author has a very good point. Worth a read.
    stop the alert(); - The HP Security Laboratory Blog | HP Web Application Security -
    Tags: ( xss )

That's it for today. Have fun!

Subscribe to my RSS Feed if you enjoy these daily Interesting Bits posts.

Kevin

{ 0 comments }

Interesting Information Security Bits for 08/28/2009

by kriggins on August 28, 2009

in Interesting Bits

Good afternoon everybody! I hope your day is going well.

Here are today's Interesting Information Security Bits from around the web.

  1. Download your HAR2009 videos here.
    HAR2009: where to get the presentation videos | Security4all - Dedicated to digital security, enterprise 2.0 and presentation skills
    Tags: ( har2009 videos )
  2. A nice list of password managers worthy of a gander.
    Password Managers, something worth considering. Some Options | Security Active Blog
    Tags: ( passwords tools )
  3. The ToorCon 11 Call for Papers is open.
    ToorCon - Conference
    Tags: ( toorcon conferences cfp )
  4. Kees is trying to get a infosec community going on Long Island. If you are in that area, check it out.
    Long Island Information Security - Kees Leune
    Tags: ( general )

That's it for today. Have fun!

Subscribe to my RSS Feed if you enjoy these daily Interesting Bits posts.

Kevin

{ 0 comments }

Interesting Information Security Bits for 08/27/2009

by kriggins on August 27, 2009

in Interesting Bits

Good afternoon everybody! I hope your day is going well.

Here are today's Interesting Information Security Bits from around the web.

  1. Here is a great example of a deeply flawed access control system.
    jon.oberheide.org - blog - panera gift card security
    Tags: ( access-control )
  2. Andy has some nice things to say about the HISPI certification. Worth checking out.
    HISP Training >> Andy ITGuy
    Tags: ( hispi certification )
  3. Rebecca points to some websites we should bookmark regarding HIPAA.
    8,918 HIPAA Violation Investigations Have Required Corrective Actions - Realtime IT Compliance
    Tags: ( hipaa )
  4. Looks like WPA with TKIP is about as functional for protecting your wireless network as WEP is. Time to move to WPA/AES or, even better, WPA2.
    Attack on WPA refined - News - The H Security: News and features
    Tags: ( wpa wireless )

That's it for today. Have fun!

Subscribe to my RSS Feed if you enjoy these daily Interesting Bits posts.

Kevin

{ 0 comments }

Interesting Information Security Bits for 08/26/2009

by kriggins on August 26, 2009

in Interesting Bits

Good afternoon everybody! I hope your day is going well.

Here are today's Interesting Information Security Bits from around the web.

  1. Even something as simple as a route you use for your daily run can be a data leakage issue.
    Running into information << Techdulla
    Tags: ( data-leakage social-networking )
  2. If you have a wireless infrastructure based on Cisco APs, you will want to read this one.
    SkyJacking vulnerability discovered on Cisco APs - Security
    Tags: ( wireless cisco )
  3. Last year, for one of my Toastmasters speeches, I gave a quick 7 minute speech about data loss. For that talk, I used the on-line data loss db to grab a few numbers for a period of a week. During that time there were 8 or 9 incidents and several hundred thousand records lost. The majority of those incidents were caused not by malicious behavior, but by mistakes. That's what this article talks about too.
    IDC Report: Most Insider Leaks Happen By Accident - data leak prevention/Security - DarkReading
    Tags: ( data-leakage )
  4. Amazon has announced Virtual Private Clouds and the Hoff has some thoughts to share on the issue.
    Calling All Private Cloud Haters: Amazon Just Peed On Your Fire Hydrant... | Rational Survivability
    Tags: ( cloud private-cloud )
  5. Looks like a new open source project is going to be poking at GSM security.
    GSM to feel the heat from open source project - News - The H Security: News and features
    Tags: ( gsm mobile )
  6. Here are a couple of tips on implementing SharePoint with effective access control.
    Poor Microsoft SharePoint security permissions policies can derail deployments
    Tags: ( sharepoint )
  7. Rob Whiteley is looking for interesting stories about security shifts. Check out the article for what he is after.
    The Forrester Blog For Security & Risk Professionals
    Tags: ( general )

That's it for today. Have fun!

Subscribe to my RSS Feed if you enjoy these daily Interesting Bits posts.

Kevin

{ 0 comments }

RSA Europe 2009 Security Blogger Meetup

by kriggins on August 26, 2009

in Announcement

Just a quick note to let you know there will be a Security Bloggers Meet-up at RSA Europe 2009. For slightly more detail, check out this post on the RSA Security Bloggers Meet-up blog.

-Kevin

Disclaimer: I am involved in setting this up along with Benny and Dale Pearson.

{ 0 comments }

Interesting Information Security Bits for 08/25/2009

by kriggins on August 25, 2009

in Interesting Bits

Good afternoon everybody! I hope your day is going well.

Here are today's Interesting Information Security Bits from around the web.

  1. Didn't this type of legislation get passed and then thrown out in some other country here recently?
    New proposals to fight UK internet piracy are ridiculous | Graham Cluley's blog
    Tags: ( p2p )
  2. If you give or are required to give your fingerprints the the U.K. government, you may be giving them to a wider audience than you originally thought.
    UK To Share Fingerprints With Canada & Australia : Liquidmatrix Security Digest
    Tags: ( privacy )
  3. Turns out that the trail leads farther than originally thought.
    Hacker Ring Tied To Major Breaches Just Tip Of The Iceberg - DarkReading
    Tags: ( general )

That's it for today. Have fun!

Subscribe to my RSS Feed if you enjoy these daily Interesting Bits posts.

Kevin

{ 0 comments }

Interesting Information Security Bits for 08/24/2009

by kriggins on August 24, 2009

in Interesting Bits

Good afternoon everybody! I hope your day is going well.

Here are today's Interesting Information Security Bits from around the web.

  1. Here is a great post with a fine collection of education resources for the security professional who wants to learn new stuff or just wants to sharpen the iron.
    System Advancements at the Monastery >> Blog Archive >> Learning By Doing: Challenges, Data Sets, and Practice Sites
    Tags: ( challenges education )
  2. Sometimes the only thing you can do is fire the cannon. Read more to understand what that means and how true it is.
    Uncommon Sense Security: Another Episode of Security Anecdote Theater
    Tags: ( general )
  3. An interesting look at internet traffic patterns for North America.
    >> The Internet After Dark (Part 1) * Security to the Core | Arbor Networks Security
    Tags: ( general )
  4. Watch out folks. Looks like SubSeven is back.
    VRT: SubSeven is back after hiatus
    Tags: ( subseven malware )

That's it for today. Have fun!

Subscribe to my RSS Feed if you enjoy these daily Interesting Bits posts.

Kevin

{ 0 comments }

Backtrack 4 USB Thumb Drive PDF

by kriggins on August 23, 2009

in Announcement

I thought some might like to have a PDF of the how-to that could be used off-line.

Therefore, I made one.

The link is here (PDF). It is also linked to at the top of the how-to page itself.

-Kevin

{ 0 comments }

Major Re-write of the Backtrack 4 USB How-to Done

by kriggins on August 22, 2009

in Announcement,Tips,Tools

Hi folks.

The Backtrack 4 USB Drive How-to has undergone a huge re-write. One of the largest changes is that we are no longer using UNetBootin except for one minor thing and then only if you want to. Everything is done from within Backtrack itself now.

Another change is that I have added instructions on setting up encryption with Truecrypt directly into the how-to. Finally, I have added some interesting tweaks such as mounting the Truecrypt volume on boot, changing root's home directory to the encrypted volume on the fly and setting nessus up to log to the encrypted directory.

It still lives in the same place.

If you were using the old how-to and don't want to start over, it is living here now. The parts of the new how-to on encryption and tweaks will still work with the old how-to if you just want to add that bit.

As always, let me know of any problems, typos, mistakes, etc. of which I am sure there are plenty. :)

-Kevin

{ 0 comments }

Interesting Information Security Bits for 08/21/2009

by kriggins on August 21, 2009

in Interesting Bits

Good afternoon everybody! I hope your day is going well.

Here are today's Interesting Information Security Bits from around the web.

  1. A selection of videos from Blackhat 2009 has been made available. Black provides some links to them, but you can also find them on the Blackhat site.
    Selected video presentation at Black Hat 2009. -- PenTestIT
    Tags: ( blackhat conferences videos )
  2. Here are a couple scripts that allow you to view and search windows event logs on a linux system.
    RaDaJo (RAul, DAvid and JOrge) Security Blog: Looking for the right event
    Tags: ( event-logs perl linux )
  3. Lori calculates the bandwidth of sneakernetting hard drives to the cloud :) Yes, I just made a verb out of sneakernet. :)
    The Bandwidth of Sneakernet to the Cloud
    Tags: ( general )
  4. Jack has posted the audio from the B-Sides conference in Las Vegas that occurred at the same time as Blackhat and Defcon.
    Uncommon Sense Security: Security B-Sides Las Vegas 2009 Audio
    Tags: ( bsides conferences )
  5. Alan has started a series of posts that will explore the SAS70 Type II report. Good info in the first post.
    StillSecure, After All These Years: SAS 70 Type II Should you care?
    Tags: ( sas70 )

That's it for today. Have fun!

Subscribe to my RSS Feed if you enjoy these daily Interesting Bits posts.

Kevin

{ 0 comments }

← Previous Entries