Here are today's Interesting Information Security Bits from around the web.

1. "This document was produced jointly with the OWASP mobile security project. It is also published as an ENISA deliverable in accordance with our work programme 2011. It is written for developers of smartphone apps as a guide to developing secure apps. It may however also be of interest to project managers of smartphone development projects. "
   Smartphone Secure Development Guidelines -- ENISA
   Tags: ( appsec guide enisa smartphone)
2. A reverse engineering challenge for you.
   AthCon 2012
   Tags: ( challenge reverse-engineering)
3. Very cool.
   TaoSecurity: Dustin Webber Creates Network Security Monitoring with Siri
   Tags: ( siri network-security)
4. Tom's excellent guide to Facebook's privacy and security settings has gotten an update. Go use it.
   Social Media Security >> Facebook Privacy & Security Guide Updated to v3.0
   Tags: ( facebook privacy)
5. Richard points out this report which you really ought to read. Good stuff in there.
   TaoSecurity: Thoughts on 2011 ONCIX Report
   Tags: ( issb report)
6. Wow. This is pretty amazing. Fraudsters used cell phone number porting to steal money.
   Fraudsters beat two-factor authentication, steal $45k
   Tags: ( multi-factor sms fraud )

That's it for today. Have fun!

Subscribe to my RSS Feed if you enjoy these daily Interesting Bits posts.

Kevin

Here are today's Interesting Information Security Bits from around the web.

1. Dave speaks truth here. You should read and take to heart what he says.
   ShackF00 >> Doom, Gloom, and Infosec
   Tags: ( general career)
2. This is a very nicely penned perspective on risk analysis, threat centricity and the impact that not knowing what your assets are and what they are worth has on your risk assessment processes.
   Assets, Black Swans, and Threat-Centrism - The Falcon's View
   Tags: ( risk )

That's it for today. Have fun!

Subscribe to my RSS Feed if you enjoy these daily Interesting Bits posts.

Kevin

Here are today's Interesting Information Security Bits from around the web.

1. Here is a list of links to the videos from SkyDogCon.
   SkyDogCon 2011 Videos (Hacking Illustrated Series InfoSec Tutorial Videos)
   Tags: ( video skydogcon)
2. This is a three part challenge with packet analysis, steganography, and reverse engineering.
   SecuraLabs Challenge #2 << SecuraBit
   Tags: ( iis challenge)
3. Here is an excellent process for attacking forensics challenges. Heck, it's a good process for any forensic engagement.
   Windows Incident Response: DF Analysis Lifecycle
   Tags: ( forensics process)
4. Chris is a good friend of mine and he penned a missive about self-improvement, perception and feedback, among other things, that everybody should read.
   Personal Risk Management << Risktical Ramblings
   Tags: ( general career )

That's it for today. Have fun!

Subscribe to my RSS Feed if you enjoy these daily Interesting Bits posts.

Kevin

Here are today's Interesting Information Security Bits from around the web.

1. Challenges are good for you. They make you use your grey matter
   [FortiChallenge 2k11] Hint #2 | Fortinet Security Blog
   Tags: ( challenge cryptography)
2. Some common mobile app vulnerabilities.
   Carnal0wnage & Attack Research Blog: Common mobile app vulnerabilities
   Tags: ( )

That's it for today. Have fun!

Subscribe to my RSS Feed if you enjoy these daily Interesting Bits posts.

Kevin

Here are today's Interesting Information Security Bits from around the web.

1. A nice review of this book.
   Security and risk: Book review: Social Engineer - The art of human hacking by Chris Hadnagy
   Tags: ( books)
2. Nice article and story that drives home the point that not EVERYTHING is classified or needs to be.
   Security Musings >> Blog Archive >> "I think they already know about the mountains, sir."
   Tags: ( general )

That's it for today. Have fun!

Subscribe to my RSS Feed if you enjoy these daily Interesting Bits posts.

Kevin

Here are today's Interesting Information Security Bits from around the web.

1. This has nothing to do with information security other than we all sit too much and would benefit from standing a bit more. I have wanted a standing desk for along time and my friend Martin has built his own for $65. Looks like I'm out of excuses.
   Network Security Blog >> $65 Standing Desk
   Tags: ( general)
2. Dave reminds us that we need to clear our old iPhones before we hand them over when we get our nice new shiny ones.
   IT Security Expert: Securely Wiping your Personal Data from the iPhone
   Tags: ( iphone privacy)
3. Very interesting idea. Intentionally and randomly shut down parts of your infrastructure to truly stress test your availability solutions. Branden then asks 'how do we do this for infosec?"
   Branden R. Williams, Business Security Specialist >> Where is your Chaos Monkey?
   Tags: ( general )

That's it for today. Have fun!

Subscribe to my RSS Feed if you enjoy these daily Interesting Bits posts.

Kevin

Bet you thought I disappeared again

Nope! Just a busy week with BSidesKC and mucho work.

Here are today's Interesting Information Security Bits from around the web.

1. Very interesting model for running a successful CyberSecurity Agenda within a country. I am going to have to read the papers and see what we can repurpose for business.
   Cybersecurity-More than a good headline - Roger's Security Blog - Site Home - TechNet Blogs
   Tags: ( general)
2. Bwhahahaha!
   Brilliant Ad by Webroot | Andrew Hay
   Tags: ( humor)
3. Good post by Rich on an excellent idea for cloud resource provisioning.
   Securosis Blog | A Kick-Ass Cloud Database Security Automation Example
   Tags: ( cloud)
4. This is a nice video from Mozilla that Nick found on making complex easy to remember passwords.
   Security Musings >> Blog Archive >> Stronger Passwords Tutorial Video
   Tags: ( passwords )

That's it for today. Have fun!

Subscribe to my RSS Feed if you enjoy these daily Interesting Bits posts.

Kevin

Here are today's Interesting Information Security Bits from around the web.

1. How to decrypt an encrypted iPhone application bundle.
   extern blog SensePost;
   Tags: ( iphone)
2. This is a great article building off of Brian Krebs note about the other companies that experienced breaches along with RSA.
   Are you one of the 760? | Liquidmatrix Security Digest
   Tags: ( breach)
3. Nifty article with some lovely code to strip the referrer out of POST and GET requests.
   Stripping Referrer for fun and profit
   Tags: ( webappsec)
4. Videos from Hack3rcon are available now.
   Hack3rcon II Videos (Hacking Illustrated Series InfoSec Tutorial Videos)
   Tags: ( videos conferences hackercon )

That's it for today. Have fun!

Subscribe to my RSS Feed if you enjoy these daily Interesting Bits posts.

Kevin

Here are today's Interesting Information Security Bits from around the web.

1. A great post from Gunnar on Availability vs Security.
   1 Raindrop: Steve's Google Platform Rant and the Long, Hard Slog of AppSec
   Tags: ( appsec)
2. Chris has a nice list of podcasts for you to listen to if that is your thing.
   Filling your ipod...update! << Catsn22 (in)siesuiaitu / ChrisJohnRiley
   Tags: ( podcasts)
3. For those in Mexico or doing business in Mexico, it looks like there are some updates coming to the protection regulations there.
   Mexico's Ministry of Economy Releases Updated Data Protection Regulations : : Privacy and Information Security Law Blog
   Tags: ( privacy mexico)
4. A nice post about developers and information security pros.l
   Stay Cool, Nobody is Calling Your Baby Ugly
   Tags: ( appsec)
5. This is an absolutely fantastic post about careers in infosec and has great list of resources related to learning about infosec.
   Penetration Testing and Vulnerability Analysis - Careers
   Tags: ( careers )

That's it for today. Have fun!

Subscribe to my RSS Feed if you enjoy these daily Interesting Bits posts.

Kevin

Here are today's Interesting Information Security Bits from around the web.

1. A very interesting article about trending-term exploitation on the web, i.e. attempts at exploiting victims using currently trending topics.
   Light Blue Touchpaper >> Blog Archive >> Fashion crimes: trending-term exploitation on the web
   Tags: ( phishing malware)
2. This is not specifically information security related, but it is a very interesting look back at a vital turning point in world history.
   Reykjavik: Turning Point of the Cold War
   Tags: ( general history)
3. Wanna get netcat working on a MIPS system? Here's your recipe.
   The story of how qemu met MIPS and created netcat - Intrepidus Group - Insight
   Tags: ( netcat mips )

That's it for today. Have fun!

Subscribe to my RSS Feed if you enjoy these daily Interesting Bits posts.

Kevin