Interesting Information Security Bits for 04/12/2009

by kriggins on April 12, 2009

in Interesting Bits

Good afternoon everybody! I hope your day is going well.

Here are today's Interesting Information Security Bits from around the web.

  1. Looks like it is going to be a busy week this week. Microsoft is issuing a pretty good sized batch of patches.
    Microsoft Patch Tuesday for April 2009: eight bulletins - Ars Technica
    Tags: ( microsoft patches vulnerability )
  2. This looks interesting. A virtual browser.
    Techworld.com - Startup puts web browsers 'in the cloud'
    Tags: ( browser )
  3. A nifty tip on how to get at the data your fat client is passing back and forth to the app server.
    PortSwigger.net - web application security: Intercepting thick client communications
    Tags: ( webappsec appsec )
  4. Kees brings us some interesting information that could be very helpful in developing and maintaining our awareness efforts.
    Why we sometimes think cheating is OK - Kees Leune Information Security Blog
    Tags: ( general )
  5. Damon has a nice description of one of the worms that hit Twitter this weekend.
    DCortesi . blog >> Twitter StalkDaily Worm Postmortem
    Tags: ( twitter worm )

That's it for today. Have fun!

Subscribe to my RSS Feed if you enjoy these daily Interesting Bits posts.

Kevin

Reblog this post [with Zemanta]

{ 0 comments }

Windows 7 Beta: Uninstalling Adobe Air

by kriggins on February 7, 2009

in Uncategorized

Recently, I was trying to upgrade Twhirl, my favorite Twitter client, to the latest beta version. I was doing this on my laptop which is running Windows 7 Beta. First the upgrade failed, then an install failed after removing Twhirl, I couldn't re-install Air because it said it was already installed, and finally I couldn't uninstall Adobe AIR.

Needless to say, I was a bit frustrated. I posted a query to Twitter to see if anybody else was having this problem. One person responded that they were and knew some other that also had the issue. I poked at it a bit, but didn't make any progress and left it alone for a bit.

Last night I decided to figure this thing out and was successful in being able to manually remove Air. After a re-install of Air and Thwirl, all was right with the world. Below are the steps I took to remove Air.

1. Delete the Adobe Air files from your system.

Delete "C:Program FilesCommon FilesAdobe Air".  Of course, change the drive letter if necessary. You will need to have administrative access to do this.

2. Remove the uninstall registry key for Adobe Air.

On my system the key was here:

HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionUninstallAdobe AIR

Use regedit  to do this. Remember to be very careful when mucking about with regedit. You can seriously mess things up. Again, you will need administrative access for this.

3. Re-install Adobe Air

Install Adobe Air again just like you did the first time.

Hope this helps and let me know if you find a simpler way.

-Kevin

Related articles by Zemanta
Reblog this post [with Zemanta]

{ 1 comment }

Interesting Information Security Bits for 02/04/2009

by kriggins on February 4, 2009

in Interesting Bits

Good afternoon everybody! I hope your day is going well.

Here are today's Interesting Information Security Bits from around the web.

  1. Time to patch Firefox.
    Firefox 3.0.6 targets security issues | Security - CNET News
    Tags: ( vulnerability firefox patch )
  2. You might want to be careful what sites you go to when you are logged into the twitter web interface. Also remember, that if you clicked on 'remember me', you are logged in even if you don't have it open in tab.
    Twitter Clickjacking Hack Released - DarkReading
    Tags: ( vulnerability clickjacking twitter )
  3. An interesting article with good points regarding the ability to disable UAC in Windows 7 and the fact that somebody has made a user-space program that does it automatically. Worth a gander.
    Both Sides on the Win7 UAC Problem
    Tags: ( windows-7 uac )
  4. If you're looking for a infosec job, the U.K. may be a good place to check. No idea on immigration and such, but couldn't hurt to take a peak.
    Many computer security jobs are still available in UK >> Computer internet security
    Tags: ( jobs )
  5. The CFP of Black Hat is open. Get your pencils ready and your ideas flowing.
    Black Hat : Black Hat USA 2009 Call For Papers
    Tags: ( blackhat conferences cfp )
  6. Black Fisk warns us to be careful of the number we see in reports on the cost of breached data. He doesn't say dismiss them out of hand, but we are better off if we can come up with some figures specific to our own organizations.
    Black Fist Security: Risk analysis: Cost of breaches and rolling your own numbers
    Tags: ( risk management )
  7. A nice post by Kees. Don't forget that you need to plan on more than one level and to do so you need to keep informed.
    On Situational Awareness - Kees Leune Information Security Blog
    Tags: ( general )

That's it for today. Have fun!

Subscribe to my RSS Feed if you enjoy these daily Interesting Bits posts.

Kevin

{ 0 comments }

Interesting Information Security Bits for 01/07/2009

by kriggins on January 7, 2009

in Interesting Bits

Today's Bits brings us posts that talk about rule breakers, DHS profiles of international travelers, playing like you're a printer with netcat, some possible policies that may need attention and things to think about when using Skype in the enterprise. Read on for the details.

  1. I have seen everyone of the these happen more times than I can count.
    The 4 Security Rules Employees Love to Break - Network World
    Tags: ( general awareness )
  2. This is an interesting read about what information the Department of Homeland Security has on international travelers. If you are curious about what they have on you, you can find out.
    A rare peek at Homeland Security's files on travelers - This Just In - Budget Travel
    Tags: ( travel dhs profile )
  3. Wesley has a nice how-to that show you a method for catching print jobs with netcat. Very handy for the issue he was trying to solve. However, as a commenter points out, what a great way to grab data in a pen test :)
    McGrew Security Blog >> Blog Archive >> Pretending to be a Printer with Netcat
    Tags: ( mitm printer netcat )
  4. Rebecca makes a really good point in this post. If your policies and procedures don't address twitter and its ilk, you should probably get on that.
    Business Info Fact Of The Day: Employees In Most Organizations Are Twittering - Realtime IT Compliance
    Tags: ( twitter procedure policies )
  5. A couple things to think about regarding Skype in the enterprise.
    Lawrence Orans on Containing the Risk of Using Skype
    Tags: ( general skype )

That's it for today. Have fun!

Subscribe to my RSS Feed if you enjoy these daily Interesting Bits posts.

Kevin

{ 0 comments }

Interesting Information Security Bits for 01/05/2009

by kriggins on January 5, 2009

in Interesting Bits

Lots of interesting things to take a gander at today. I had a great break and am rested and recharged and ready to tackle my workload. How about you?

Here are today's Interesting Information Security Bits from around the web.

  1. The Network World Salary Survey results for 2009 are up.
    Salary Survey - Network World
    Tags: ( survey salary )
  2. Packetlife's next contest is up and running. These are always a great way to learn something new or practice what you already know.
    January contest - PacketLife.net
    Tags: ( contest )
  3. David points to a great resource for getting up to speed on Digital Investigations and Evidence. It's not a short read, but looks really interesting. Is going on my to-be-read pile.
    Computer forensics - a subject every executive should understand (David Lacey's IT Security Blog)
    Tags: ( forensics guide )
  4. When good enough isn't really good enough. A nice post and point made.
    SecuriTeam Blogs >> Snow and security
    Tags: ( general )
  5. The combination of Twitter notification, allowed usernames and and automatic linkification of text by your email client introduces a possible phishing vector. Again, always be careful when clicking on links.
    Twitter Phishing Scam Update (Follow Notification Email Vulnerability)
    Tags: ( malware twitter phishing )
  6. I watched this happen live over the weekend. As always, be careful when clicking on links in emails/DMs/IMs etc.
    spylogic.net - First Twitter Phishing Attack of 2009
    Tags: ( twitter phishing )
  7. A nice post my Mathew talking about a presentation given at 25C3. Be careful on those fancy DECT telephones folks :)
    MatthewNeely.com - Security Second Thoughts - New Attack Against DECT Could Allow Attackers to Monitor Encrypted Headsets
    Tags: ( encryption dect mitm )
  8. Part 1 of Synjunkie's latest story. These are always fun.
    Syn: The Story of a Newbie Hax0r - Part 1
    Tags: ( stories )
  9. Send this to your family. They have several videos that help folks set there systems up more securely and educate them on safely using the Internet.
    The Academy Home
    Tags: ( education video home configuration )
  10. Benny's day 4 recap of 25C3.
    #25C3 Day 4 Overview: Picking up the pieces | Security4all - Dedicated to digital security, enterprise 2.0 and presentation skills
    Tags: ( conferences 25c3 recap )
  11. I've talked about privacy several time here. Here is another instance where your privacy can possible be invaded without you ever knowing. And another thought. What are the odds that no damage will be done to your system or data if it is "legally hacked?"
    (Hat Tip: http://carnal0wnage.blogspot.com/2009/01/uk-to-allow-warrantless-remote.html)
    Police set to step up hacking of home PCs - Times Online
    Tags: ( privacy hacking surveillance police )
  12. I posted about this previously. Help Mike and Lee out by completing the survey. It doesn't ask for your social security number or your bank account number. I promise.
    Calling all security pros | Episteme
    Tags: ( general )
  13. Richard has a nice little walk-through on getting IPv6 working on you Windows XP box. On a side note, I hope you are watching and filtering for IPv6 at your perimeter and hosts. This type of configuration can punch holes right through to the chewy center if you are not careful.
    TaoSecurity: IPv6 Tunnel on Windows XP Using Freenet6
    Tags: ( ipv6 tunnel )

That's it for today. Have fun!

Subscribe to my RSS Feed if you enjoy these daily Interesting Bits posts.

Kevin

{ 2 comments }

Interesting Information Security Bits for August 5th, 2008

by kriggins on August 6, 2008

in Interesting Bits

Here we go.

CG points out that Brett Moore of Insomnia Security has released a Putty Hijack tool. Could be useful.

The IT Security Guy gives a heads up about a CIO magazine article about software security. Worth a gander.

All security professionals, at one time or another, will need to give presentations. Security4all has some good pointers on this topic frequently. Today's pointers refer to your physical presence on the stage. Good stuff.

What out for GIFARS. Not good people, not good at all.

As was probably expected by us all, Twitter is being used to distribute malware. Ryan over at Zero Day has a post up discussing the issue.

Last, but definitely not last, Wesley (not "Wes"), is talking a little about a press release which is about a vulnerability he found in some SCADA software. Looking forward to hearing more about this in the future.

That's it for today.

Kevin

{ 0 comments }

Next Entries →