by kriggins on October 19, 2011
in WtRW
Wait. What? Can it be?
Yup! What to Read Wednesday's is back. To refresh your memory, What to Read Wednesday posts are pointers to folks whom I think produce excellent content. You can see previous posts here.
This week's post is a bit different in that it isn't so much something you should read, but something you should watch. Javvad Malick's InfosecCynic Youtube channel is pure gold. You will laugh, you will cry and you will go 'what the....?', and in the process, you will get exposed to some great ideas and methods of conveying information security topics to various audiences.
A couple of my favorites.
Avoiding Security Budget Cuts: http://www.youtube.com/user/InfosecCynic#p/a/u/0/irRJdZo5x3U
Compliance vs. Security: http://www.youtube.com/user/InfosecCynic#p/u/11/CBdg0682Qzg
You can also follow Javvad on Twitter at @j4vv4d.
His website is here: http://www.j4vv4d.com/
As always, comments are welcome below or you can email me at kriggins@infosecramblings.com if you prefer.
If you are interested in getting my content regularly, go ahead and subscribe to my RSS feed. You can also subscribe to have posts emailed to you if you prefer.
-Kevin
by kriggins on February 2, 2011
in WtRW
I have long been a fan of Gunnar Peterson's writing. He brings an interesting perspective to information security and looks at things from several different directions. He blogs at 1 Raindrop and is also a contributing analyst for Securosis.
Some recent entries you might find interesting:
Everyone Has a Plan Until They Get Hit
Heartland's Value Metrics
Of Gateways and Hedgehogs
You can also follow Gunnar on Twitter. He is @oneraindrop there.
As always, comments are welcome below or you can email me at kriggins@infosecramblings.com if you prefer.
If you are interested in getting my content regularly, go ahead and subscribe to my RSS feed. You can also subscribe to have posts emailed to you if you prefer.
-Kevin
by kriggins on January 26, 2011
in WtRW
Jack Daniel, a self-professed curmudgeon and owner of a truly magnificent beard, has a very direct and non-nonsense perspective on the topics he chooses to write about. He is also a bit of a fibber about that curmudgeon part. Jack is a great friend and has done as much for the information security community as anybody I can think of.
He is actively involved in the Security BSides movement and sits on the board of the National Information Security Group (NSAIG.) He writes on a variety of topics and I enjoy his work. Pop his blog, Uncommon Sense Security, in the must-read folder in your RSS reader.
Here are some recent contributions as a sample:
Who do you trust?
In Defense of FUD
Invoking 9/11, lies, and ignorance.
You can also follow Jack on Twitter. He is @jack_daniel there.
As always, comments are welcome below or you can email me at kriggins@infosecramblings.com if you prefer.
If you are interested in getting my content regularly, go ahead and subscribe to my RSS feed. You can also subscribe to have posts emailed to you if you prefer.
-Kevin
by kriggins on January 19, 2011
in WtRW
by kriggins on January 12, 2011
in WtRW
There are quite a few good writers in the information security space, but few are able to turn a phrase quite like Shrdlu. I don't remember the first time I came across the Layer 8 blog, but I have been an avid reader ever since.
You will learn something every time Shrdlu decides to give us some of his or her stored up wisdom. (I know the proper pronoun, but am respecting Shrldu's anonymity) That, or you will rupture something laughing at his or her wit. While I have not met Shrdlu in person yet, we are good friends online. Hopefully we can meet in meat space in the near future.
Some examples of Shrdlu's prose:
You say potato, I say false positive.
BSOFH Interview Questions. One of my favorites, probably because I participated 🙂
Audit instructions.
BSOFH: the roar of the packets, the smell of the cloud. A must read 🙂
Want a little more wisdom from Shrldu? Follow on Twitter, @shrdlu.
As always, comments are welcome below or you can email me at kriggins@infosecramblings.com if you prefer.
If you are interested in getting my content regularly, go ahead and subscribe to my RSS feed. You can also subscribe to have posts emailed to you if you prefer.
-Kevin
by kriggins on January 5, 2011
in WtRW
Brian Krebs used to write for the Washington Post...and then he didn't. He started Krebs on Security just a year ago and has been churning out great content ever since. Brian brings great investigative journalism to the information security blogger space.
One of his focus areas has been bank crime, both ATM theft and EFT theft. That is not to say that he has a one track mind. He has penned articles on a variety of topics.
Here are some samples for you to check out.
Russian e-Payment Giant ChronoPay Hacked
Fallout from Recent Spear Phishing Attacks?
Why GSM-Based ATM Skimmers Rule
Pop his site in your RSS reader in the 'must read' folder. You will be better informed if you do.
Also give him a follow on Twitter. He is @briankrebs there.
If you are interested in getting my content regularly, go ahead and subscribe to my RSS feed. You can also subscribe to have posts emailed to you if you prefer.
-Kevin
http://krebsonsecurity.com/2010/12/russian-e-payment-giant-chronopay-hacked
by kriggins on December 22, 2010
in WtRW
Not to put Didier Stevens in a box, but he knows more about PDFs than Adobe does. It's really good that he is on our side 🙂
Didier also had a deep understanding of the security model for a number of systems and has provided a number of tools you can use to explore those models.
If you are interested in the technical aspects of privilege escalation/de-escalation, Didier also has you covered.
If you haven't figured it out yet, Didier is another one of my friends that is scary smart.
Here are a some posts you should check out.
HeapLocker: Private Memory Usage Monitoring
Password Auditing With a Password Filter
pdf-tools
Put his blog in your RSS reader "must read group" too! Didier is @didierstevens on Twitter if you would like to follow him there too. I do!
As always, comments welcome below or you can email me: kriggins@infosecramblings.com
If you are interested in getting my content regularly, go ahead and subscribe to my RSS feed. You can also subscribe have posts emailed to you if you prefer.
-Kevin
by kriggins on December 15, 2010
in WtRW
For the inaugural post in the 'What to Read Wednesday' series, I am suggesting that you put Lori MacVittie's blog over at DevCentral in your reader...at the top...in your must read folder.
If you were a follower of the recently deceased IISB posts, you will recognize her site. Lori consistently pens excellent posts on a broad range of topics. Not all of her posts are information security centric, but you should read them anyway. They will make you a much more informed professional.
Besides that, they are fun to read.
Lori has great voice and a wonderful way of getting her point across.
Some recent posts that I particularly enjoyed are:
There Is No Such Thing as Cloud Security
Like Load Balancing WAN Optimization is a Feature of Application Delivery
The Database Tier is Not Elastic
In case you didn't notice, those three posts represent quite a range of content.
Lori is scary smart.
You need to take advantage of that.
As always, comments welcome below or you can email me at kriggins@infosecramblings.com with your thoughts.
-Kevin