availability

Wow, this has been a crazy busy week.

My apologies for not taking the time to get the daily bits posts out the door. However, don't despair. I have a bumper crop for you today because I have been keeping my eye on things.

Unfortunately you will have to do without my pithy (or so I'd like to believe) comments today. 🙂

Also, RSA Europe 2009, where I'll be speaking, is right around the corner along with some vacation time, so you will see fewer bits posts over the next couple weeks and they will probably be like this one.   I will be back in full gear after the conference. I will blog when I can on what I see at RSA though.

Anywho, here are today's (this weeks) Interesting Information Security Bits from around the web.

  1. Immutable Security >> Low and Slow SSH Brute Force Attacks
    Tags: ( ssh )
  2. Real World Stories: How Pen Tests Complement Vulnerability Scans << Core Security Technologies
    Tags: ( wepappsec pentest )
  3. Visa Announces New Data Encryption Practices
    Tags: ( pci )
  4. 'What's wrong with Smelly Widgets?' - Packet Challenge << I Smell Packets
    Tags: ( challenge packet )
  5. The Professional Security Testers Warehouse for the CEH GPEN QISP Q/ISP OPST CPTS - FRHACK01 copy of presentations
    Tags: ( conference presentations )
  6. Avert Labs Paper: Inside the Password Stealing Business:the Who and How of Identity Theft | Hackers Center Blogs
    Tags: ( passwords )
  7. AVG Stepping Up Consumer Anti-Virus Offerings | Darknet - The Darkside
    Tags: ( anti-virus avg )
  8. Man banished from PayPal for showing how to hack PayPal * The Register
    Tags: ( paypal )
  9. Book Review: The Rootkit Arsenal << McGrew Security Blog
    Tags: ( books reviews )
  10. Jeremiah Grossman: All about Website Password Policies
    Tags: ( infosce passwords )
  11. Digital Soapbox - Preaching Security to the Digital Masses: Things I Learned at SecTor 2009
    Tags: ( conference toorcon recap )
  12. TaoSecurity: Technical Visibility Levels
    Tags: ( avialability monitoring )
  13. SSL Still Mostly Misunderstood - DarkReading
    Tags: ( ssl )
  14. Anton Chuvakin Blog - "Security Warrior": Compliance != Security, Does Security = Compliance?
    Tags: ( compliance security )
  15. A Page from Singapore's Cybersecurity Playbook | Optimal Security: The Lumension Blog
    Tags: ( general )
  16. You Can't Always Be Proactive - Hacked Off - Dark Reading
    Tags: ( general )
  17. Security Uncorked >> Good, Bad and Ugly: On SecTor's Wall of Shame
    Tags: ( passwords wireless )
  18. CSS History Hack Used To Ban Torrent Users ha.ckers.org web application security lab
    Tags: ( css )
  19. Yahoo Best Jobs in America ranks infosec professional #8
    Tags: ( career )

That's it for today. Have fun!

Subscribe to my RSS Feed if you enjoy these daily Interesting Bits posts.

Kevin

{ 0 comments }

Good afternoon everybody! I hope your day is going well.

Here are today's Interesting Information Security Bits from around the web.

  1. Here's a new challenge for you. The winner will be announced in San Diego in September.
    philosecurity >> Blog Archive >> Network Forensics Puzzle Contest!
    Tags: ( challenge network-forensics )
  2. This is just a lot of fun. Link goes directly to PDF.
    WHEN ZOMBIES ATTACK!: MATHEMATICAL MODELLING OF AN OUTBREAK OF ZOMBIE INFECTION (PDF)
    Tags: ( general )
  3. Here is a huge list of cheat sheets you will find useful.
    System Advancements at the Monastery >> Blog Archive >> What's in Your Folder: Security Cheat Sheets
    Tags: ( cheatsheet )
  4. Steve has written a post on things not to do when implementing VDI. He calls them anti-patterns. I like that term. Going to have to remember it. This is a good read if you are considering rolling out this type of infrastructure and especially if you already have.
    ViewYonder >> Feeding the IT Shriekometer: 5 VDI anti-patterns
    Tags: ( vdi )
  5. As I have mentioned before, the team I participated on for the Mystery Challenge at Defcon 17 tied for second place this year. Cutaway has written up a great recap that makes me even more bummed that I missed out this year and more motivated to be there for next years challenge.
    Security Ripcord >> Blog Archive >> MysteryChallenge - DefCon 17
    Tags: ( mystery-challenge )
  6. Some guidance on surviving a third-party on-site audit. Good stuff.
    Surviving a third party onsite audit
    Tags: ( audit )
  7. "Run, run away. We've been hacked......um, never mind, it was something else." The Security Shoggoth reminds us, that it isn't always about security. Which brings the following saying to mind, "When all you have is a hammer, every problem looks like a nail."
    The Security Shoggoth: Its Not Always A Security Issue
    Tags: ( general )
  8. There are an increasing number of conversations going on about whether Facebook and its ilk should be allowed on corporate networks. The Marines have taken the stance that social networking sites are not allowed. This post by Chris reinforces that decision. It's dangerous out there folks. Be careful.
    Two Facebook Threats In One Day... - SpywareGuide Greynets Blog
    Tags: ( facebook )
  9. One of the three legs of the CIA triad, which is the foundation of information security, is availability. This post is the first of a series that will be exploring this facet of information security.
    A Data Protection Reference Architecture - Part 1 - Backup & Beyond
    Tags: ( availability backup )
  10. Here is an interesting article about Windows 7, XP Mode, Vista and a few other tidbits.
    Roger's Security Blog : Why Windows 7 XP Mode makes sense from a security perspective
    Tags: ( microsoft windows-7 xp )

That's it for today. Have fun!

Subscribe to my RSS Feed if you enjoy these daily Interesting Bits posts.

Kevin

{ 0 comments }

Good afternoon everybody! I hope your day is going well.

Here are today's Interesting Information Security Bits from around the web.

  1. This is always an interesting challenge. Not for the faint of heart.
    DC3 Challenge
    Tags: ( challenge dc3 )
  2. Looks like she has the chops for the job.
    Obama taps Bush aide Melissa Hathaway to review federal cybersecurity efforts
    Tags: ( general )
  3. Link pretty much says it all. Deadline is May 15th, 2009.
    DEFCON 17 Call For Papers
    Tags: ( cfp defcon 17 )
  4. Having been bitten in the past by exactly the same thing as Mr. Bump, I heartily suggest you heed his advice.
    BumpInTheWire.com >> Blog Archive >> Shootin Ducks On A Pond
    Tags: ( availability )

That's it for today. Have fun!

Subscribe to my RSS Feed if you enjoy these daily Interesting Bits posts.

Kevin

{ 0 comments }