breach

Good afternoon everybody! I hope your day is going well.

Here are today's Interesting Information Security Bits from around the web.

  1. You probably already are aware of this. Monster.com has indicated that they have suffered a breach. The evil doers have pretty much everything you ever put into Monster that you would consider sensitive.
    Monster.com suffers database breach deja vu * The Register
    Tags: ( breach monstor )
  2. Andrew has a nifty little script you can use to remotely check the time on your windows boxen.
    Andrew Hay >> Blog Archive >> Quick Script to Remotely Check Windows System Time
    Tags: ( tools windows scripts time )
  3. Sensepost has a challenge up regarding reverse engineering an FTP server. Give it a go.
    QoW: Software Reversing and Exploitation
    Tags: ( challenge exploit software reversing )
  4. Alex calls PCI security through obscurity.
    The Source of PCI DSS "Failure" | RiskAnalys.is
    Tags: ( pci )
  5. Chris disagrees with Alex's notion that PCI is security through obscurity.
    PCI-DSS Is Not About "Security by Obscurity" << Risktical Ramblings
    Tags: ( pci )
  6. A nice set of links to good articles on cloud computing. Includes some security related info too.
    Hat Tip: http://rationalsecurity.typepad.com/blog/2009/01/cloud-security-link-love-monk-style.html
    System Advancements at the Monastery >> Blog Archive >> Recent Cloud Postings
    Tags: ( cloud )
  7. Part 2 of Erik's series on Security Your Linux Host is available.
    Art of Information Security >> Secure Your Linux Host - Part 2: Secure SSH
    Tags: ( linux securing )
  8. Nice walk through of an XSS attack.
    Hat tip: @lbhuston
    Anatomy of an XSS Attack
    Tags: ( xss )
  9. A nice exploration of Skype and its use in your environment.
    Skype, is it right for you?
    Tags: ( skype )

That's it for today. Have fun!

Subscribe to my RSS Feed if you enjoy these daily Interesting Bits posts.

Kevin

Reblog this post [with Zemanta]

{ 0 comments }

Here are today's interesting bits in information security.

  1. This is an interesting story of the DarkMarket sting.
    Three years undercover with the identity thieves
    Tags: ( general )
  2. Just because the website you are visiting is a popular, well-known site doesn't mean that it is complete safe. Conversely, just because a site is declared to host malware, doesn't mean they whole site is malicious.
    70 Of Top 100 Web Sites Spread Malware -- Malware -- InformationWeek
    Tags: ( malware )
  3. Want to get some personally identifiable information on somebody. Find out where they get the dry cleaning done and get a job. Wow.
    9,000 USBs left in Laundrettes : Security Watch - Internet Security News: IT security, Business security, Computer security, Network security, and more
    Tags: ( data gathering breach usb )
  4. Time to patch Quicktime.
    QuickTime 7.6 Fixes First 7 Bugs of 2009 - Security Watch
    Tags: ( vulnerability patches quicktime )
  5. I pointed this out recently. Looks like Seagate users are going to need to patch again.
    Seagate Offers Second Fix For Hard-Drive Firmware -- Storage Security -- InformationWeek
    Tags: ( availability )
  6. This is very cool. I use OpenDNS at home and have never been happier.
    New Security Services Land In Home Routers - DarkReading
    Tags: ( home-networking )
  7. Gonna be a meetup for podcasters at ShmooCon. Looks like a lot of fun.
    Podcasters Meetup at ShmooCon - Room362.com
    Tags: ( conferences meetup shmoocon )
  8. A very nice article about why we need to keep identity and authentication as separate and distinct.
    Hat tip: http://www.schneier.com/blog/archives/2009/01/identity_authen.html
    It's Me, and Here's My Proof: Why Identity and Authentication Must Remain Distinct
    Tags: ( identity authentication access-control )
  9. A new blog talking about SSL and some of the pitfalls one can come across in various implementations.
    Introducing SSLFail.com | tssci security
    Tags: ( ssl )

That's it for today. Have fun!

Subscribe to my RSS Feed if you enjoy these daily Interesting Bits posts.

Kevin

Reblog this post [with Zemanta]

{ 0 comments }

Today's Bits has malware infections, data breach at a card processor, the need for requirements, deperimeterization and endpoint control, awareness campaign metrics, an update to an F-Secure malware removal tool, and a list of InfoSec bloggers in Australia. More details below. Have a great day.

  1. First they allowed computers used in surgery to be rebooted automatically upon being patched by Windows Update. Then they disabled Windows update, but didn't put any further controls in place to protect these systems. Remember, if you disable one control, you need to introduce a compensating control where elevated risk exists.
    Conficker seizes city's hospital network * The Register
    Tags: ( malware )
  2. This has the potential to be huge.
    Payment processor warns of network breach
    Tags: ( breach creditcard )
  3. "Tell me what you got and I'll pick what I think I need" never ends well. The need for requirements extends well beyond security controls. If you can't effectively articulate your needs, you are never going to be able to fulfill them.
    Requirements are required >> Andy ITGuy
    Tags: ( general )
  4. Yup, if you done control the endpoint, you have some really big problems.
    Deperimeterization without endpoint control? | Security Balance
    Tags: ( endpoint control infrosec deperimeterization )
  5. Julie has a good post up on Security Catalyst with some suggestions on how to measure the effectiveness of you security awareness program.
    Three Ways to Make Awareness Measurable : The Security Catalyst
    Tags: ( awareness metrics )
  6. F-Secure has an update available for their F-Downadup Removal Tool. With the number of machines being reported that are infected with this malware, we should probably all have this in our toolbox.
    ISTP and F-Downadup Removal Tool - F-Secure Weblog : News from the Lab
    Tags: ( malware tools removal )
  7. Drazen has started a list of Australian InfoSec bloggers. Check it out and make sure you are on it if you are a InfoSec blogger in Australia.
    Beast Or Buddha >> Australian IT Security Blog Directory
    Tags: ( general blogs )

That's it for today. Have fun!

Subscribe to my RSS Feed if you enjoy these daily Interesting Bits posts.

Kevin

{ 0 comments }

Another day of great content. Enjoy.

Here are today's Interesting Information Security Bits from around the web.

  1. VeriSign has stepped up and offered replacement SSL certs free of change to all customers with MD5-based certs. They have also implemented SHA-1 for all certs now. Should have happened much earlier, but at least they were quick in there response.
    VeriSign addresses MD5 flaw
    Tags: ( vulnerability ssl general cert )
  2. Good guidance for us all and some suggestions on how to go about doing it.
    Know your network to keep it secure :: SearchNetworking.com.au
    Tags: ( network )
  3. Forrester is indicating that security spending may be taking a bigger chunk of IT spending in 2009.
    Despite Economy, Security Spending To Increase In 2009 - security industry/Management - DarkReading
    Tags: ( general spending 2009 )
  4. Oops. Trusted Execution Technology might not deserve to be trusted as much as we were lead to believe.
    Researchers hack into Intel's vPro - Network World
    Tags: ( txt )
  5. This is nifty. A nice visualization of botnet IRC channel joins.
    Flashy botnet is Flashy - F-Secure Weblog : News from the Lab
    Tags: ( botnet visualization )
  6. Erik has part 1 of a series that will address securing our Linux hosts.
    Art of Information Security >> Secure Your Linux Host - Part 1: Foundations...
    Tags: ( linux securing )
  7. Donald points us to a paper written by Brett Shavers about virtual machines and forensics analysis. I just added it to my stack of stuff to read.
    Forensic reading - Malta Info Security
    Tags: ( forensics virtualization vmware )
  8. A very good read. Well written and has a good point.
    Could the Titanic have changed course? | The Guerilla CISO
    Tags: ( general compliance checklists )
  9. I have pointed to all the previous parts of the this series of posts. The first paragraph has links to them also. I really like how they have brought all the previous posts together by showing some use cases. Well done.
    Building a Web Application Security Program, Part 8: Putting It All Together | securosis.com
    Tags: ( webappsec program )
  10. Adam points us to Maine's Data Breach Study. He points out some interesting tidbits. Enough that I have grabbed the study for reading later.
    Emergent Chaos: Maine Breach Study
    Tags: ( data breach study maine )
  11. Damon has a very nice guest post up on Jennifer Leggio's Feeds blog. It reaches beyond the issues that Twitter was dealing with this weekend.
    The inevitable rise (and fall?) of 'twishing' | Feeds | ZDNet.com
    Tags: ( twitter phishing social-networks )

That's it for today. Have fun!

Subscribe to my RSS Feed if you enjoy these daily Interesting Bits posts.

Kevin

{ 0 comments }

Good afternoon everybody! I hope your day is going well.

Here are today's Interesting Information Security Bits from around the web.

  1. This is interesting. I would say some of the guidance appears a bit more tactical that I would expect for a CSO, but still worth a gander.
    ASIS releases standards detailing CSO role @ The Latest for Security Executives SecurityInfoWatch.com
    Tags: ( cso )
  2. This is a good article to put in front of anybody that thinks that cross-site scripting vulnerabilities are minor and don't really need to be worried about.
    SecuriTeam Blogs >> Cross Site Scripting can cause your stock to tank
    Tags: ( xss )
  3. A very nice article about the recent patching of a flaw in the SimpleDB api.
    What's New in the Amazon Cloud?: Security Vulnerability in Amazon EC2 and SimpleDB Fixed (7.5 Months After Notification) | Cloud Security
    Tags: ( vulnerability patches amazon simpledb )
  4. Martin has a post asking us what we are doing to keep our skills current. Several, including me, have offered some input. There is some good stuff there. Go check it out and add your own ideas.
    Network Security Blog >> Investing in my career
    Tags: ( career education )
  5. Nifty tip on how to mount a filesystem using the alternate superblock when it won't mount normally. Of course, this is from a forensic perspective, but useful from a general perspective also.
    Mounting Images Using Alternate Superblocks << SANS Computer Forensics, Investigation, and Response
    Tags: ( forensics mount superblock )
  6. The bad guys are not in this for fun and games. There is value in the data they are taking from you.
    Hundreds of Stolen Data Dumps Found - Security Fix
    Tags: ( data breach )
  7. Looks like there might be some clarification coming regarding PCI and virtualization in 2009. Keep you eyes open.
    http://www.networkworld.com/news/2008/121808-crystal-ball-pci.html
    Tags: ( pci virtualization )

That's it for today. Have fun!

Subscribe to my RSS Feed if you enjoy these daily Interesting Bits posts.

Kevin

Reblog this post [with Zemanta]

{ 0 comments }

Good afternoon everybody! I hope your day is going well.

Here are today's Interesting Information Security Bits from around the web.

  1. Time to patch Apple owners.
    21 OS X Vulnerabilities Patched By Apple - Security Watch
    Tags: ( patches apple vulnerabilities )
  2. Even Google can get taken in by ad-based malware.
    Google sponsored links caught punting malware * The Register
    Tags: ( malware google ads )
  3. Be careful on Facebook. Well, you should always be careful on Facebook, but there are a few specific reasons you should be until they get them fixed.
    Four XSS flaws hit Facebook | Zero Day | ZDNet.com
    Tags: ( exploit vulnerability xss facebook )
  4. Andy points to an article by Rebecca Herold about the importance of vetting your 3rd party service providers information security stance. He then offers his opinion which agrees with Becky's and mine for that manner.
    3rd Party Security
    Tags: ( security vendor review )
  5. Look out folks. It appears that India is being targeted by Chinese hackers. With significant out sourcing going to India, we need to be very aware of this situation.
    The Dark Visitor >> Chinese hackers stealing Indian InfoTech data
    Tags: ( breach india )
  6. The invitations for the RSA Security Blogger's Meet-up. Better get your RSVP in soon. Only 200 will get to attend.
    Network Security Blog >> Look for your invite
    Tags: ( rsa meetup )
  7. This is just nifty.
    ITSec Non-Hypocritical Oath
    Tags: ( creed )

That's it for today. Have fun!

Subscribe to my RSS Feed if you enjoy these daily Interesting Bits posts.

Kevin

{ 0 comments }

Good afternoon everybody! I hope your day is going well.

Here are today's Interesting Information Security Bits from around the web.

  1. I mentioned this white paper when I did my RSA Europe recap back in October. It is worth a read. * the link goes directly to the PDF
    Web 2.0 Security and Privacy
    Tags: ( privacy enisa )
  2. Here are some things you can do to protect yourself against the 0-day exploit that works against IE7.
    Microsoft talks up countermeasures to fend off new IE attacks
    Tags: ( vulnerability microsoft ie7 )
  3. Adding to the growing pile of recent 0-day exploits for Microsoft products, there appears to be one for SQL Server.
    Security pros groan as zero-day hits Microsoft's SQL Server * The Register
    Tags: ( exploit vulnerability 0day sqlserver micrsoft )
  4. Some good general guidance for how to react in the event you have a data breach. I would offer that it is good advice for everybody involved and not just the CIO.
    How a CIO should deal with aftermath of a data breach
    Tags: ( data breach )
  5. looks like Cisco is in for a legal fight.
    Cisco sued by Free Software Foundation for copyright infringement - Network World
    Tags: ( general )
  6. Innismir weighs in on the recent meme of penetration testing being dead. He, like most of us involved in the discussion, doesn't think its dead either.
    innismir.net -- Pentration Testing - Not Quite Dead Yet
    Tags: ( pentest )
  7. Rich brings up some good points. Worth reading and thinking about.
    How The Cloud Destroys Everything I Love (About Web App Security) | securosis.com
    Tags: ( cloud webappsec )
  8. WhiteHat Security's quarterly report on website security statistics is available for download. This is the sixth one they have put out. Good stuff in there.
    Jeremiah Grossman: Sixth Quarterly Website Security Statistics Report
    Tags: ( general reports )
  9. Jeremiah offers some really good guidance for justifying your budget for web application security spending.
    Jeremiah Grossman: Budgeting for Web Application Security
    Tags: ( webappsec )
  10. Here's a framework for SAP pen testing.
    sapyto v0.98 Released - SAP Penetration Testing Framework Tool | Darknet - The Darkside
    Tags: ( pentest sap )
  11. You can't make this stuff up. Remember folks, you have to make sure that all data is removed form devices before you get rid of them.
    Liquidmatrix Security Digest >> McCain Campaign Sells Off... Data?
    Tags: ( data leakage )

That's it for today. Have fun!

Subscribe to my RSS Feed if you enjoy these daily Interesting Bits posts.

Kevin

{ 2 comments }

Good day all. Got a pretty good bunch o bits to take a look at today. So, without further ado, here we go!

From the Blogosphere.

The Sunbelt blog warns us about some CareerBuilder jobs being emailed out which are scams. Be careful out there. They will get you any way they can.

Finjin came across over half a gigabyte of stolen US Healthcare and airline data. Ouch.

Adam writes that Identity Theft is more than Fraud By Impersonation. He points out than in many cases, the real pain of identity theft is not monetary, but dealing with the tarnishing of you good name as you try to clean things up. He has a good suggestion for trying to help with this issue. Go read about it.

Security4all points us to a couple of white papers that are worth giving a gander. The Extended HTML Form Attack Revisited by Sandro and Enablesecurity and Defeating the Network Security Infrastructure by Philippe at Radarhack.com. They are both on my reading list now.

Irongeek has released a little tool called DecaffeinatID that

"DecaffeinatID is a simple little app that acts as an Intrusion Detection System (more of a log watcher really) to notify the user whenever fellow users at their local WiFi hotspot/ LAN are up to the kind of "reindeer games"

Looks pretty nifty.

Rich has another missive that deserves to be read more than once. He talks about Database connections and Trust. I am not going to attempt to summarize what he puts forth. Go read it.

You may have already heard about this, but a vulnerability exploit has been found in FF 3.0. It was reported to Tipping Point and passed on to Mozilla. They are working on a fix.

Amrit and Hoff both are talking about wheither virtualization security is a technical problem or an operational problem. Both are good reads. I won't spoil it for you by giving away their conclusions.

F-Secure has released version 3.0 of their Rescue CD. Could come in handy.

From the Newsosphere.

Via cjonline.com, some Kansas state equipment that was to be sold to the public contained confidential information. People, please make sure you have data retention, handling and destruction policies and procedures and that they are adhered to.

From Dark Reading, ICSA Labs Forum has advanced a security standard for IPv6.

Pointed to by Hack in the box and reported by Computer World UK, two laptops without encryption have been lost. This time by the HNS trust in the U.K.

Again via Hack in the box and reported by Wired, it looks like Citibank had an intrusion that allowed a couple of men to grab at least $750,000 from atm machines in New York City. Oops.

That's it for today. Have a good one.

Kevin

Technorati Tags: , , , , , , , ,

{ 0 comments }