compliance

Boy, you can tell it's a Monday. We have a big batch of interesting bits to take a peak at today.

Here are today's Interesting Information Security Bits from around the web.

  1. This is a long post, but a great recap of the 2009 CSAW-CTF competition. Good stuff in there. You can even try some of the challenges yourself.
    Matasano Security LLC - Chargen - Exercises for a burgeoning Army of Ninjas
    Tags: ( challenge )
  2. I don't usual point to recap posts, but Rich has a very good thought in the introduction to last week's Friday summary. Something I am dealing with myself.
    Securosis Blog | Friday Summary: January 22, 2010
    Tags: ( general )
  3. It isn't only credit card, SSNs and bank account details that are being traded by the fraudsters anymore.
    Zscaler Research: Watch out Bill Gates...
    Tags: ( social-media fraudsters )
  4. If you use any of these passwords anywhere, I strongly suggest you go change it right now.
    Top 20 website passwords you shouldn't be using | Graham Cluley's blog
    Tags: ( passwords )
  5. The latest pass at the old 'is certification worth a pickle?' question. Actually, a good article with some good advice. The comments are of value too.
    Securosis Blog | The Certification Myth
    Tags: ( certification )
  6. Dave peels back a couple layers of the security mind and peeks at what's inside.
    ShackF00 >> A Glimpse Into the Security Mindset
    Tags: ( security mindset )
  7. Ax0n digs into a new lock. Nifty stuff.
    HiR Information Report: Review: Master 1500iD "Speed Dial" lock
    Tags: ( locks )
  8. Hoff offers some sage advice on compliance and cloud computing.
    Cloud: Security Doesn't Matter (Or, In Cloud, Nobody Can Hear You Scream) | Rational Survivability
    Tags: ( cloud compliance )
  9. Brian has a neat little exploration of a browser exploit kit.
    A Peek Inside the 'Eleonore' Browser Exploit Kit -- Krebs on Security
    Tags: ( exploit browser )
  10. This time we learn a little more about Wim, a very good on-line friend of mine. We haven't met in person yet, but I know that will happen some day.
    Andrew Hay >> Blog Archive >> Information Security D-List Interview: Wim Remes
    Tags: ( interview d-list )
  11. Oops. Looks like Google forgot their 'Do no evil' motto again.
    Sunbelt Blog: Google Toolbar tracks searches after it's disabled.
    Tags: ( google-toolbar data-leakage )

That's it for today. Have fun!

Subscribe to my RSS Feed if you enjoy these daily Interesting Bits posts.

Kevin

{ 0 comments }

Wow, this has been a crazy busy week.

My apologies for not taking the time to get the daily bits posts out the door. However, don't despair. I have a bumper crop for you today because I have been keeping my eye on things.

Unfortunately you will have to do without my pithy (or so I'd like to believe) comments today. 🙂

Also, RSA Europe 2009, where I'll be speaking, is right around the corner along with some vacation time, so you will see fewer bits posts over the next couple weeks and they will probably be like this one.   I will be back in full gear after the conference. I will blog when I can on what I see at RSA though.

Anywho, here are today's (this weeks) Interesting Information Security Bits from around the web.

  1. Immutable Security >> Low and Slow SSH Brute Force Attacks
    Tags: ( ssh )
  2. Real World Stories: How Pen Tests Complement Vulnerability Scans << Core Security Technologies
    Tags: ( wepappsec pentest )
  3. Visa Announces New Data Encryption Practices
    Tags: ( pci )
  4. 'What's wrong with Smelly Widgets?' - Packet Challenge << I Smell Packets
    Tags: ( challenge packet )
  5. The Professional Security Testers Warehouse for the CEH GPEN QISP Q/ISP OPST CPTS - FRHACK01 copy of presentations
    Tags: ( conference presentations )
  6. Avert Labs Paper: Inside the Password Stealing Business:the Who and How of Identity Theft | Hackers Center Blogs
    Tags: ( passwords )
  7. AVG Stepping Up Consumer Anti-Virus Offerings | Darknet - The Darkside
    Tags: ( anti-virus avg )
  8. Man banished from PayPal for showing how to hack PayPal * The Register
    Tags: ( paypal )
  9. Book Review: The Rootkit Arsenal << McGrew Security Blog
    Tags: ( books reviews )
  10. Jeremiah Grossman: All about Website Password Policies
    Tags: ( infosce passwords )
  11. Digital Soapbox - Preaching Security to the Digital Masses: Things I Learned at SecTor 2009
    Tags: ( conference toorcon recap )
  12. TaoSecurity: Technical Visibility Levels
    Tags: ( avialability monitoring )
  13. SSL Still Mostly Misunderstood - DarkReading
    Tags: ( ssl )
  14. Anton Chuvakin Blog - "Security Warrior": Compliance != Security, Does Security = Compliance?
    Tags: ( compliance security )
  15. A Page from Singapore's Cybersecurity Playbook | Optimal Security: The Lumension Blog
    Tags: ( general )
  16. You Can't Always Be Proactive - Hacked Off - Dark Reading
    Tags: ( general )
  17. Security Uncorked >> Good, Bad and Ugly: On SecTor's Wall of Shame
    Tags: ( passwords wireless )
  18. CSS History Hack Used To Ban Torrent Users ha.ckers.org web application security lab
    Tags: ( css )
  19. Yahoo Best Jobs in America ranks infosec professional #8
    Tags: ( career )

That's it for today. Have fun!

Subscribe to my RSS Feed if you enjoy these daily Interesting Bits posts.

Kevin

{ 0 comments }