Good afternoon everybody! I hope your day is going well.
Here are today's Interesting Information Security Bits from around the web.
- A very good article on an issue that we need to think about as those who are very social media focused are working in our organizations.
Lifestyle Hackers - CSO Online - Security and Risk
Tags: ( social-media ) - You know you've been wanting to try it.
Electric Alchemy: Cracking Passwords in the Cloud: Breaking PGP on EC2 with EDPR
Tags: ( passwords cloud cracking ) - Wonder what the latest changes to MA 201 CMR 17.00 are? Jack does us all a wonderful service by showing us the differences.
Uncommon Sense Security: diff MA 201 CMR 17.00
Tags: ( ma-201-cmr-17 ) - Part two of SynJunkie's latest story is up.
Syn: Bobs Double Penetration Adventure - Part 2
Tags: ( story wifi pentest ) - The latest version of Microsoft's Security Intelligence Report is available.
Download details: Microsoft Security Intelligence Report volume 7 (January - June 2009)
Tags: ( intelligence report microsoft ) - This post points out that we really need to be able to communicate with non-technical audiences. It then points to a new SANS short course that helps us learn how to do that more effectively. Looks very interesting.
Keys to Professional Communication | Courses, Training | Enclave Forensics
Tags: ( presenting speaking writing ) - This page contains links to a wealth of information on psychology and information security. Fascinating stuff that will keep you busy for quite some time.
Hat tip: Adam @ The New School of Information Security Blog
Psychology and Security Resource Page
Tags: ( psychology ) - Here is the third and final part of SpyLogic's Enterprise Open Source Intelligence Gathering series. It focuses on monitoring and social media policies.
Enterprise Open Source Intelligence Gathering - Part 3 Monitoring and Social Media Policies -- spylogic.net
Tags: ( gathering intelligence ) - This is a nicely detailed post on using OWASP ESAPI for output validation. You are validating your output, right? It is actual the second in a series. The first part on input validation is linked to at the beginning and is also worthy of a gander.
Output Validation using the OWASP ESAPI << Security Ninja
Tags: ( output-validation owasp esapi ) - Anton posits that FUD is good sometimes. Interesting perspective. The New School Security blog has an interseted reponse too: http://newschoolsecurity.com/2009/10/just-say-no-to-fud/
A Treatise on FUD - fudsec.com
Tags: ( iis fud )
That's it for today. Have fun!
Subscribe to my RSS Feed if you enjoy these daily Interesting Bits posts.
Kevin
{ 0 comments }