ctf

Good afternoon everybody! I hope your day is going well.

Here are today's Interesting Information Security Bits from around the web.

  1. There were a couple of incidents with ATMs at the recent Defcon conference. See Chris's post about a warning from ENISA with some guidance on what to look for to keep safe.
    Dr. InfoSec: ENISA Warns of Alarming Increase in ATM Crime
    Tags: ( atm )
  2. This is very cool. An open source virtual switch. (Hat tip: @aneel)
    Open vSwitch
    Tags: ( virtualization switch )
  3. There is some good information about DirectAccess in this article.
    Understand the pros and cons of Microsoft Windows 7 DirectAccess
    Tags: ( directaccess windows-7 )
  4. Looks like there are still some issues with firewire and access to memory. Check out this post for more information.
    Windows 7 Firewire Attacks << Ramblings of the anal security guy
    Tags: ( firewire windows-7 )
  5. Chris has posted a nice list of podcasts that you should check out if you looking for some new information security listening pleasure.
    Filling your ipod... << Ramblings of the anal security guy
    Tags: ( podcasts )
  6. The packet captures from Defcon 17 are now available via bittorrent.
    Diutinus Defense Techonologies Corp. / Home
    Tags: ( defcon ctf )

That's it for today. Have fun!

Subscribe to my RSS Feed if you enjoy these daily Interesting Bits posts.

Kevin

{ 0 comments }

Good afternoon everybody! I hope your day is going well.

Here are today's Interesting Information Security Bits from around the web.

  1. This is pretty nifty. Going to have to play with this one.
    Security Research & Defense : Announcing OffVis 1.0 Beta
    Tags: ( office microsoft )
  2. The inaugural episode of the Cloud Security Podcast is available. Christofer and Craig are looking for feedback. Take a listen and let them know what you think.
    Introducing the Cloud Security Podcast... | Cloud Security
    Tags: ( cloud podcast )
  3. It can't be said often enough. The Riv during Defcon is a dangerous place to be from an information security perspective.
    Malicious ATM Catches Hackers | Threat Level | Wired.com
    Tags: ( defcon )
  4. This is just cool.
    Uncommon Sense Security: Announcing the Warzone Project
    Tags: ( ctf labs )
  5. Twitter is now stopping tweets with malicious urls. Someone mentioned that url shortner services can cause this control to fail, I'm not positive that is the case. Would be interesting to find out though.
    Twitter Now Filtering Malicious URLs - F-Secure Weblog : News from the Lab
    Tags: ( twitter )
  6. A good post with some tips on make your internal router and switch fabric not quite so hack worthy.
    Switch hardening on your network
    Tags: ( network-security )
  7. A new packet challenge is up.
    The Crypto Kitchen - Packet Challenge << I Smell Packets
    Tags: ( challenge )
  8. This is a bit scary. Who needs TEMPEST or other remote methods of reading keyboard actions with this type of thing.
    Hacker demos persistent Mac keyboard attack | Zero Day | ZDNet.com
    Tags: ( malware )
  9. Part of being a successful professional, information security focused or not, is the ability to be an effective presenter. You should look at this.
    Make: Online : Tips on "unpresenting"
    Tags: ( presenting )

That's it for today. Have fun!

Subscribe to my RSS Feed if you enjoy these daily Interesting Bits posts.

Kevin

{ 0 comments }

Today's Bits consists of more risk assessment talk, biometrics and passports, secure code by demand, compliance vs security, builders and breakers in software security, DEFCON CTF, how SSL works, PCI and security, a good way to quantify risk and an argument that one pass data wipe is enough. Details below.

  1. Part 3 is up of Chris's assessment.
    Risk Scenario - Hidden Field / Sensitive Information (Part 3 of 4) << Risktical Ramblings
    Tags: ( risk assessment fair )
  2. Get ready to get your fingers inked when you apply for a passport in the E.U. (Okay, there are inkless methods bow. Not near as much fun to write scanned though.)
    Biometric passports agreed to in EU - Network World
    Tags: ( privacy )
  3. Folks, it just isn't this easy. Unlike Picard, we can't just "make it so."
    New York drafts language demanding secure code
    Tags: ( general )
  4. Compliance does not equal security. Never has and never will. Good thought in here.
    Using The Compliance Stick Actually Weakens You | RiskAnalys.is
    Tags: ( risk compliance )
  5. An interesting argument, which I happen to agree with, by Jeremiah about the need to both builders and breakers when it comes to software security.
    Jeremiah Grossman: Builders, Breakers, and Malicious Hackers
    Tags: ( general opinion )
  6. Ever wanted to run a CTF? Defcon needs to talk to you. Be warned, we are talking about a granddaddy of a CTF.
    DEFCON 17 CTF Call for new Organizers! - Defcon Forums
    Tags: ( defcon ctf )
  7. A real nice basic introduction to how SSL works.
    Security Workshop: How HTTPS/SSL works Part 1 - Basics
    Tags: ( ssl )
  8. A nice post by Anton that I found via Alex over at riskanal.is. Repeat "Security First."
    Anton Chuvakin Blog - "Security Warrior": Tales From the "Compliance First!" World
    Tags: ( pci compliance )
  9. Adam has a great post up on the Security Catalyst blog. The KISS principle in action.
    The Breach-Stamp Metric : The Security Catalyst
    Tags: ( risk communication )
  10. A nice article with some hard data on the effective of data retrieval off of a drive which has been effectively wiped. Effectively here meaning with only one pass.
    Overwriting Hard Drive Data << SANS Computer Forensics, Investigation, and Response
    Tags: ( data disposal )

That's it for today. Have fun!

Subscribe to my RSS Feed if you enjoy these daily Interesting Bits posts.

Kevin

Reblog this post [with Zemanta]

{ 0 comments }