ctf

Interesting Information Security Bits for 09/07/2009

by kriggins on September 7, 2009

in Interesting Bits

Good afternoon everybody! I hope your day is going well.

Here are today's Interesting Information Security Bits from around the web.

There were a couple of incidents with ATMs at the recent Defcon conference. See Chris's post about a warning from ENISA with some guidance on what to look for to keep safe.
Dr. InfoSec: ENISA Warns of Alarming Increase in ATM Crime
Tags: ( atm )
This is very cool. An open source virtual switch. (Hat tip: @aneel)
Open vSwitch
Tags: ( virtualization switch )
There is some good information about DirectAccess in this article.
Understand the pros and cons of Microsoft Windows 7 DirectAccess
Tags: ( directaccess windows-7 )
Looks like there are still some issues with firewire and access to memory. Check out this post for more information.
Windows 7 Firewire Attacks << Ramblings of the anal security guy
Tags: ( firewire windows-7 )
Chris has posted a nice list of podcasts that you should check out if you looking for some new information security listening pleasure.
Filling your ipod... << Ramblings of the anal security guy
Tags: ( podcasts )
The packet captures from Defcon 17 are now available via bittorrent.
Diutinus Defense Techonologies Corp. / Home
Tags: ( defcon ctf )

That's it for today. Have fun!

Subscribe to my RSS Feed if you enjoy these daily Interesting Bits posts.

Kevin

{ 0 comments }

Interesting Information Security Bits for 08/03/2009

by kriggins on August 3, 2009

in Interesting Bits

Good afternoon everybody! I hope your day is going well.

Here are today's Interesting Information Security Bits from around the web.

This is pretty nifty. Going to have to play with this one.
Security Research & Defense : Announcing OffVis 1.0 Beta
Tags: ( office microsoft )
The inaugural episode of the Cloud Security Podcast is available. Christofer and Craig are looking for feedback. Take a listen and let them know what you think.
Introducing the Cloud Security Podcast... | Cloud Security
Tags: ( cloud podcast )
It can't be said often enough. The Riv during Defcon is a dangerous place to be from an information security perspective.
Malicious ATM Catches Hackers | Threat Level | Wired.com
Tags: ( defcon )
This is just cool.
Uncommon Sense Security: Announcing the Warzone Project
Tags: ( ctf labs )
Twitter is now stopping tweets with malicious urls. Someone mentioned that url shortner services can cause this control to fail, I'm not positive that is the case. Would be interesting to find out though.
Twitter Now Filtering Malicious URLs - F-Secure Weblog : News from the Lab
Tags: ( twitter )
A good post with some tips on make your internal router and switch fabric not quite so hack worthy.
Switch hardening on your network
Tags: ( network-security )
A new packet challenge is up.
The Crypto Kitchen - Packet Challenge << I Smell Packets
Tags: ( challenge )
This is a bit scary. Who needs TEMPEST or other remote methods of reading keyboard actions with this type of thing.
Hacker demos persistent Mac keyboard attack | Zero Day | ZDNet.com
Tags: ( malware )
Part of being a successful professional, information security focused or not, is the ability to be an effective presenter. You should look at this.
Make: Online : Tips on "unpresenting"
Tags: ( presenting )

That's it for today. Have fun!

Subscribe to my RSS Feed if you enjoy these daily Interesting Bits posts.

Kevin

{ 0 comments }

Interesting Information Security Bits for 01/15/2009

by kriggins on January 15, 2009

in Interesting Bits

Today's Bits consists of more risk assessment talk, biometrics and passports, secure code by demand, compliance vs security, builders and breakers in software security, DEFCON CTF, how SSL works, PCI and security, a good way to quantify risk and an argument that one pass data wipe is enough. Details below.

Part 3 is up of Chris's assessment.
Risk Scenario - Hidden Field / Sensitive Information (Part 3 of 4) << Risktical Ramblings
Tags: ( risk assessment fair )
Get ready to get your fingers inked when you apply for a passport in the E.U. (Okay, there are inkless methods bow. Not near as much fun to write scanned though.)
Biometric passports agreed to in EU - Network World
Tags: ( privacy )
Folks, it just isn't this easy. Unlike Picard, we can't just "make it so."
New York drafts language demanding secure code
Tags: ( general )
Compliance does not equal security. Never has and never will. Good thought in here.
Using The Compliance Stick Actually Weakens You | RiskAnalys.is
Tags: ( risk compliance )
An interesting argument, which I happen to agree with, by Jeremiah about the need to both builders and breakers when it comes to software security.
Jeremiah Grossman: Builders, Breakers, and Malicious Hackers
Tags: ( general opinion )
Ever wanted to run a CTF? Defcon needs to talk to you. Be warned, we are talking about a granddaddy of a CTF.
DEFCON 17 CTF Call for new Organizers! - Defcon Forums
Tags: ( defcon ctf )
A real nice basic introduction to how SSL works.
Security Workshop: How HTTPS/SSL works Part 1 - Basics
Tags: ( ssl )
A nice post by Anton that I found via Alex over at riskanal.is. Repeat "Security First."
Anton Chuvakin Blog - "Security Warrior": Tales From the "Compliance First!" World
Tags: ( pci compliance )
Adam has a great post up on the Security Catalyst blog. The KISS principle in action.
The Breach-Stamp Metric : The Security Catalyst
Tags: ( risk communication )
A nice article with some hard data on the effective of data retrieval off of a drive which has been effectively wiped. Effectively here meaning with only one pass.
Overwriting Hard Drive Data << SANS Computer Forensics, Investigation, and Response
Tags: ( data disposal )

That's it for today. Have fun!

Subscribe to my RSS Feed if you enjoy these daily Interesting Bits posts.

Kevin

{ 0 comments }

ctf

Interesting Information Security Bits for 09/07/2009

Interesting Information Security Bits for 01/15/2009

Subscription Options

Facebook

Recent Posts

Pages

Speaking Schedule

Recent Comments

Categories