facebook

Good afternoon everybody! I hope your day is going well.

Here are today's Interesting Information Security Bits from around the web.

  1. Alan and some others are starting a new company that looks to offer an interesting service. Alan is one of my on-line friends that I have actually met in person. He is good guy and I wish him and his partners the best of luck in their new endeavor.
    The Ashimmy Blog: I give you The CISO Group
    Tags: ( general )
  2. This is some sneaky business here.
    Google Faces The Slickest Click Fraud Yet - Forbes.com
    Tags: ( click-fraud )
  3. This is good news. HTTPS is finally the default for all Gmail access. Note: you may experience some issues with offline access. The post has info on how to correct the issue.
    Official Gmail Blog: Default https access for Gmail
    Tags: ( gmail google )
  4. You've probably already heard about Google getting hacked and their response, but if you haven't, read this article.
    Google Hacked, Says it Will Stop Censoring Chinese Search Results -- Krebs on Security
    Tags: ( google )
  5. For those who don't see the big deal about Facebook from a security perspective (hopefully few), this read might change your mind. For those who are already concerned, show this to your management.
    Hacking a Corporate Network with Facebook : Information Security Resources
    Tags: ( facebook )
  6. Job Hunting? Try These! Good Hunting! : Liquidmatrix Security Digest
    Tags: ( jobs career )
  7. An interesting use of OSSEC as a rudimentary DLP solution.
    Immutable Security >> Detecting Sensitive Info with OSSEC
    Tags: ( ossec dlp )
  8. I really like this article by Gunnar. His point is valid.
    1 Raindrop: Beyond the opening: a priori is a problem
    Tags: ( general )

That's it for today. Have fun!

Subscribe to my RSS Feed if you enjoy these daily Interesting Bits posts.

Kevin

Reblog this post [with Zemanta]

{ 0 comments }

Good afternoon everybody! I hope your day is going well.

Here are today's Interesting Information Security Bits from around the web.

  1. Guest blog: Evil Maids on the rise | Graham Cluley's blog
    Tags: ( bitlocker tpm )
  2. Could a rubber duck steal your identity on Facebook? | Graham Cluley's blog
    Tags: ( facebook malware )
  3. AOL Ditches Security Tokens To Make Logging In Easier | Threat Level | Wired.com
    Tags: ( general )
  4. Can quantitative risk estimation serve as a guide for every-day policy decisions? << The New School of Information Security
    Tags: ( risk-management policy quantitative )
  5. Security Uncorked >> Four Options for Secure Wireless Authentication with 802.1X
    Tags: ( 80211x )
  6. Great InformationWeek/Dark Reading/Black Hat Cloud & Virtualization Security Virtual Panel on 12/9 | Rational Survivability
    Tags: ( webinar virtualization cloud )
  7. Digital Soapbox - The White Rabbit Commeth...: Exposing Malware - Part 2: Infestation
    Tags: ( malware )
  8. McAfee Gives Stats on the Riskiest Domains | CNET Security | danielmiessler.com
    Tags: ( general )
  9. Economic Recovery: Will Your IT Security Department Jump Ship? - CSO Online - Security and Risk
    Tags: ( career jobs )

That's it for today. Have fun!

Subscribe to my RSS Feed if you enjoy these daily Interesting Bits posts.

Kevin

{ 0 comments }

It is Thanksgiving Day week in the U.S. and that means a couple of days off. I decided to tack on an extra day and won't be working tomorrow either. Yay! Five days off in a row.

Anywho, I will also be taking those days off from the Interesting Bits posts so this one will have to tide you over until Monday 🙂

Here are today's Interesting Information Security Bits from around the web.

  1. 10 things to think about not doing when on Facebook. This list will keep you safer.
    Errata Security: 10 Facebook Don'ts
    Tags: ( facebook )
  2. Is your iPhone infected with the Duh worm? Paul tells us how to clean it up.
    How to clean up the Duh iPhone worm | Paul Ducklin's blog
    Tags: ( iphone worm )
  3. Russel is looking for some collaborators on an research project he is working on. It looks to be very interesting. From his post: "The topic is the arms race between attackers and defenders from the perspective of innovation rates and "evolutionary success" - the Red Queen problem (running just to stand still). Here's a sample research question: "can bureaucracies (defenders) keep up with a decentralized black market (attackers)?", and similar." Read the rest of the post and drop him a line if you are interested.
    Information Security as an Evolutionary Arms Race - Research Collaborators Wanted << The New School of Information Security
    Tags: ( research )
  4. Shrdlu once again has penned an article that you should go read. Metrics are great, but they have to mean something.
    The meaning of metrics
    Tags: ( metrics risk )
  5. There is 0-day out there for IE 6 and IE 7. Microsoft's recommendation in some cases is to upgrade to IE 8. Um, oops.
    Major IE8 flaw makes 'safe' sites unsafe
    Tags: ( ie vulnerabilities )
  6. An interesting post that explores a conundrum that some organizations face when trying to comply with PCI. What happens when some of what I do requires me to be out of compliance with PCI-DSS?
    Branden Williams's Security Convergence Blog >> Multi-Function Service Providers, What To Do?
    Tags: ( pci )
  7. From the post: "We have uploaded the audio recording of select talks from the Ohio Information Security Summit that took place October 29-30, 2009 in Cleveland, Ohio." Looks like some good stuff is available. Check out the post for the details.
    Security Justice >> Blog Archive >> Select Talks from ISS2009 Now Available for Download
    Tags: ( audo conferences talks )
  8. A new tool is available that shows some interesting things about the internet.
    Room362.com - Blog - SHODAN The Computer Search
    Tags: ( tools )

That's it for today. Have fun!

Subscribe to my RSS Feed if you enjoy these daily Interesting Bits posts.

Kevin

{ 0 comments }

Good afternoon everybody! I hope your day is going well.

Here are today's Interesting Information Security Bits from around the web.

  1. Here's a new challenge for you. The winner will be announced in San Diego in September.
    philosecurity >> Blog Archive >> Network Forensics Puzzle Contest!
    Tags: ( challenge network-forensics )
  2. This is just a lot of fun. Link goes directly to PDF.
    WHEN ZOMBIES ATTACK!: MATHEMATICAL MODELLING OF AN OUTBREAK OF ZOMBIE INFECTION (PDF)
    Tags: ( general )
  3. Here is a huge list of cheat sheets you will find useful.
    System Advancements at the Monastery >> Blog Archive >> What's in Your Folder: Security Cheat Sheets
    Tags: ( cheatsheet )
  4. Steve has written a post on things not to do when implementing VDI. He calls them anti-patterns. I like that term. Going to have to remember it. This is a good read if you are considering rolling out this type of infrastructure and especially if you already have.
    ViewYonder >> Feeding the IT Shriekometer: 5 VDI anti-patterns
    Tags: ( vdi )
  5. As I have mentioned before, the team I participated on for the Mystery Challenge at Defcon 17 tied for second place this year. Cutaway has written up a great recap that makes me even more bummed that I missed out this year and more motivated to be there for next years challenge.
    Security Ripcord >> Blog Archive >> MysteryChallenge - DefCon 17
    Tags: ( mystery-challenge )
  6. Some guidance on surviving a third-party on-site audit. Good stuff.
    Surviving a third party onsite audit
    Tags: ( audit )
  7. "Run, run away. We've been hacked......um, never mind, it was something else." The Security Shoggoth reminds us, that it isn't always about security. Which brings the following saying to mind, "When all you have is a hammer, every problem looks like a nail."
    The Security Shoggoth: Its Not Always A Security Issue
    Tags: ( general )
  8. There are an increasing number of conversations going on about whether Facebook and its ilk should be allowed on corporate networks. The Marines have taken the stance that social networking sites are not allowed. This post by Chris reinforces that decision. It's dangerous out there folks. Be careful.
    Two Facebook Threats In One Day... - SpywareGuide Greynets Blog
    Tags: ( facebook )
  9. One of the three legs of the CIA triad, which is the foundation of information security, is availability. This post is the first of a series that will be exploring this facet of information security.
    A Data Protection Reference Architecture - Part 1 - Backup & Beyond
    Tags: ( availability backup )
  10. Here is an interesting article about Windows 7, XP Mode, Vista and a few other tidbits.
    Roger's Security Blog : Why Windows 7 XP Mode makes sense from a security perspective
    Tags: ( microsoft windows-7 xp )

That's it for today. Have fun!

Subscribe to my RSS Feed if you enjoy these daily Interesting Bits posts.

Kevin

{ 0 comments }

Good afternoon everybody! I hope your day is going well. Here are today's Interesting Information Security Bits from around the web.

  1. Folks, please be careful what you put on your Facebook pages. Don't let something like this happen to you. Police: Facebook hacker gets student's nude photos Tags: ( privacy facebook )
  2. Some video of Dino Dai Zovi, Rich Mogull, Christofer Hoff being interviewed by Dennis Fisher on virtualization. Rational Survivability: Virtualization & Security: Disruptive Technologies - A Four Part Video Miniseries... Tags: ( virtualization )
  3. When to use the carrot and when to use the stick? Both good questions. Shrdlu has some advice for us. Carrot-sticks and security. Tags: ( enforcement )
  4. What happens when you need endpoint DLP on Windows, Mac and Linux all at once? The answer, nothing easy 😉 Is There Any DLP or Data Security On Mac/Linux? | securosis.com Tags: ( dlp )
  5. This looks to be like a whole lot of fun. If you are close, it should go on your list of things to do. HiR Information Report: Cowtown Computer Congress Grand Opening [Kansas City] Tags: ( hackerspace )
  6. Erik has part 3 of his securing Linux series up. Art of Information Security >> Secure Your Linux Host - Part 3: Why A Host Firewall ? Tags: ( linux )
  7. A nice beginning to what looks to be an interesting series. ShackF00 >> BS Filtering for CISOs: An Introduction Tags: ( ciso )

That's it for today. Have fun! Subscribe to my RSS Feed if you enjoy these daily Interesting Bits posts. Kevin

{ 2 comments }

Good afternoon everybody! I hope your day is going well.

Here are today's Interesting Information Security Bits from around the web.

  1. If you were thinking about changing patch management software vendors, BigFix might be able to save you some cashola. Disclaimer: I do not work for or have any interest in BigFix.
    BigFix hits rivals with 50% price chop - Network World
    Tags: ( patching )
  2. Another list of top whatevers. Worth a glance.
    Defense agencies list top 20 security controls | Security - CNET News
    Tags: ( general )
  3. Surprise, surprise. Another piece of malicious software on Facebook. This is why I A) Don't user very many Facebook apps and B) don't accept requests from folks for things like "Flair" and "Drinks."
    Facebook users targeted by rogue application | Security - CNET News
    Tags: ( malware facebook )
  4. Christofer or The Hoff, as he is frequently called, has a post up that has a very good point we should all take to heart.
    Rational Survivability: Trust But Verify? That's An Oxymoron...
    Tags: ( general )
  5. Jeremiah's Top Ten Web Hacking techniques for 2008 is out.
    Jeremiah Grossman: Top Ten Web Hacking Techniques of 2008 (Official)
    Tags: ( hacking top-ten )
  6. The first of a couple of articles that will explore how the Heartland issue might have occurred. This one is a primer of empty disk space. Good stuff.
    Ascension Blog >> Don't let what Happened to Heartland Happen to You - Part One
    Tags: ( forensics )

That's it for today. Have fun!

Subscribe to my RSS Feed if you enjoy these daily Interesting Bits posts.

Kevin

{ 0 comments }

Good afternoon everybody! I hope your day is going well.

Here are today's Interesting Information Security Bits from around the web.

  1. Time to patch Apple owners.
    21 OS X Vulnerabilities Patched By Apple - Security Watch
    Tags: ( patches apple vulnerabilities )
  2. Even Google can get taken in by ad-based malware.
    Google sponsored links caught punting malware * The Register
    Tags: ( malware google ads )
  3. Be careful on Facebook. Well, you should always be careful on Facebook, but there are a few specific reasons you should be until they get them fixed.
    Four XSS flaws hit Facebook | Zero Day | ZDNet.com
    Tags: ( exploit vulnerability xss facebook )
  4. Andy points to an article by Rebecca Herold about the importance of vetting your 3rd party service providers information security stance. He then offers his opinion which agrees with Becky's and mine for that manner.
    3rd Party Security
    Tags: ( security vendor review )
  5. Look out folks. It appears that India is being targeted by Chinese hackers. With significant out sourcing going to India, we need to be very aware of this situation.
    The Dark Visitor >> Chinese hackers stealing Indian InfoTech data
    Tags: ( breach india )
  6. The invitations for the RSA Security Blogger's Meet-up. Better get your RSVP in soon. Only 200 will get to attend.
    Network Security Blog >> Look for your invite
    Tags: ( rsa meetup )
  7. This is just nifty.
    ITSec Non-Hypocritical Oath
    Tags: ( creed )

That's it for today. Have fun!

Subscribe to my RSS Feed if you enjoy these daily Interesting Bits posts.

Kevin

{ 0 comments }