forensics

Good afternoon everybody! I hope your day is going well.

Here are today's Interesting Information Security Bits from around the web.

  1. This is a nice summation of some recent research on data breaches.
    Reports: SQL injection attacks and malware led to most data breaches | Zero Day | ZDNet.com
    Tags: ( research )
  2. Good points on writing custom error pages.
    Digital Soapbox - Down the Security Rabbithole!: Accidental Anti-Automation in Web App Sec
    Tags: ( error-pages )
  3. This article points to a couple of Skype policies that might be helpful.
    Example Skype Security Policies: Low-Medium Security Levels
    Tags: ( skype )
  4. FreeBSD and its ilk are a bit of a different breed. Hal gives some tips on digging into them forensically.
    FreeBSD Computer Forensic Tips & Tricks
    Tags: ( freebsd forensics )
  5. While compliance does not equal security, it does have its place. Give what Dennis has to say a gander.
    Security From Scratch: Using Compliance For Good : The Security Catalyst
    Tags: ( compliance )
  6. If you have any of the following going on, you really need to look at your procedures and policies.
    Immutable Security >> Administrators by Proxy
    Tags: ( windows administrators )
  7. Let your voice be heard fellow security bloggers. Time to vote for the Social Security Blogger Awards.
    The Ashimmy Blog: Vote for the Social Security Blogger Awards
    Tags: ( security-bloggers awards )
  8. Looks like there is going to be a Security Bloggers Meet-up in April in London. Wish I could be there.
    Security Bloggers Meet Up, proposed 27th April near Earls Court London | Security Active Blog
    Tags: ( meet-up )
  9. Looking for some research you can't find anywhere else? Let Rich and company know.
    Securosis Blog | Choose Your Own Whitepaper Adventure (and Upcoming Papers)
    Tags: ( research )
  10. Vercode offers some clarity about the Blackberry application released at Shmoocon. Key: Not a hack.
    In Which We Dispel Misconceptions
    Tags: ( blackberry spyware )

That's it for today. Have fun!

Subscribe to my RSS Feed if you enjoy these daily Interesting Bits posts.

Kevin

{ 0 comments }

Good afternoon everybody! I hope your day is going well.

Here are today's Interesting Information Security Bits from around the web.

  1. Some good information on performing forensics on Google's browser, Chrome.
    Google Chrome Forensics
    Tags: ( forensics chrome google )
  2. Recon is looking for talk submissions.
    The Professional Security Testers Warehouse for the GPEN GSEC GCIH GREM CEH QISP Q/ISP OPST CPTS - REC0N 2010 MONTREAL CANADA JULY 9-11
    Tags: ( recon conferences cfp )
  3. Craig asks a really good question, "Is Cloud Computing Right for Your Business?"
    Is Cloud Computing Right for Your Business? : The Security Catalyst
    Tags: ( cloud )
  4. The guys over at SANS Computer Forensics are starting a new weekly feature where they point out interesting forensics tidbits from around the internet.
    Digital Forensic Case Leads: Introductions
    Tags: ( forensics )
  5. This is a neat analysis of an exploit that has multiple levels of obfuscation.
    An In-Depth Exploit Analysis on Multilayer Obfuscations - Security Labs Blog
    Tags: ( exploit analysis )
  6. The presentations from Blackhat DC 2010 are starting to become available.
    Black Hat (r) Technical Security Conference: DC 2010 // Archives
    Tags: ( blackhatdc presentations archives )
  7. Ever want to play with your own botnet? Here you go, a nice learning tool.
    KreiosC2 - DigiNinja
    Tags: ( botnet research testing )
  8. A new version of Dradis is available. This is a handy collaborative documentation sharing tool that is very helpful in incident response and forensic work. Works well for other situations too.
    dradis - Effective Information Sharing
    Tags: ( dradis tools )
  9. Whoops. Not so hard for somebody to spy on your blackberry.
    Is Your BlackBerry App Spying on You?
    Tags: ( blackberry malware )
  10. Nifty stuff. A few very helpful regexes to have in your back pocket for your data mining efforts.
    JL's stuff: Forensic Regexes
    Tags: ( forensics regex )
  11. Interesting discussion on rescinding local admin rights on our end points.
    Securosis Blog | FireStarter: Admin access, buh bye
    Tags: ( local-admin )
  12. Interesting counterpoint to the post above about admin rights. I tend to agree with Rich's thoughts here.
    Securosis Blog | Counterpoint: Admin Rights Don't Matter the Way You Think They Do
    Tags: ( local-admin rights )
  13. I love to see this happen. Sensepost will no longer have a registration wall before their publicly available research and tool offerings. Wish more companies would go this route.
    Removing registration requirements
    Tags: ( general )

That's it for today. Have fun!

Subscribe to my RSS Feed if you enjoy these daily Interesting Bits posts.

Kevin

{ 0 comments }

Good afternoon everybody! I hope your day is going well.

Here are today's Interesting Information Security Bits from around the web.

  1. The Security Ninja is developing a checklist to help in performing secure code reviews. He is doing it out in public and incorporating reader feedback as he goes. This post is the first post, but there have been two more since then. Check it out and offer your thoughts.
    A checklist approach to security code reviews << Security Ninja
    Tags: ( appsec secure-coding code-review )
  2. Mike offers his viewpoints on the purchase of Archer by EMC. Can't argue with his conclusions.
    Securosis Blog | RSA Treks to Sherwood Forest and Buys the Archer
    Tags: ( general analysis )
  3. The 2009 Annual Report from Panda has been published. I have briefly skimmed it and it is an interesting report. Shows how much malware has ramped up in the last year.
    2009 Annual Report | PandaLabs Blog
    Tags: ( panda malware report )
  4. Data Security Discovery for Project Quant has been posted. Good stuff there and, as always, they are looking for community input.
    Securosis Blog | Project Quant: Database Security Discovery
    Tags: ( database )
  5. Cutaway has updated some of his tools and also is providing his scripts in a handy svn repository.
    Security Ripcord >> Blog Archive >> Syscombotln and Tools Update
    Tags: ( forensics scripts tools )

That's it for today. Have fun!

Subscribe to my RSS Feed if you enjoy these daily Interesting Bits posts.

Kevin

{ 0 comments }

Happy New Year everyone! Welcome to the first edition of Interesting Information Security Bits for 2010. We have great crop of things to check out today.

Here are today's Interesting Information Security Bits from around the web.

  1. If you couldn't make it to #26C3, many of the talks are now available on video. Check it out here.
    Download the #26C3 videos and bonus material | Security4all - Dedicated to digital security, enterprise 2.0 and presentation skills
    Tags: ( conferences 26c3 videos )
  2. Uh-oh. Not good.
    NIST-certified USB Flash drives with hardware encryption cracked - The H Security: News and Features
    Tags: ( usb encryption )
  3. Interesting look at small and mid-sized companies being targeted by cyber gangs. By the way, this is Brian Krebs's new site. He is no longer with the Washington Post. Make sure to add it to your RSS reader.
    Buried Warning Signs -- Krebs on Security
    Tags: ( online-banking theft )
  4. Very cool. A new e-mag has been started. Into the Boxes is an e-mag about digital forensics and incident response. Good stuff.
    Into The Boxes: Issue 0x0 << Into The Boxes
    Tags: ( incident-response forensics )
  5. Jack is ready to get the Shmoobus back on the road. If you are in northeast and looking for a ride, check it out.
    Uncommon Sense Security: Shmoobus II
    Tags: ( conferences shmoo )
  6. Mike Rothman has joined Securosis. Good things will come of this.
    Securosis Blog | Introducing Securosis Plus: Now with 100% More Incite!
    Tags: ( general )
  7. Nifty. Version 2 is now available of the Web Application Security Consortium's Threat Classification
    The Web Application Security Consortium / Threat Classification
    Tags: ( wasc threat-classification )
  8. A neat map of the WASC Threat Classification document to the OWASP Top Ten RC1.
    Jeremiah Grossman: WASC Threat Classification to OWASP Top Ten RC1 Mapping
    Tags: ( owasp wasc threat-classification )

That's it for today. Have fun!

Subscribe to my RSS Feed if you enjoy these daily Interesting Bits posts.

Kevin

{ 0 comments }

Good afternoon everybody! I hope your day is going well.

Here are today's Interesting Information Security Bits from around the web.

  1. Andrew shows how to install log2timeline on a SANS Investigative Forensic (SIFT) workstation.
    Andrew Hay >> Blog Archive >> Installing log2timeline on SIFT - Updated Instructions for Ease of Use
    Tags: ( forensics )
  2. Before you fire up your new RDS instance with Amazon, you might want to take a gander at Adriane's post. This is not to say don't do it, just some things to think about before you do.
    Securosis Blog | Amazon RDS Announced
    Tags: ( mysql amazon rds )
  3. Some thoughts about cross-gadget security in Google Wave.
    Cross-Gadget Security in Google Wave
    Tags: ( wave )
  4. Richard pulls together a lot of the conversation about A6.
    TaoSecurity: Initial Thoughts on Cloud A6
    Tags: ( cloud a6 )
  5. As always, if an attacker has physical access, things get much easier.
    My not so evil maid - Truecrypt encryption attack | Security Active Blog
    Tags: ( truecrypt )

That's it for today. Have fun!

Subscribe to my RSS Feed if you enjoy these daily Interesting Bits posts.

Kevin

{ 0 comments }

Good afternoon everybody! I hope your day is going well.

Here are today's Interesting Information Security Bits from around the web.

  1. How to Become a Computer Forensics Investigator | Forensics, How To | Enclave Forensics
    Tags: ( forensics career )
  2. How to Cyberstalk Jobs / Cyberstalking Potential Employers
    Tags: ( surveillance privacy screening )
  3. Transparency: I Do Not Think That Means What You Think That Means... | Rational Survivability
    Tags: ( cloud amazon )
  4. Uncommon Sense Security: Hot off the [virtual] presses
    Tags: ( nist )
  5. waiting for patches to release to wsus... (terminal23)
    Tags: ( wsus patching microsoft )
  6. Twitter starts to get serious about spammers | Social Business | ZDNet.com
    Tags: ( twitter spam )

That's it for today. Have fun!

Subscribe to my RSS Feed if you enjoy these daily Interesting Bits posts.

Kevin

{ 0 comments }

Good afternoon everybody! I hope your day is going well.

Here are today's Interesting Information Security Bits from around the web.

  1. Exception, variance, these words are the bane of the information security professional. We all have to deal with them. Jarrod offers some thoughts on the topic. You will benefit from reading them.
    /dev/null - ramblings of an infosec professional: Security Exemptions
    Tags: ( policy )
  2. Ben shares his method for writing along with some thoughts on writing in general. It's a good read and I bet you can find some things in there that can be applied to your own writing.
    The Writing Funnel (The Falcon's View)
    Tags: ( general writing )
  3. A bit ago, a forensic contest was opened with the winner getting a free SANS course. That contest is now over. Here is the cool part, they took the finalist's answers and made a website out of them for the rest of us to learn from. Check it out.
    Network Forensics Puzzle Contest
    Tags: ( forensics contest answer )
  4. This boggles the mind. A judge has ordered that Google deactivate an account because the account holder received an email not intended for them. I seriously hope this gets challenged. Otherwise, we are in for a very rocky time.
    Judge Orders Gmail Account Deactivated After Bank Screws Up | Threat Level | Wired.com
    Tags: ( cloud privacy )
  5. Hoff has penned a post that, along with the attending comments, is something that you should read. Seriously, go read it.
    Incomplete Thought: Virtual Machines Are the Problem, Not the Solution... | Rational Survivability
    Tags: ( virtualization )
  6. Shrdlu offers some guidance on how to implement new policies. I have used this same method in the past.
    The policy bootstrapping problem.
    Tags: ( policy )
  7. Next month is Cyber Security Awareness month. The Internet Storm Center handler's diary will again be making deep dives into various security issues during the month. If you aren't a subscriber now, I suggest you rectify that lapse.
    Cyber Security Awareness Month
    Tags: ( awareness )
  8. Wade talks about the difference between Management Science methods of making decisions and engineering methods. He then ask the question "..how does your company make 'Should we do X, Y, or Z?' decisions?" (slightly paraphrased) He offers a few he has seen. Stop by and offer your input.
    Verizon Business Security Blog >> Blog Archive >> Security Decisions - How do you make them?
    Tags: ( risk-management )

That's it for today. Have fun!

Subscribe to my RSS Feed if you enjoy these daily Interesting Bits posts.

Kevin

{ 0 comments }

Good afternoon everybody! I hope your day is going well.

Here are today's Interesting Information Security Bits from around the web.

  1. An interesting Q&A. Check it out.
    Q&A: FBI agent looks back on time posing as a cybercriminal | Security - CNET News
    Tags: ( general )
  2. Here are some interesting statistics.
    PDF Most Common File Type in Targeted Attacks - F-Secure Weblog : News from the Lab
    Tags: ( malware attacks )
  3. An interesting note from Don with a warning. Take heed.
    Security Ripcord >> Blog Archive >> Large Memory Acquisitions
    Tags: ( forensics memory )
  4. 34% is a pretty depressing statistic.
    34% of resold hard drives contain personal data, study reveals | Graham Cluley's blog
    Tags: ( data-leakage )
  5. Richard points out that amazon web services is now provided access to logs.
    TaoSecurity: Logs from the Cloud
    Tags: ( cloud amazon )
  6. You really need to check this out 🙂
    The InfoSec Prayer
    Tags: ( prayer )
  7. Shrldu has some very nice add-ons to the post by Alex that I pointed at yesterday.
    Let go, let Cloud.
    Tags: ( cloud )

That's it for today. Have fun!

Subscribe to my RSS Feed if you enjoy these daily Interesting Bits posts.

Kevin

{ 0 comments }

Good afternoon everybody! I hope your day is going well.

Here are today's Interesting Information Security Bits from around the web.

  1. Just so you know.
    Vivek Kundra reinstated as federal CIO
    Tags: ( general )
  2. This reinforces the importance of physical access. If some has physical access to a device, you are going to be very hard pressed to prevent them from doing evil.
    Criminals sneak card-sniffing software on Diebold ATMs - Network World
    Tags: ( physical )
  3. Dave gives us a couple more tips of pulling binaries out of pcap file or from live network traffic, but more importantly does something that impresses me more. Addresses a miss-communication in a previous post.
    NetworkMiner follow up << SANS Computer Forensics, Investigation, and Response
    Tags: ( forensics network captures )
  4. A nice post cooked up in the Security Kitchen that provides us with two things. 1) A way to restrict browsing by location/machine and 2) a reminder that sometimes things are much simpler and easier than they appear. 🙂
    The Security Kitchen >> location-based browsing restrictions.
    Tags: ( controls tips )
  5. This has the potential to be very important. We will have to wait and see what come out tomorrow.
    Uh Oh, rootkit code to exploit major Intel chip flaw to be posted 3/19/09 | NetworkWorld.com Community
    Tags: ( vulnerability intel )
  6. Chris's slide deck from his talk at SOURCEBoston is available for download. Interesting stuff in there, even if you don't get the benefit of his patter to go along with the deck. 🙂
    Rational Survivability >> The Frogs Who Desired a King: A Virtualization & Cloud Computing Fable [Slides]
    Tags: ( cloud virtualization )
  7. Julie takes us to task for the the way we talk about our user populations and rightfully so. As she says, the way we talk in private can leak into our public discourse, often when we don't intend it to, leading to those whoops moments we all wish we could take back.
    Lazy. Apathetic. Careless. Stupid. : The Security Catalyst
    Tags: ( general )

That's it for today. Have fun!

Subscribe to my RSS Feed if you enjoy these daily Interesting Bits posts.

Kevin

{ 1 comment }

Good afternoon everybody! I hope your day is going well.

Here are today's Interesting Information Security Bits from around the web.

  1. You may have already heard, but Heartland and RBS are having some PCI issues.
    Visa yanks creds for payment card processing pair * The Register
    Tags: ( pci )
  2. Good tips and suggestions here.
    Gaining and Maintaining Professional Momentum During Difficult Times : The Security Catalyst
    Tags: ( career )
  3. Nifty information on digging into what information Firefox keeps as you peruse the internet.
    Firefox 3.X Forensics: Using F3e << SANS Computer Forensics, Investigation, and Response
    Tags: ( forensics firefox )
  4. A nice source for lots of HIPAA information. (Via @privacyprof)
    FAQ: What is the impact of HIPAA on IT operations?
    Tags: ( hipaa )
  5. Yup. Part 3 of Synjunkie's "Abusing Citrix" series is up. Again, good stuff.
    Syn: Abusing Citrix - Part 3
    Tags: ( hacking citrix )
  6. Jeff has a great post about first solutions and thoughts. Good stuff.
    How to Catch a Balloon : The Security Catalyst
    Tags: ( general )
  7. Chris has a real good primer/reminder on performing an effective and complete application security risk assessment. Good stuff. I hope he gets permission to share more details.
    Application Security Risk Assessments << Risktical Ramblings
    Tags: ( risk assessment application )
  8. Bill has a slide show up from his trip to Boston for SOURCEBoston.
    CSO Online - Security and Risk - Slideshow - SOURCE Boston Security Conference - Slide 1
    Tags: ( source conferences )
  9. Wow. Just wow. (via @brianhonan)
    Drunken BOFH wreaks $1.2m in Oz damage * The Register
    Tags: ( general )

That's it for today. Have fun!

Subscribe to my RSS Feed if you enjoy these daily Interesting Bits posts.

Kevin

{ 1 comment }