hipaa

Good afternoon everybody! I hope your day is going well.

Here are today's Interesting Information Security Bits from around the web.

  1. Here is a great example of a deeply flawed access control system.
    jon.oberheide.org - blog - panera gift card security
    Tags: ( access-control )
  2. Andy has some nice things to say about the HISPI certification. Worth checking out.
    HISP Training >> Andy ITGuy
    Tags: ( hispi certification )
  3. Rebecca points to some websites we should bookmark regarding HIPAA.
    8,918 HIPAA Violation Investigations Have Required Corrective Actions - Realtime IT Compliance
    Tags: ( hipaa )
  4. Looks like WPA with TKIP is about as functional for protecting your wireless network as WEP is. Time to move to WPA/AES or, even better, WPA2.
    Attack on WPA refined - News - The H Security: News and features
    Tags: ( wpa wireless )

That's it for today. Have fun!

Subscribe to my RSS Feed if you enjoy these daily Interesting Bits posts.

Kevin

{ 0 comments }

Good afternoon everybody! I hope your day is going well.

Here are today's Interesting Information Security Bits from around the web.

  1. You may have already heard, but Heartland and RBS are having some PCI issues.
    Visa yanks creds for payment card processing pair * The Register
    Tags: ( pci )
  2. Good tips and suggestions here.
    Gaining and Maintaining Professional Momentum During Difficult Times : The Security Catalyst
    Tags: ( career )
  3. Nifty information on digging into what information Firefox keeps as you peruse the internet.
    Firefox 3.X Forensics: Using F3e << SANS Computer Forensics, Investigation, and Response
    Tags: ( forensics firefox )
  4. A nice source for lots of HIPAA information. (Via @privacyprof)
    FAQ: What is the impact of HIPAA on IT operations?
    Tags: ( hipaa )
  5. Yup. Part 3 of Synjunkie's "Abusing Citrix" series is up. Again, good stuff.
    Syn: Abusing Citrix - Part 3
    Tags: ( hacking citrix )
  6. Jeff has a great post about first solutions and thoughts. Good stuff.
    How to Catch a Balloon : The Security Catalyst
    Tags: ( general )
  7. Chris has a real good primer/reminder on performing an effective and complete application security risk assessment. Good stuff. I hope he gets permission to share more details.
    Application Security Risk Assessments << Risktical Ramblings
    Tags: ( risk assessment application )
  8. Bill has a slide show up from his trip to Boston for SOURCEBoston.
    CSO Online - Security and Risk - Slideshow - SOURCE Boston Security Conference - Slide 1
    Tags: ( source conferences )
  9. Wow. Just wow. (via @brianhonan)
    Drunken BOFH wreaks $1.2m in Oz damage * The Register
    Tags: ( general )

That's it for today. Have fun!

Subscribe to my RSS Feed if you enjoy these daily Interesting Bits posts.

Kevin

{ 1 comment }

Good afternoon everybody! I hope your day is going well.

Here are today's Interesting Information Security Bits from around the web.

  1. Title pretty much says it all.
    Verizon to Shut Off Outbound Port 25 E-mail Submission - Security Watch
    Tags: ( spam )
  2. If anybody in your organization ever asks about anybody ever paying fines for HIPAA violations, you can tell them yes.
    CVS pays $2.25 million HIPAA settlement
    Tags: ( hipaa settlment )
  3. There is a lot of good stuff in here with references for further investigation if you wish.
    Carnal0wnage Blog: UT SSE Presentation: Introduction to Software Security and Threat Modeling
    Tags: ( security threat modeling software )
  4. A nice post on some steps to take to get into InfoSec.
    MSI :: State of Security >> So, You Wanna Be in InfoSec?
    Tags: ( career )
  5. Graham points out a nifty add-on for Firefox. We all get things that have the url shortened for in an attempt to be helpful, this tool shows you what's under the covers so you can click on those urls safely.
    A neat add-on for Twitter | Graham Cluley's blog
    Tags: ( firefox plugin urls )
  6. Tenable got some interesting results when they monitored the ShmooCon public network.
    Tenable Network Security: Packets and Logs Found on the Shmoocon Network
    Tags: ( network scanning )
  7. Sometimes you need a full-blown file integrity suite and sometimes you need something that just gets the job done. Xavier has posted a quick bash script that will get the job done.
    /dev/random >> Blog Archive >> Quick and Dirty Integrity Check Script
    Tags: ( tools scripts integrity file )
  8. Kimmo at F-Secure and Elia Florio of Symantec collaborated on a paper about the evolution of the rootkit Mebroot. The paper is now available.
    Mebroot - F-Secure Weblog : News from the Lab
    Tags: ( malware whitepaper mebroot )

That's it for today. Have fun!

Subscribe to my RSS Feed if you enjoy these daily Interesting Bits posts.

Kevin

{ 2 comments }