humor

Good afternoon everybody! I hope your day is going well.

Here are today's Interesting Information Security Bits from around the web.

  1. Check out this article for some hints and tips on stopping phishing.
    Stop Phishing: A simple guide - Michael M. Knight
    Tags: ( phishing )
  2. Chris offers some thoughts on working with external data sources in a narrowly scoped desire to build a "loss model." This series looks to be very interesting.
    Working With External Data (Part 1 of X) << Risktical Ramblings
    Tags: ( general )
  3. BSOFH! Enough said.
    BSOFH: Catering to a niche market.
    Tags: ( humor )
  4. Didier brings us another interesting utility that lets you start a process and select who its parent process is. This creates a problem. Read Didier's post to find out what that problem is.
    Quickpost: SelectMyParent or Playing With the Windows Process Tree << Didier Stevens
    Tags: ( windows )

That's it for today. Have fun!

Subscribe to my RSS Feed if you enjoy these daily Interesting Bits posts.

Kevin

{ 0 comments }

Good afternoon everybody! I hope your day is going well.

Here are today's Interesting Information Security Bits from around the web.

  1. It's been said many times before, you have to know where your data is before you can protect it. Jack offers some thoughts on getting started.
    Uncommon Sense Security: A starting point
    Tags: ( data )
  2. Everybody should have a ZARP (Zombie Attack Response Plan). If you don't want to come up with your own, you can use the University of Florida's.
    University of Florida's Zombie Attack Response Plan : Liquidmatrix Security Digest
    Tags: ( humor dr )
  3. Google is adding protection for CRSF attacks. (Hat tip: Threatpost)
    Google (finally) adds protection for common Web 2.0 attack * The Register
    Tags: ( crsf google )

That's it for today. Have fun!

Subscribe to my RSS Feed if you enjoy these daily Interesting Bits posts.

Kevin

{ 0 comments }

Good afternoon everybody! I hope your day is going well.

Here are today's Interesting Information Security Bits from around the web.

  1. Check out your ability to get off the hook in a phishing attack. 🙂
    Network Security Blog >> How's your phishing savvy?
    Tags: ( phishing )
  2. If by chance you didn't get your WordPress installation patched in time and ended up comprised, here are a couple references for cleaning up that situation. Granted, a scorched earth policy is probably best, but it may just not work for you.
    How to clean up a hacked WordPress installation - The HP Security Laboratory Blog -
    Tags: ( wordpress tips )
  3. Good stuff from James on establishing/writing/rewriting your information security policies.
    Policies don't have to be painful : The Security Catalyst
    Tags: ( policy )
  4. This is a must see. (Hat tip to @aneel)
    Nerd Venn Diagram [PIC]
    Tags: ( humor )

That's it for today. Have fun!

Subscribe to my RSS Feed if you enjoy these daily Interesting Bits posts.

Kevin

{ 0 comments }

Good afternoon everybody! I hope your day is going well.

Here are today's Interesting Information Security Bits from around the web.

  1. Dark Reading is hosting a free all-day virtual conference titled "Dealing with Insider Threats" next week.
    Dark Reading To Hold Virtual Conference On Insider Threats Next Week - security events/Security - DarkReading
    Tags: ( conference )
  2. You can download the cfp document and instructions for RSA USA 2010 already. The website will be live for submission soon. The deadline is August 15th since the conference is a month earlier next year.
    RSA Conference 365
    Tags: ( cfp rsa-usa-2010 )
  3. Mubix gave an impromptu talk about Metasploit last night and this happened. Just hilarious.
    YouTube - Anon's raid Mubix
    Tags: ( humor )
  4. Here's a place to read about information security FUD or offer your own stories about it.
    Welcome To fudsec.com - fudsec.com
    Tags: ( fud )
  5. Jeremiah offers some thoughts on why vulnerable code should still be fixed after a web application firewall has been installed. Good comments too.
    Jeremiah Grossman: Why vulnerable code should be fixed even after WAF mitigation
    Tags: ( waf )
  6. Looks like all the hoopla about OpenSSH yesterday was just that, hoopla.
    OpenSSH 0day FUD
    Tags: ( openssh )
  7. A nifty reference card for 802.11.
    Will Hack For SUSHI >> 802.11 Pocket Reference Guide
    Tags: ( 802.11 )
  8. Lee Kushner and Mike Murray will be on PaulDotCom tonight at 7:00PM EDT. Cool stuff. Post tells what they will be talking about.
    InfoSec Leaders on PaulDotCom Tonight | Information Security Leaders
    Tags: ( career )

That's it for today. Have fun!

Subscribe to my RSS Feed if you enjoy these daily Interesting Bits posts.

Kevin

{ 1 comment }

Good afternoon everybody! I hope your day is going well.

Here are today's Interesting Information Security Bits from around the web.

  1. ISC has a nifty services file that also includes a bunch of ports on which different trojans and malware listen.
    http://isc.sans.org/services.html
    Tags: ( ports malware )
  2. Here's a little something to play with in your reversing lab, the Kindle machine readable source code.
    Amazon.com: Help > Digital Products Help > Amazon Kindle Wireless Reading Device > Amazon Kindle Terms, Warranties, & Notices > Source Code Notice
    Tags: ( kindle )
  3. Amusing.
    YouTube - 50 Ways to Inject Your SQL
    Tags: ( humor sql )
  4. The entire Penetration Testing and Vulnerability Analysis course at Polytechnic Institute of New York University is now available on the web for free. Very cool.
    Penetration Testing and Vulnerability Analysis - Home
    Tags: ( education )
  5. The start of what looks to be an interesting series on session attacks against ASP.NET.
    AppSec Street Fighter - SANS Institute >> Session Attacks and ASP.NET - Part 1
    Tags: ( asp.net session )
  6. Opera release version 10 of its browser yesterday and it contains something new called Unite. It should scare you if you are responsible for protecting your enterprises data assets. Any user can now quickly and, supposedly, easily setup a web server/service.
    Boaz Gelbord: Opera Invites You to Join the Cloud
    Tags: ( opera browser )
  7. A new version of Wireshark has been released. Wireshark is an awesome open source network sniffer that is very robust and full of functionality.
    Wireshark 1.2.0 released
    Tags: ( wireshark packet-capture sniffer tools )
  8. Interesting. Low bandwidth denial of service on a web server without affecting other services and easily started and stopped.
    Slowloris HTTP DoS ha.ckers.org web application security lab
    Tags: ( dos http apache )

That's it for today. Have fun!

Subscribe to my RSS Feed if you enjoy these daily Interesting Bits posts.

Kevin

{ 0 comments }

Good afternoon everybody! I hope your day is going well.

Here are today's Interesting Information Security Bits from around the web.

  1. Amrit debunks 5 information security myths.
    The Top 5 Cyber Security Myths << Amrit Williams Blog
    Tags: ( general myths )
  2. WooHoo! Sourcefire celebrated 10 years last week.
    Sourcefire Network Security - Investor Relations - Press Release
    Tags: ( ids ips sourcefire )
  3. (via M. E. Kabay @ NetworkWorld) A list of information security maxims. Quite a hoot.
    Security Maxims [Vulnerability Assessment Team (VAT)] - Nuclear Engineering Division (Argonne)
    Tags: ( humor maxims )
  4. An exploitable DirectShow vulnerability has surface. There are some work-arounds though.
    Microsoft DirectShow is Vulnerable - F-Secure Weblog : News from the Lab
    Tags: ( directshow microsoft vulnerability )
  5. As usual, Jennifer makes a somewhat difficult topic easy to understand. This is particularly topical for me as I was just having this discussion with some folks last week.
    Understand the differences in network access control solutions
    Tags: ( nac )
  6. Richard is asking for some feedback on an Information Security Incident Rating scale he has developed. Take a peek and let him know what you think.
    TaoSecurity: Information Security Incident Rating
    Tags: ( breach data-leakage )
  7. Daniel shows us how to setup splunk as a remote syslog server.
    HOWTO: Use Splunk as Your Remote Syslog Server | dmiessler.com
    Tags: ( splunk syslog )
  8. Issue 21 is out.
    (IN)SECURE Magazine
    Tags: ( magazine insecure )

That's it for today. Have fun!

Subscribe to my RSS Feed if you enjoy these daily Interesting Bits posts.

Kevin

{ 0 comments }

Good afternoon everybody! I hope your day is going well.

Here are today's Interesting Information Security Bits from around the web.

  1. Shrdlu points out that knowledge bias is a problem we need to be aware. I'll leave it to Shrdlu to explain what knowledge bias (my term) is 🙂
    "Security is dead" must DIE.
    Tags: ( bias )
  2. Jack offers some good advice on cutting through the flack being fed to us when we are trying to get to the bottom of an issue.
    Uncommon Sense Security: It isn't magic
    Tags: ( pci general )
  3. If you haven't figured out the best and easiest ways to lose data, Nick is here to help you out. Check out his list of 21 ways to lose data.
    Some of the Best Ways to Lose Your System Data
    Tags: ( humor )
  4. Time to patch up your Oracle Linux installations.
    Weekend Patching: Oracle Linux Security Updates
    Tags: ( oracle linux vulnerability patches )

That's it for today. Have fun!

Subscribe to my RSS Feed if you enjoy these daily Interesting Bits posts.

Kevin

{ 0 comments }

Good afternoon everybody! I hope your day is going well.

Here are today's Interesting Information Security Bits from around the web.

  1. Time to patch your OpenView installations.
    HP patches critical OpenView flaws
    Tags: ( vulnerability patches hp openview )
  2. A nice list of some free tools. I was not aware of a couple.
    8 Great Free Security Tools - Network World
    Tags: ( tools )
  3. A good walk-through on setting up a lab for testing VoIP stuff.
    How to set up a VoIP lab (on a shoe string) << EnableSecurity
    Tags: ( voip testing lab )
  4. You must look at this. Absolutely hilarious.
    Bringing You Only the Best in Security Network Diagrams | The Guerilla CISO
    Tags: ( humor general )
  5. Some good thoughts on setting up a penetration testing security lab.
    DIY Pentesting Lab - Evil Bytes Blog - Dark Reading
    Tags: ( security testing lab )

That's it for today. Have fun!

Subscribe to my RSS Feed if you enjoy these daily Interesting Bits posts.

Kevin

{ 0 comments }

Good afternoon everybody! I hope your day is going well.

Here are today's Interesting Information Security Bits from around the web.

  1. This might be very interesting. I have not read it yet, but it is going on the reading pile.
    ISACA Business Model for Information Security : Security Watch - Internet Security News: IT security, Business security, Computer security, Network security, and more
    Tags: ( security program )
  2. $1 trillion would pay for a log of security measures.
    Study: Cybercrime cost firms $1 trillion globally | Security - CNET News
    Tags: ( general )
  3. Ever had a packet capture from a wireless network and you couldn't read because your tool only understood ethernet? Wlan2eth to the rescue. A nifty tool that converts and WLAN pcap file into an ethernet pcap.
    New Tool: wlan2eth
    Tags: ( wifi )
  4. The Call for Papers is open for SecTor 2009. I have heard really good things about this conference. If you have an idea, why not contribute it?
    Security Experts Speaking Opportunities Black Hat White Hat Toronto Canada
    Tags: ( conferences cfp sector )
  5. I'm not promoting hacking, but this really is classic.
    Motorists warned of "Zombies Ahead" on hacked road sign | Graham Cluley's blog
    Tags: ( humor hacking )

That's it for today. Have fun!

Subscribe to my RSS Feed if you enjoy these daily Interesting Bits posts.

Kevin

{ 0 comments }

Today's Bits include anti-virus for Windows 7 Beta, hard drive failures, budget cutting, battling crsf and such, md5 collisions, and a pretty nifty joke by Microsoft developers. See below for details and have a great day.

  1. If, like me, you are running Windows 7 Beta and need an anti-virus solution, fear no more. You have three options.
    Windows 7 Beta Antivirus Packs Now Available -- InformationWeek
    Tags: ( microsoft anti-virus windows-7 )
  2. You may ask yourself why I am posting about hard drive failures. Never forget that one leg of the CIA triad is availability. If you have Seagate drives, you might want to check if you are effected.
    Seagate Barracuda Hard Drives Plagued By Failures -- Storage -- InformationWeek
    Tags: ( availability )
  3. "Mathias" has some option some of may want to consider as we are all faced with the impact the economy is having on our companies.
    Security Manager's Journal: Eyeing risks while cutting spending
    Tags: ( general budget )
  4. We have another tool to use against the evil hackers trying to hijack our browsers. This with NoScript should make your world quite a bit safer.
    RequestPolicy Firefox Extension ha.ckers.org web application security lab
    Tags: ( tools firefox crsf )
  5. Didier is at it again. Good thing he is on our side :0
    Playing With Authenticode and MD5 Collisions << Didier Stevens
    Tags: ( md5 malware )
  6. This is a hoot.
    Quickpost: Windows 7 Beta: ROT13 Replaced With Vigenere? Great Joke! << Didier Stevens
    Tags: ( general humor )

That's it for today. Have fun!

Subscribe to my RSS Feed if you enjoy these daily Interesting Bits posts.

Kevin

Reblog this post [with Zemanta]

{ 0 comments }