iisb

Here are today's Interesting Information Security Bits from around the web.

1. Lenny offers some tips to those looking to hire an infosec person.
   Lenny Zeltser on Information Security -- 10 Tips for Hiring Managers Seeking Information Security Professionals
   Tags: ( career hiring )
2. Issue 28 of (In)secure is out. (direct link to pdf below.)
   (IN)SECURE Magazine Issue 28
   Tags: ( insecure magazine )
3. This is a nice treatment of the issues with current airport security measures and some suggestions on how to make it better.
   Nothing To See - The Hacker Factor Blog
   Tags: ( airports )
4. You all need to read this. Then you need to send it to everybody you know. What you put online is not private. Ever.
   Social Network privacy officially an oxymoron << Security For All
   Tags: ( social-media privacy )

That's it for today. Have fun!

Subscribe to my RSS Feed if you enjoy these daily Interesting Bits posts.

Kevin

{ 0 comments }

Here are today's Interesting Information Security Bits from around the web.

1. Gunnar takes a look at what impact the Heartland breach has had on the organization's value. Interesting stuff.
   1 Raindrop: Heartland Revisited
   Tags: ( breach )
2. Hmm. What is being recommended here looks suspiciously like risk management. 🙂
   Security Musings >> Blog Archive >> Security strength: Is two better than one?
   Tags: ( risk-management )
3. Some facts and thoughts from Sophos on the new Facebook messaging thing.
   FAQ: Security and Facebook's new messages system | Naked Security
   Tags: ( facebook )
4. This is an interesting article exploring why 'just switch to SSL' is not quite as easy as it sounds.
   Zscaler Research: Why the web has not switched to SSL-only yet?
   Tags: ( ssl )
5. The videos and presentation materials from SecTor 2010 are now available with the exception of a few keynotes. Good stuff.
   Sector 2010 Presentations Now Online : Liquidmatrix Security Digest
   Tags: ( conferences videos sector )

That's it for today. Have fun!

Subscribe to my RSS Feed if you enjoy these daily Interesting Bits posts.

Kevin

{ 0 comments }

Here are today's Interesting Information Security Bits from around the web.

1. Careful with those url shorteners. You might be giving away more than you want to.
   Searching for Sensitive Data Using URL Shorteners << /dev/random
   Tags: ( general )
2. Application Security Analyst job at Realex Payments! << Security Ninja
   Tags: ( jobs career )
3. Good tips on getting started in malware analysis.
   How to Get Started With Malware Analysis
   Tags: ( malware-analysis career )
4. This is a very interesting resource that shows high dollar e-banking events in the US on a Google map.
   Charting the Carnage from eBanking Fraud II -- Krebs on Security
   Tags: ( cybercrime )
5. Lenny offers a few tips on dealing with misinformation during security assessment and forensic investigations. You probably don't need to read this post because people always tell you everything you need to know and always speak the truth *snerk*
   Lenny Zeltser on Information Security -- Dealing with Misinformation During Security Assessments and Forensic Investigations
   Tags: ( general )
6. So, what is a zero day? Andy asked the question and got several responses on Twitter.
   Fishing for Zero Day >> Andy ITGuy - Information Security Blog
   Tags: ( general )

That's it for today. Have fun!

Subscribe to my RSS Feed if you enjoy these daily Interesting Bits posts.

Kevin

{ 0 comments }

Here are today's Interesting Information Security Bits from around the web.

1. Good stuff from Jay on communicating risk instead of bad security.
   Yeah But... So What? << Behavioral Security
   Tags: ( risk )
2. This is a webcast that all risk folks should be attending. By the way, if you are interested in information security risk, come over and join the Society of Information Risk Analysts (SIRA). It's free 🙂 http://societyinforisk.org
   SIRA Meeting Thursday - Flaw Of Averages << The New School of Information Security
   Tags: ( sira webcast )

That's it for today. Have fun!

Subscribe to my RSS Feed if you enjoy these daily Interesting Bits posts.

Kevin

{ 0 comments }

Here are today's Interesting Information Security Bits from around the web.

1. Interesting things are afoot in the EU regarding data privacy.
   European Commission Outlines Strategy for Revision of the Data Protection Directive : Privacy & Information Security Law Blog
   Tags: ( privacy )
2. Lenny offers some very good tips on things to know when interviewing for a new gig, information security centric or not.
   Lenny Zeltser on Information Security -- 5 Interviewing Tips for IT Job Candidates - What You Must Know
   Tags: ( career interviewing )

That's it for today. Have fun!

Subscribe to my RSS Feed if you enjoy these daily Interesting Bits posts.

Kevin

{ 0 comments }

Here are today's Interesting Information Security Bits from around the web.

1. Anton Chuvakin Blog - "Security Warrior": Log Management Tool Selection Checklist Out!
   Tags: ( checklist logging )
2. Digital Bond >> What You Should Know About SHODAN and SCADA
   Tags: ( scada tools shodan )
3. Anton Chuvakin Blog - "Security Warrior": CFP for RSA 2011 Metricon 5.5 Event: Be There!
   Tags: ( cfp metricon )
4. Forensic Challenge 2010/6 - Analyzing Malicious Portable Destructive Files is now live | The Honeynet Project
   Tags: ( forensics challenge )
5. 99 problems, but root ain't one! | Catsn22 (in)siesuiaitu
   Tags: ( pentesting )

That's it for today. Have fun!

Subscribe to my RSS Feed if you enjoy these daily Interesting Bits posts.

Kevin

{ 0 comments }

Here are today's Interesting Information Security Bits from around the web.

1. Videos are now available from Hack3rcon 2010
   Hack3rcon 2010 Videos (Hacking Illustrated Series InfoSec Tutorial Videos)
   Tags: ( videos hack3rcon )
2. As usual, Lori and written another read-worthy piece. No hints other that it deals with integration with outside stuffs and authentication and access control. Kind of important if you ask me.
   The Impact of Security on Infrastructure Integration
   Tags: ( authentication access-control integration )

That's it for today. Have fun!

Subscribe to my RSS Feed if you enjoy these daily Interesting Bits posts.

Kevin

{ 0 comments }

Here are today's Interesting Information Security Bits from around the web.

1. Same stuff, different day. Shack laments that things aren't a great deal different today than they were a decade ago in information security. However, the comments have an interesting perspective that counterpoints some of Dave's arguments. Good stuff.
   ShackF00 >> What's New is Old, Actually
   Tags: ( general )
2. Here is an interesting treatment of how well our 'common' infosec program components protected organizations against Stuxnet.
   Digital Bond >> Failures of Common Wisdom
   Tags: ( stuxnet )
3. This is a nice blog post by the author of Firesheep, a tool that makes session hijacking very easy. Very much worth a read.
   Firesheep, a day later
   Tags: ( firesheep session-hijacking tools )

That's it for today. Have fun!

Subscribe to my RSS Feed if you enjoy these daily Interesting Bits posts.

Kevin

{ 0 comments }

Here are today's Interesting Information Security Bits from around the web.

1. A few tips from Lee about investing in your career. Number one take away in my opinion? Its your responsibility, not your employer's. Check out the article for some other good tips.
   How to successfully 'invest' in your career
   Tags: ( career )
2. As usual, the folks at Securosis have released the raw survey data for their latest report. Check it out if you would like to play with the numbers.
   Securosis Blog | NSO Quant: The Report and Metrics Model
   Tags: ( data )
3. Oh my. Somebody just made it super easy to steal your social media/online storage/blog/whatever sessions.
   Firesheep: Making the Complicated Trivial - F-Secure Weblog : News from the Lab
   Tags: ( malware )
4. Looking for a good list of books on malware analysis? Look no further, the folks at Sunbelt have one for you.
   Sunbelt Blog: So, ya want to read up on malware analysis?
   Tags: ( malware analysis )

That's it for today. Have fun!

Subscribe to my RSS Feed if you enjoy these daily Interesting Bits posts.

Kevin

{ 0 comments }