iisb

Here are today's Interesting Information Security Bits from around the web.

  1. A nice post by Alex trying to define Information Security.
    What is Information Security: New School Primer << The New School of Information Security
    Tags: ( general )

  2. Jack talks about two concepts that I found really interesting in my recent FAIR training, fragile conditions and unstable conditions. Both of these are very important and should be well communicated in any risk assessment.
    More than just numbers | RiskAnalys.is
    Tags: ( fair risk-management )

  3. Lenny points out five common ways that malware makes its way onto your systems. Are you protecting against all five and well as you could be?
    Lenny Zeltser on Information Security -- 5 Common Malware Infection Approaches
    Tags: ( malware )

That's it for today. Have fun!

Subscribe to my RSS Feed if you enjoy these daily Interesting Bits posts.

Kevin

{ 0 comments }

Here are today's Interesting Information Security Bits from around the web.

  1. Lenny offers some tips to those looking to hire an infosec person.
    Lenny Zeltser on Information Security -- 10 Tips for Hiring Managers Seeking Information Security Professionals
    Tags: ( career hiring )
  2. Issue 28 of (In)secure is out. (direct link to pdf below.)
    (IN)SECURE Magazine Issue 28
    Tags: ( insecure magazine )
  3. This is a nice treatment of the issues with current airport security measures and some suggestions on how to make it better.
    Nothing To See - The Hacker Factor Blog
    Tags: ( airports )
  4. You all need to read this. Then you need to send it to everybody you know. What you put online is not private. Ever.
    Social Network privacy officially an oxymoron << Security For All
    Tags: ( social-media privacy )

That's it for today. Have fun!

Subscribe to my RSS Feed if you enjoy these daily Interesting Bits posts.

Kevin

{ 0 comments }

Here are today's Interesting Information Security Bits from around the web.

  1. Gunnar takes a look at what impact the Heartland breach has had on the organization's value. Interesting stuff.
    1 Raindrop: Heartland Revisited
    Tags: ( breach )
  2. Hmm. What is being recommended here looks suspiciously like risk management. 🙂
    Security Musings >> Blog Archive >> Security strength: Is two better than one?
    Tags: ( risk-management )
  3. Some facts and thoughts from Sophos on the new Facebook messaging thing.
    FAQ: Security and Facebook's new messages system | Naked Security
    Tags: ( facebook )
  4. This is an interesting article exploring why 'just switch to SSL' is not quite as easy as it sounds.
    Zscaler Research: Why the web has not switched to SSL-only yet?
    Tags: ( ssl )
  5. The videos and presentation materials from SecTor 2010 are now available with the exception of a few keynotes. Good stuff.
    Sector 2010 Presentations Now Online : Liquidmatrix Security Digest
    Tags: ( conferences videos sector )

That's it for today. Have fun!

Subscribe to my RSS Feed if you enjoy these daily Interesting Bits posts.

Kevin

{ 0 comments }

Here are today's Interesting Information Security Bits from around the web.

  1. Careful with those url shorteners. You might be giving away more than you want to.
    Searching for Sensitive Data Using URL Shorteners << /dev/random
    Tags: ( general )
  2. Application Security Analyst job at Realex Payments! << Security Ninja
    Tags: ( jobs career )
  3. Good tips on getting started in malware analysis.
    How to Get Started With Malware Analysis
    Tags: ( malware-analysis career )
  4. This is a very interesting resource that shows high dollar e-banking events in the US on a Google map.
    Charting the Carnage from eBanking Fraud II -- Krebs on Security
    Tags: ( cybercrime )
  5. Lenny offers a few tips on dealing with misinformation during security assessment and forensic investigations. You probably don't need to read this post because people always tell you everything you need to know and always speak the truth *snerk*
    Lenny Zeltser on Information Security -- Dealing with Misinformation During Security Assessments and Forensic Investigations
    Tags: ( general )
  6. So, what is a zero day? Andy asked the question and got several responses on Twitter.
    Fishing for Zero Day >> Andy ITGuy - Information Security Blog
    Tags: ( general )

That's it for today. Have fun!

Subscribe to my RSS Feed if you enjoy these daily Interesting Bits posts.

Kevin

{ 0 comments }

Here are today's Interesting Information Security Bits from around the web.

  1. Good stuff from Jay on communicating risk instead of bad security.
    Yeah But... So What? << Behavioral Security
    Tags: ( risk )
  2. This is a webcast that all risk folks should be attending. By the way, if you are interested in information security risk, come over and join the Society of Information Risk Analysts (SIRA). It's free 🙂 http://societyinforisk.org
    SIRA Meeting Thursday - Flaw Of Averages << The New School of Information Security
    Tags: ( sira webcast )

That's it for today. Have fun!

Subscribe to my RSS Feed if you enjoy these daily Interesting Bits posts.

Kevin

{ 0 comments }

Here are today's Interesting Information Security Bits from around the web.

  1. Interesting things are afoot in the EU regarding data privacy.
    European Commission Outlines Strategy for Revision of the Data Protection Directive : Privacy & Information Security Law Blog
    Tags: ( privacy )
  2. Lenny offers some very good tips on things to know when interviewing for a new gig, information security centric or not.
    Lenny Zeltser on Information Security -- 5 Interviewing Tips for IT Job Candidates - What You Must Know
    Tags: ( career interviewing )

That's it for today. Have fun!

Subscribe to my RSS Feed if you enjoy these daily Interesting Bits posts.

Kevin

{ 0 comments }

Here are today's Interesting Information Security Bits from around the web.

  1. Anton Chuvakin Blog - "Security Warrior": Log Management Tool Selection Checklist Out!
    Tags: ( checklist logging )
  2. Digital Bond >> What You Should Know About SHODAN and SCADA
    Tags: ( scada tools shodan )
  3. Anton Chuvakin Blog - "Security Warrior": CFP for RSA 2011 Metricon 5.5 Event: Be There!
    Tags: ( cfp metricon )
  4. Forensic Challenge 2010/6 - Analyzing Malicious Portable Destructive Files is now live | The Honeynet Project
    Tags: ( forensics challenge )
  5. 99 problems, but root ain't one! | Catsn22 (in)siesuiaitu
    Tags: ( pentesting )

That's it for today. Have fun!

Subscribe to my RSS Feed if you enjoy these daily Interesting Bits posts.

Kevin

{ 0 comments }

Here are today's Interesting Information Security Bits from around the web.

  1. Videos are now available from Hack3rcon 2010
    Hack3rcon 2010 Videos (Hacking Illustrated Series InfoSec Tutorial Videos)
    Tags: ( videos hack3rcon )
  2. As usual, Lori and written another read-worthy piece. No hints other that it deals with integration with outside stuffs and authentication and access control. Kind of important if you ask me.
    The Impact of Security on Infrastructure Integration
    Tags: ( authentication access-control integration )

That's it for today. Have fun!

Subscribe to my RSS Feed if you enjoy these daily Interesting Bits posts.

Kevin

{ 0 comments }

Here are today's Interesting Information Security Bits from around the web.

  1. Same stuff, different day. Shack laments that things aren't a great deal different today than they were a decade ago in information security. However, the comments have an interesting perspective that counterpoints some of Dave's arguments. Good stuff.
    ShackF00 >> What's New is Old, Actually
    Tags: ( general )
  2. Here is an interesting treatment of how well our 'common' infosec program components protected organizations against Stuxnet.
    Digital Bond >> Failures of Common Wisdom
    Tags: ( stuxnet )
  3. This is a nice blog post by the author of Firesheep, a tool that makes session hijacking very easy. Very much worth a read.
    Firesheep, a day later
    Tags: ( firesheep session-hijacking tools )

That's it for today. Have fun!

Subscribe to my RSS Feed if you enjoy these daily Interesting Bits posts.

Kevin

{ 0 comments }

Here are today's Interesting Information Security Bits from around the web.

  1. A few tips from Lee about investing in your career. Number one take away in my opinion? Its your responsibility, not your employer's. Check out the article for some other good tips.
    How to successfully 'invest' in your career
    Tags: ( career )
  2. As usual, the folks at Securosis have released the raw survey data for their latest report. Check it out if you would like to play with the numbers.
    Securosis Blog | NSO Quant: The Report and Metrics Model
    Tags: ( data )
  3. Oh my. Somebody just made it super easy to steal your social media/online storage/blog/whatever sessions.
    Firesheep: Making the Complicated Trivial - F-Secure Weblog : News from the Lab
    Tags: ( malware )
  4. Looking for a good list of books on malware analysis? Look no further, the folks at Sunbelt have one for you.
    Sunbelt Blog: So, ya want to read up on malware analysis?
    Tags: ( malware analysis )

That's it for today. Have fun!

Subscribe to my RSS Feed if you enjoy these daily Interesting Bits posts.

Kevin

{ 0 comments }