incident-response

Good afternoon everybody! I hope your day is going well.

Here are today's Interesting Information Security Bits from around the web.

  1. Beware of hasty decisions, early indicators and selection bias.
    (Mis)reading the runes << wirewatcher
    Tags: ( incident-response )
  2. The call for papers for Defcon 18 is open. Get to work.
    DEF CON(r) 18 Hacking Conference - Call for Papers Announcement
    Tags: ( cfg defcon-18 )
  3. As if managing VoIP wasn't difficult enough already, let's through in steganography.
    A new VoIP threat - steganography - RiskPundit
    Tags: ( voip steganography )
  4. This might be a good post to keep handy in the event you need to backout a patch and can't boot.
    Using Linux to back out a Windows XP patch - Computerworld Blogs
    Tags: ( patching recovery )
  5. Challenge number 2 is ready for your attention. Give it a go.
    Forensic Challenge 2010/2 - "browsers under attack" is now online | The Honeynet Project
    Tags: ( forensics challenge )
  6. A lovely article about flash cookies and what they can tell a forensic investigator.
    Local Shared Objects, aka Flash Cookies
    Tags: ( flash cookies privacy )
  7. An interesting topic, tokenization, is covered quite well in this post on InfoCynic.
    A New Approach to Enterprise Data Security | Infosec Cynic
    Tags: ( encryption tokenization )
  8. A few things you should be aware of regarding the HITECH act.
    7 Things You Need to Know About HITECH | Optimal Security: The Lumension Blog
    Tags: ( hitech )
  9. Alex opines on the cloud, metrics and faith. A good read.
    On Cloud Security Metrics >> Dub Cloud
    Tags: ( cloud metrics )
  10. I have attended a couple virtual conferences and enjoyed them. A good line-up here.
    Infosecurity (UK) - 2010 Virtual Conference on Endpoint Security - Beyond the Perimeter - Full conference programme revealed
    Tags: ( conference virtual )

That's it for today. Have fun!

Subscribe to my RSS Feed if you enjoy these daily Interesting Bits posts.

Kevin

{ 0 comments }

Good afternoon everybody! I hope your day is going well.

Here are today's Interesting Information Security Bits from around the web.

  1. Some good tips and resources for gathering intelligence.
    Enterprise Open Source Intelligence Gathering - Part 1 Social Networks -- spylogic.net
    Tags: ( gathering )
  2. I always enjoy pointing to posts that contain resources for education and career advancement. Here is another one.
    Room362.com - Blog - Getting your n00b fill of security
    Tags: ( career learning education )
  3. As always, tools can be used for good or for evil.
    Google Wave as a Tool for Hacking | Social Hacking
    Tags: ( )
  4. This is a fun video. Evolution of Security.
    A Video For You - F-Secure Weblog : News from the Lab
    Tags: ( general )
  5. Want to avoid complete failure from a logging perspective? Check out Anton's list of logging failures.
    Anton Chuvakin Blog - "Security Warrior": Top Log FAIL!
    Tags: ( logging )
  6. An incident response plan isn't any good if it isn't workable. Check out Martin's thoughts on the issue.
    Have a workable plan, or else... : The Security Catalyst
    Tags: ( incident-response )

That's it for today. Have fun!

Subscribe to my RSS Feed if you enjoy these daily Interesting Bits posts.

Kevin

{ 0 comments }

Good afternoon everybody! I hope your day is going well.

Here are today's Interesting Information Security Bits from around the web.

  1. Shhh. It's a secret, but here are some items that evil hacker types won't tell you.
    13 Things a Web Application Attacker Won't Tell You - denimgroup's posterous
    Tags: ( webappsec )
  2. Kees points us to some free training on Incident Command Systems offered by FEMA. Worth checking out.
    Incident Response and the Incident Command System - Kees Leune
    Tags: ( incident-response )
  3. David Meier's first Securosis post is live and its a good one.
    Securosis Blog | Realistic Security
    Tags: ( security-program )
  4. Those cute little snort pigs don't make very good rockets. The VRT team proves it.
    VRT: of Pigs and Rockets
    Tags: ( humor )
  5. This malware not only steals your money, it modifies your statement so you don't know you've been stolen from. Wow.
    New Malware Re-Writes Online Bank Statements to Cover Fraud | Threat Level | Wired.com
    Tags: ( malware )
  6. Looks like Microsoft's Security Essentials does a pretty good job.
    Security Fix - Stress Testing Microsoft's Free Anti-virus Offering
    Tags: ( anti-virus anti-malware microsoft )

That's it for today. Have fun!

Subscribe to my RSS Feed if you enjoy these daily Interesting Bits posts.

Kevin

{ 0 comments }

Good afternoon everybody! I hope your day is going well.

Here are today's Interesting Information Security Bits from around the web.

  1. Raf interviews Andre Gironda.
    Digital Soapbox - Preaching Security to the Digital Masses: 31337 Spotlight: Andre Gironda
    Tags: ( interview )
  2. Here is the solution and winners of the third PandaLabs challenge.
    3rd Panda Challenge solution & winners - PandaLabs
    Tags: ( challenge )
  3. Forcing HTTPS sounds good. It will be interesting to see how this shakes out.
    Locking up the valuables: Opt-in security with ForceTLS at Mozilla Security Blog
    Tags: ( webappsec )
  4. Version 1.0 of Project Quant, a project to develop a patch management framework, has been released along with the survey results.
    Project Quant Version 1.0 Report and Survey Results
    Tags: ( patching )
  5. Part 3 of Ax0n's recipe for evilness.
    HiR Information Report: Evil Wifi Part 3: Hamster & Ferret
    Tags: ( wireless hacking )
  6. Cutaway has a very interesting post up about malware that resides in the registry. He points to a couple other posts that are worth reading too. This is very cool...scary...but very cool.
    Security Ripcord >> Blog Archive >> Malware IN Registry a.k.a If It Can't Be Done, Why Am I Looking At It?
    Tags: ( registry malware )
  7. Be careful what information you are sharing in something as basic as email headers. That stuff can be used against you.
    Looking beyond the surface ... << The Security Kitchen
    Tags: ( data-leakage )
  8. Martin points out some basic truths you should be aware of.
    Incident Response Leadership: Basic Truths : The Security Catalyst
    Tags: ( incident-response )
  9. You should do what Jack says. Go read the post he points you at and then send it to your friends and family.
    Uncommon Sense Security: A good primer on Social Networking and Security Risks
    Tags: ( social-networks )
  10. Folks, regardless of what the NYSE says, details about your infrastructure, patch levels, software versions, etc. is sensitive information.
    Data Detailing New York Stock Exchange Network Exposed on Unsecured Server | Threat Level | Wired.com
    Tags: ( data-leakage )

That's it for today. Have fun!

Subscribe to my RSS Feed if you enjoy these daily Interesting Bits posts.

Kevin

{ 1 comment }

Good afternoon everybody! I hope your day is going well.

Here are today's Interesting Information Security Bits from around the web.

  1. The videos from Source Boston 2009 are available. Good stuff.
    Source Boston 2009 Videos
    Tags: ( source )
  2. A very nice example of data leakage.
    Firefox 3.5 DNS LEAKS like a waterfall | The Edge of I-Hacked
    Tags: ( firefox dns )
  3. Panda's second challenge is up.
    Panda Challenge: Medium Level - PandaLabs
    Tags: ( challenge )
  4. Keydet89 answers the questions "What is the worst thing an incident response team internally will do?"
    Windows Incident Response: SANS Summit Question
    Tags: ( incident-response )
  5. Not security related, but it's bugged me for a while. I love Firefox, but the molasses slow start time is a real joy killer. Finally an explanation why. Hopefully a fix will come out soon.
    Slow Firefox 3.5 start up time - News - The H Security: News and features
    Tags: ( firefox )
  6. I strongly suggest you read this post before you test out the OpenOwn.c code that is running about. In other words, you will hurt yourself if you don't.
    Secdev - Thierry Zoller: 0pen0wn.c - Shellcode "dissasembled"
    Tags: ( hacker dont-do-that )
  7. As @id084895 says, "wow, just discovered Robtex.com !!! Your src for whois, bgp, AS, RBL checks and lost more: simple & fast => i like ;-)"
    robtex
    Tags: ( tools on-line )

That's it for today. Have fun!

Subscribe to my RSS Feed if you enjoy these daily Interesting Bits posts.

Kevin

{ 2 comments }

Good afternoon everybody! I hope your day is going well.

Here are today's Interesting Information Security Bits from around the web.

  1. You have probably already seen that Google announced they will be releasing the Google OS next year. Here is the official announcement. Personally, it seems like just another flavor of Linux to me. Hopefully I am proven wrong.
    Official Google Blog: Introducing the Google Chrome OS
    Tags: ( google )
  2. In these difficult times, with layoffs and job searches going on all the time, it helps to be ready for those wonderful interview questions. Here are 50 common ones with some guidance on coming up with an answer. Having answers prepared before you enter the interview room is a great thing to do. It has always helped me.
    50 COMMON INTERVIEW Q&A << Bhuvana Sundaramoorthy's Blog
    Tags: ( career )
  3. /str0ke announced yesterday that he would no longer be moderating MilW0rm. There was all sorts of panic on the interwebs. Luckily he tweeted today that he has found others to take up the reins. Yeah!
    milw0rm Shutting The Doors : Liquidmatrix Security Digest
    Tags: ( exploits )
  4. Dave has some good thoughts and some slides answering the question he himself posed to a panel he sat on at the SANS Forensics Summit. The question was "What should incident handlers be doing to help improve information security operations overall?"
    trustedsignal -- blog: SANS Forensics Summit
    Tags: ( incident-response )
  5. The contest to find security vulnerabilities in Google Native Client is over. See who the winner is in this article.
    Google announces winner of the Native Client Security Contest - News - The H Security: News and features
    Tags: ( google )
  6. Here is a nice description of a how Distributed Denial of Service attacks work. It even has pretty pictures for people like me 🙂
    Roger's Security Blog : Distributed Denial of Service - and how it works
    Tags: ( ddos )
  7. Raf has a good point. You need to understand the app you are testing. He offers some thoughts on a method of doing that.
    Digital Soapbox - Preaching Security to the Digital Masses: The Importance of Understanding Flow
    Tags: ( appsec )

That's it for today. Have fun!

Subscribe to my RSS Feed if you enjoy these daily Interesting Bits posts.

Kevin

{ 0 comments }

Good afternoon everybody! I hope your day is going well.

Here are today's Interesting Information Security Bits from around the web.

  1. I find this a little alarming. Particularly with the number of recent Facebook worms that have cropped up.
    Army Orders Bases to Stop Blocking Twitter, Facebook, Flickr | Danger Room | Wired.com
    Tags: ( social-media army )
  2. More on database encryption. Good stuff.
    Securosis Blog | Database Encryption, Part 2: Selection Process Overview
    Tags: ( database encryption )
  3. Good stuff, but remember making the boss look stupid is a career limiting move 😉
    A chat with the boss | The Infosec Cynic
    Tags: ( general )
  4. Here is an output of Project Quant. The first phase of the patch management cycle. Rich is looking for feedback.
    Details: Monitor for Advisories
    Tags: ( patch-management )
  5. Like a pet rock, a pet risk doesn't really help you much. Check out Ron's suggestions below.
    Pet Risks - A New View of Risk Management : The Security Catalyst
    Tags: ( risk-management )
  6. Chris was looking for some incident response templates and hit the motherlode of suggestions. He put them all together in a blog post. A very good reference page.
    Dr. InfoSec: Incident Response Templates, Cheat Sheets, and more
    Tags: ( incident-response )
  7. A couple days ago I pointed to the crossword puzzle challenge/contest being put on by Sophos. Well, it's all done and there is a winner. The link below contains the answer sheet if you are interested.
    Solution to computer security cryptic crossword | Graham Cluley's blog
    Tags: ( challenge )

That's it for today. Have fun!

Subscribe to my RSS Feed if you enjoy these daily Interesting Bits posts.

Kevin

{ 1 comment }

Good afternoon everybody! I hope your day is going well.

Here are today's Interesting Information Security Bits from around the web.

  1. A very interesting blog post. The obvious is not always where you should be looking.
    Developing Security: The Curious Case of the Careless Civic
    Tags: ( incident-response )
  2. CIS has a free benchmark for the iPhone available. If you are familiar with their efforts in the world of Windows and others, you will know that they put out quality stuff.
    CIS issues free benchmark on iPhone security
    Tags: ( cis benchmark iphone )
  3. Russ points out that Applicure has a free tool, WebTuff, available that will test you systems for the IIS 5-6 WebDAV vulnerability.
    HolisticInfoSec.org: WebTuff checks for WebDAV vulnerability
    Tags: ( tools webdav )
  4. Defcon has a new area that archives tools talked about at the conference. Thanks to Rob Fuller for helping out.
    DEFCON(r) Hacking Conference - Archive of Hacking Tools Released at DEFCON
    Tags: ( defcon tools )
  5. Chris has posted some tips and guidance on things to consider when issuing an RFP for your QSA vendor. First read it for just that. Then replace QSA with penetration test, consulting gig, etc. These are great tips for all RFP processes.
    QSA Vendor Selection - Points of Consideration << Risktical Ramblings
    Tags: ( rfp )

That's it for today. Have fun!

Subscribe to my RSS Feed if you enjoy these daily Interesting Bits posts.

Kevin

{ 0 comments }

Good afternoon everybody! I hope your day is going well.

Here are today's Interesting Information Security Bits from around the web.

  1. Beware of visiting sites that contain sensitive information on public networks. SSLStrip makes it even easier for the bad guys to get you.
    Hacker pokes new hole in secure sockets layer * The Register
    Tags: ( ssl mitm )
  2. Yup, another vulnerability in Adobe Reader. This one has active exploits and won't be patched until mid-March. Be careful out there.
    New in-the-wild attack targets fully-patched Adobe Reader * The Register
    Tags: ( exploit vulnerability adobe reader )
  3. Kees talks to us about some issues we need to be aware of when thinking about access to sensitive information.
    Handling sensitive information - Kees Leune Information Security Blog
    Tags: ( access control )
  4. Don tells us to ask why. Good stuff in here.
    Security Ripcord >> Blog Archive >> Incident Response Lessons Learned
    Tags: ( incident response )
  5. Some good questions to consider when you are selecting you next vendor for a pen test.
    How to choose a Pen Tester << Steven Branigan's Blog
    Tags: ( pentesting )
  6. It's coming up. If you are in the heartland, this is a good option, particularly if cost is an issue.
    Carnal0wnage Blog: ChicagoCon 2009s is coming up!
    Tags: ( conference chicagocon )
  7. An interesting paper about Banking Trojans.
    Bank details uncovered - PandaLabs
    Tags: ( malware )

That's it for today. Have fun!

Subscribe to my RSS Feed if you enjoy these daily Interesting Bits posts.

Kevin

{ 0 comments }

Good afternoon everybody! I hope your day is going well.

Here are today's Interesting Information Security Bits from around the web.

  1. This is nice to see.
    Yahoo to anonymize user data after 90 days | Security - CNET News
    Tags: ( privacy )
  2. Time to update Flash Player on Linux.
    Critical Flaw in Flash Player...For Linux! - Security Watch
    Tags: ( flash linux )
  3. Part 3 of SynJunkies' tale is ready for your perusal.
    Syn: The Story of an Insider - Part 3. Playing at CSI
    Tags: ( incident-response stories )
  4. New version. Haven't played with this one yet. Going to have to check it out.
    /dev/random >> Blog Archive >> OpenVAS 2.0.0. is out
    Tags: ( vulnerability openvas )
  5. Mike is getting involved it what appears to be a great new effort in training for penetration testers.
    Getting Information Security Training Right | Episteme
    Tags: ( training pentesting )
  6. Nifty new features.
    New Zenmap adds feature that does topology mapping | SecViz
    Tags: ( nmap zenmap )
  7. Done't forget folks. Firefox 2 is at end-of-life with 2.0.19 and you lost your safe-browsing capabilities too.
    Firefox 2 Users Will Get No More Security Updates - Security Fix
    Tags: ( firefox patches )
  8. I just like this post and Kees's approach.
    Making the world a little better - Kees Leune Information Security Blog
    Tags: ( awareness education )

That's it for today. Have fun!

Subscribe to my RSS Feed if you enjoy these daily Interesting Bits posts.

Kevin

{ 0 comments }