nac

Hello from San Francisco! It is RSA week which means that the Bits posts will go on hiatus for the next week. This will be the last one until Monday of next week. Sorry, but just to much too do 🙂

Here are today's Interesting Information Security Bits from around the web.

  1. Happy Birthday HiR! Ax0n and crew offer some great stuff. You should be watching.
    HiR Information Report: 0x0d - Happy Birthday, HiR!
    Tags: ( general )
  2. This is very very cool. Going to have to talk to somebody about this while at RSA this week. Incident Metrics Framework.
    Verizon Business Security Blog >> Blog Archive >> Verizon Incident Metrics Framework Released
    Tags: ( framework )
  3. Zach finds out some interesting (read scary) things about foursquare login on the Android.
    I'm in ur 4sq, snarfin ur password -- Part I - Intrepidus Group - Insight
    Tags: ( foursquare android )
  4. Andrew interviews Joshua Corman. I hope to meet Joshua this week.
    Andrew Hay >> Blog Archive >> Information Security D-List Interview: Joshua Corman
    Tags: ( interview d-list )
  5. Some goodness from Shmoocon. The video and presentation for the Social Zombies talk.
    Social Zombies II Slides, Video and Demos from Shmoocon -- spylogic.net
    Tags: ( shmoocon social-engineering video )
  6. JJ is releasing a new paper at RSA that will be worth a gander.
    Security Uncorked >> RSA Sneak Peek: The Universal NAC Feature Model doc
    Tags: ( nac )

That's it for today. Have fun!

Subscribe to my RSS Feed if you enjoy these daily Interesting Bits posts.

Kevin

{ 0 comments }

Good afternoon everybody! I hope your day is going well. Things look a little different below because Delicious's API appears to be having issues at the moment.  Anyway, here are today's Interesting Information Security Bits from around the web.

That's it for today. Have fun!

Subscribe to my RSS Feed if you enjoy these daily Interesting Bits posts.

Kevin

{ 0 comments }

Good afternoon everybody! I hope your day is going well.

Here are today's Interesting Information Security Bits from around the web.

  1. Amrit debunks 5 information security myths.
    The Top 5 Cyber Security Myths << Amrit Williams Blog
    Tags: ( general myths )
  2. WooHoo! Sourcefire celebrated 10 years last week.
    Sourcefire Network Security - Investor Relations - Press Release
    Tags: ( ids ips sourcefire )
  3. (via M. E. Kabay @ NetworkWorld) A list of information security maxims. Quite a hoot.
    Security Maxims [Vulnerability Assessment Team (VAT)] - Nuclear Engineering Division (Argonne)
    Tags: ( humor maxims )
  4. An exploitable DirectShow vulnerability has surface. There are some work-arounds though.
    Microsoft DirectShow is Vulnerable - F-Secure Weblog : News from the Lab
    Tags: ( directshow microsoft vulnerability )
  5. As usual, Jennifer makes a somewhat difficult topic easy to understand. This is particularly topical for me as I was just having this discussion with some folks last week.
    Understand the differences in network access control solutions
    Tags: ( nac )
  6. Richard is asking for some feedback on an Information Security Incident Rating scale he has developed. Take a peek and let him know what you think.
    TaoSecurity: Information Security Incident Rating
    Tags: ( breach data-leakage )
  7. Daniel shows us how to setup splunk as a remote syslog server.
    HOWTO: Use Splunk as Your Remote Syslog Server | dmiessler.com
    Tags: ( splunk syslog )
  8. Issue 21 is out.
    (IN)SECURE Magazine
    Tags: ( magazine insecure )

That's it for today. Have fun!

Subscribe to my RSS Feed if you enjoy these daily Interesting Bits posts.

Kevin

{ 0 comments }

Hello peoples. I know I said I'd be posting again by Wednesday of this week. I lied. Sorry about that. Coming back from vacation hurts in so many ways. So a couple days late, but here we go.

@jth twitted a link to a list of useful built-in Windows commands and tools by Ed Skoudis.

John Heasman has an interesting post up which talks about NTLM Fun and Games. Worth looking at.

Micki Krause over at bloginfosec.com has an article up that refers to Joyce Brocaglia's chapter in "CISO Leadership: Essential Principles for Success."

The second part of a series about Communicating About Risk is up over at riskmanagementinsight.com. Part one is here. Read them. It will be time well spent.

Jennifer Jabbusch has yet another informative post up. This one helps us understand the difference between a NAC client and an 802.1X Supplicant. Jennifer does a great job of making both topics approachable.

That's it for today. Have great one.

Kevin

Technorati Tags: , , , , ,

{ 0 comments }