nist

Good afternoon everybody! I hope your day is going well.

Here are today's Interesting Information Security Bits from around the web.

  1. How to Become a Computer Forensics Investigator | Forensics, How To | Enclave Forensics
    Tags: ( forensics career )
  2. How to Cyberstalk Jobs / Cyberstalking Potential Employers
    Tags: ( surveillance privacy screening )
  3. Transparency: I Do Not Think That Means What You Think That Means... | Rational Survivability
    Tags: ( cloud amazon )
  4. Uncommon Sense Security: Hot off the [virtual] presses
    Tags: ( nist )
  5. waiting for patches to release to wsus... (terminal23)
    Tags: ( wsus patching microsoft )
  6. Twitter starts to get serious about spammers | Social Business | ZDNet.com
    Tags: ( twitter spam )

That's it for today. Have fun!

Subscribe to my RSS Feed if you enjoy these daily Interesting Bits posts.

Kevin

{ 0 comments }

Good afternoon everybody! I hope your day is going well.

Here are today's Interesting Information Security Bits from around the web.

  1. Some interesting statistics from a survey performed at Infosecurity Europe.
    Survey: 37% of employees would become insiders given the right incentive | Zero Day | ZDNet.com
    Tags: ( insider )
  2. Rebecca received and interesting questions about PII and your employer's access to it after you part ways. Her answer is worth reading.
    Employee Rights to PII When You Leave Your Employer or Lose Your Job - Realtime IT Compliance
    Tags: ( pii )
  3. The Princess of Antiquity is back and picking up her Non-technical series on Cryptography. I have pointed to previous posts before. Good stuff.
    Symmetric Key Cryptography (Non-Technical) << Princess of Antiquity
    Tags: ( cryptography )
  4. Like the title says, a new NIST draft guide has been released. These are always worth reading.
    NIST Guide to Enterprise Password Management
    Tags: ( nist passwords )

That's it for today. Have fun!

Subscribe to my RSS Feed if you enjoy these daily Interesting Bits posts.

Kevin

{ 0 comments }

Good afternoon everybody! I hope your day is going well.

Here are today's Interesting Information Security Bits from around the web.

  1. Tricky. Very, very tricky and easy to fall for.
    BBC NEWS | Technology | Parking ticket leads to a virus
    Tags: ( malware social-engineering )
  2. Julie has a great post up on the Security Forum. Moving outside of your comfort zone goes hand-in-hand with the never stop learning tenet that I live by.
    Running Outside the Zone : The Security Catalyst
    Tags: ( general )
  3. Rich and Alane have released the full paper "The Business Justification for Data Security." I gotta tell ya, my reading pile is getting taller and taller. This one, however, will go near the top.
    The Business Justification for Data Security- Version 1.0 | securosis.com
    Tags: ( security justification model )
  4. Jeremiah takes a stab explaining what a number of the organizations that produce web app sec guidance are and also talks about the lists they produce. A good read.
    Jeremiah Grossman: Who's who and what's what
    Tags: ( webappsec )
  5. The public draft for "Recommended Security Controls for Federal Information Systems and Organizations" is available for review and comments.
    Recommended Security Controls for Federal Information Systems and Organizations (PDF)
    Tags: ( nist 800-53 )

That's it for today. Have fun!

Subscribe to my RSS Feed if you enjoy these daily Interesting Bits posts.

Kevin

{ 0 comments }

Today's Bits has really big phone bills, blocking wi-fi signals, a new NIST publication about protecting PII, more storytelling by Synjunkie, generational differences and their impact on business's security, the winners of the latest Ethical Hacker challenge, HITB videos, and the Top 10 Hacking videos on YouTube.  Read on for details.

  1. Just like any networked device/system, make sure your phone systems are appropriately resistant to attack. Otherwise, you might be faced with some serious phone bills.
    Police investigate phone hacker spree : thewest.com.au
    Tags: ( pbx )
  2. This is interesting, but be careful. There may be laws that affect whether you can you this type of product.
    Techworld.com - New paint promises high-speed Wi-Fi shielding
    Tags: ( wireless blocking )
  3. Rebecca lets us know that NIST has a new publication ready for us, "Guide to Protecting the Confidentiality of Personally Identifiable Information" This should be a good read.
    New Guidelines for Safeguarding Personal Data - Realtime IT Compliance
    Tags: ( pii protection )
  4. Synjunkie has part 3 of the his Newbie Haxor storyline up.
    Syn: The Story of a Newbie Hax0r - Part 3. Lets Get Physical
    Tags: ( stories )
  5. This has been a topic I have been thinking about quite a bit as I get more involved in social networking. As indicated below, the generation just now entering the work force and the one right behind them communicate in a way that is completely different than any generation before them. We are going to have to learn how to accommodate this while maintaining security.
    IT Security's Next Big Threat: Young People - security trends/Vulnerabilities - DarkReading
    Tags: ( risk )
  6. The winners of the latest challenge at the Ethical Hacker Network are posted.
    The Ethical Hacker Network - Santa Claus is Hacking to Town - Answers and Winners
    Tags: ( challenge )
  7. Martin points out that the HITB Malaysia videos are available now.
    Network Security Blog >> HITB Videos available
    Tags: ( videos conferences hitb )
  8. Here ya go. Some hacking videos for you pleasure.
    Hat tip: http://www.stevegoodbarn.com
    Top 10 YouTube hacking videos | NetworkWorld.com Community
    Tags: ( videos hacking )

That's it for today. Have fun!

Subscribe to my RSS Feed if you enjoy these daily Interesting Bits posts.

Kevin

Reblog this post [with Zemanta]

{ 0 comments }

Hiya all. I know I have been less than vigilant in my posting here. I am not going to promise I will get better since that hasn't worked so far, but things might get a little more regular around here in the near future. Anywho, on with the show.

From the Blogosphere

Nathan McFeters has penned a nice post about responding to the DNS vulnerability and attacks. He also points to a post on The Frequency X Blog which also talks about the same topic.

Tom points to 0x0e's post that puts forward a list of skills that a good pentesting team should have. It is a good list and worth keeping in mind when both building a team and when contracting for a team to do work.

Rich has written an interesting post about spies and infosec and self-interest. He also asks, Security Operations: Do you CAER? (Collection, Analysis, Escalations and Resolution.) A very intersting read.

Dave Lewis points out that NIST has revised several security guidelines.

Billy explores what can happen when your browser is registered to handle several protocols.

I didn't get a chance to look at the Newsosphere, so this is it for the 29th.

Have a great day.

Kevin

Technorati Tags: , , , , ,

{ 0 comments }