ossec

Good afternoon everybody! I hope your day is going well.

Here are today's Interesting Information Security Bits from around the web.

  1. The latest Packet Challenge is up.
    "Name That Tune" - Packet Challenge << I Smell Packets
    Tags: ( challenge forensics )
  2. The speaker list has been finalized for CarolinaCon. Check it out.
    CarolinaCon: The NC Regional Technology Conference - March 19th, 20th, and 21st 2010
    Tags: ( conferences carolinacon )
  3. More OSSEC fun. This time using Logwatch.
    Combining Logwatch and OSSEC >> chrisbrenton.org
    Tags: ( ossec logging )
  4. Here is a nifty reverse engineering example.
    Traversing a 'DLL': Financial Crimeware (Banker) << TraverseCode.com
    Tags: ( reverse-engineering malware )
  5. The Symantec State of Enterprise Security Report for 2010 is out. I haven't read it yet, but it is on the pile.
    Symantec State of Enterprise Security Report (application/pdf Object)
    Tags: ( report )

That's it for today. Have fun!

Subscribe to my RSS Feed if you enjoy these daily Interesting Bits posts.

Kevin

{ 0 comments }

Good afternoon everybody! I hope your day is going well.

Here are today's Interesting Information Security Bits from around the web.

  1. The latest edition of the CWE/SANS Top 25 is available now.
    CWE - 2010 CWE/SANS Top 25 Most Dangerous Programming Errors
    Tags: ( webappsec )
  2. Who doesn't like stickers? Check out this survey.
    Answer Survey, Get Stickers - F-Secure Weblog : News from the Lab
    Tags: ( survey )
  3. This is pretty nifty. Importing Secunia Advisories into a SIEM/OSSEC.
    /dev/random >> Importing Secunia Advisories into a SIEM/OSSEC
    Tags: ( ossec logging )
  4. Rich and crew have released their latest whitepaper. Check it out.
    Securosis Blog | New Release: Understanding and Selecting a Database Assessment Solution
    Tags: ( database assessment )
  5. Congratulations to Kees for being designated as a SANS Thought Leader! Read his interview here.
    SANS: Security Thought Leaders - Kees Leune
    Tags: ( interview )

That's it for today. Have fun!

Subscribe to my RSS Feed if you enjoy these daily Interesting Bits posts. For even more links, check out the blog's twitter feed: @InfoSecRamblins.

Kevin

{ 0 comments }

Good afternoon everybody! I hope your day is going well.

Here are today's Interesting Information Security Bits from around the web.

  1. Alan and some others are starting a new company that looks to offer an interesting service. Alan is one of my on-line friends that I have actually met in person. He is good guy and I wish him and his partners the best of luck in their new endeavor.
    The Ashimmy Blog: I give you The CISO Group
    Tags: ( general )
  2. This is some sneaky business here.
    Google Faces The Slickest Click Fraud Yet - Forbes.com
    Tags: ( click-fraud )
  3. This is good news. HTTPS is finally the default for all Gmail access. Note: you may experience some issues with offline access. The post has info on how to correct the issue.
    Official Gmail Blog: Default https access for Gmail
    Tags: ( gmail google )
  4. You've probably already heard about Google getting hacked and their response, but if you haven't, read this article.
    Google Hacked, Says it Will Stop Censoring Chinese Search Results -- Krebs on Security
    Tags: ( google )
  5. For those who don't see the big deal about Facebook from a security perspective (hopefully few), this read might change your mind. For those who are already concerned, show this to your management.
    Hacking a Corporate Network with Facebook : Information Security Resources
    Tags: ( facebook )
  6. Job Hunting? Try These! Good Hunting! : Liquidmatrix Security Digest
    Tags: ( jobs career )
  7. An interesting use of OSSEC as a rudimentary DLP solution.
    Immutable Security >> Detecting Sensitive Info with OSSEC
    Tags: ( ossec dlp )
  8. I really like this article by Gunnar. His point is valid.
    1 Raindrop: Beyond the opening: a priori is a problem
    Tags: ( general )

That's it for today. Have fun!

Subscribe to my RSS Feed if you enjoy these daily Interesting Bits posts.

Kevin

Reblog this post [with Zemanta]

{ 0 comments }

Good afternoon everybody! I hope your day is going well.

Here are today's Interesting Information Security Bits from around the web.

  1. Microsoft has had a threat modeling guide and some tooling for software development for a bit now. Today a guide was released for infrastructure. This could be very nice. I will be checking it out.
    HolisticInfoSec.org: IT Infrastructure Threat Modeling Guide now available
    Tags: ( threat-modeling )
  2. Andrew sat down and did something that each of us should be doing on a regular basis. He wrote a development plan. He didn't call it that, but that is what he did. Remember folks, your career is your responsibility, not your employers.
    Andrew Hay >> Blog Archive >> Training That I Would Like...
    Tags: ( career )
  3. Keep you eyes on this one. Could be some interesting stuff coming next month in regards to third-party twitter services.
    Coming in July: Month of Twitter Bugs | Zero Day | ZDNet.com
    Tags: ( twitter )
  4. Some interesting data collected on infosec professionals and why they move about. The full report is linked to in the post.
    Why do infosec consultants move jobs? | The Infosec Cynic
    Tags: ( career )
  5. OSSEC is a neat tool. If you want to get the low down, read Wim's post.
    OSSEC in a nutshell << The Security Kitchen
    Tags: ( hids ossec )
  6. You've probably seen plenty of warnings about url shorteners and how they present a security problem. Here is some solid proof that you should be careful with them. I'm not saying don't use them, I use them myself. Just be careful when clicking on the that url.
    Cligs short url service hacked, millions redirected | Graham Cluley's blog
    Tags: ( url-shorteners hacked )
  7. Craig has a great post up that I need to read a couple more times. Worth taking a look at. While you are at it, why not get engaged in the conversation.
    Stop the Madness! Cloud Onboarding Audits - An Open Question... | Cloud Security
    Tags: ( cloud )

That's it for today. Have fun!

Subscribe to my RSS Feed if you enjoy these daily Interesting Bits posts.

Kevin

{ 0 comments }