pdf

Backtrack 4 USB Thumb Drive PDF

by kriggins on August 23, 2009

in Announcement

I thought some might like to have a PDF of the how-to that could be used off-line.

Therefore, I made one.

The link is here (PDF). It is also linked to at the top of the how-to page itself.

-Kevin

{ 0 comments }

Good afternoon everybody! I hope your day is going well.

Here are today's Interesting Information Security Bits from around the web.

  1. Oops. Didn't mean for that super secret list of civilian nuclear sites to be posted.
    Government Accidently Posts Sensitive Nuclear Documents Online -- Government IT Security
    Tags: ( data-leakage )
  2. If you are using Rails 2.3 and performing digest authentication, you need to read this and implement the fix provided.
    Nate's Tumble Log, Security hole found in Rails 2.3's http_authentication.rb
    Tags: ( rails ruby )
  3. Xavier has a nice tutorial on integrating Didier Stevens handy PDFiD tool with Nautilus on a Linux system.
    /dev/random >> Blog Archive >> PDFiD Integration with Nautilus
    Tags: ( pdf pdfid )
  4. If you see visits to these sites in your proxy logs, you have some work to do. Also, if you don't have a proxy or don't look at the logs, you have even more work to do πŸ™‚
    Google Online Security Blog: Top 10 Malware Sites
    Tags: ( malware )
  5. Rich and Adrian are looking for some help with Project Quant. They have a survey up about patch management they would really like for you to participate in.
    TAKE PART IN PROJECT QUANT (please)! << The New School of Information Security
    Tags: ( patching )
  6. If you are in the Atlanta area, the June meeting of NAISG is happening on the 10th. Stop on by.
    June Atlanta NAISG Meeting >> Andy ITGuy
    Tags: ( naisg )
  7. A new release of BASE is available.
    New version (v 1.4.3.1) of BASE available
    Tags: ( ids base snort )

That's it for today. Have fun!

Subscribe to my RSS Feed if you enjoy these daily Interesting Bits posts.

Kevin

{ 0 comments }

Good afternoon everybody! I hope your day is going well.

Here are today's Interesting Information Security Bits from around the web.

  1. An interesting Q&A. Check it out.
    Q&A: FBI agent looks back on time posing as a cybercriminal | Security - CNET News
    Tags: ( general )
  2. Here are some interesting statistics.
    PDF Most Common File Type in Targeted Attacks - F-Secure Weblog : News from the Lab
    Tags: ( malware attacks )
  3. An interesting note from Don with a warning. Take heed.
    Security Ripcord >> Blog Archive >> Large Memory Acquisitions
    Tags: ( forensics memory )
  4. 34% is a pretty depressing statistic.
    34% of resold hard drives contain personal data, study reveals | Graham Cluley's blog
    Tags: ( data-leakage )
  5. Richard points out that amazon web services is now provided access to logs.
    TaoSecurity: Logs from the Cloud
    Tags: ( cloud amazon )
  6. You really need to check this out πŸ™‚
    The InfoSec Prayer
    Tags: ( prayer )
  7. Shrldu has some very nice add-ons to the post by Alex that I pointed at yesterday.
    Let go, let Cloud.
    Tags: ( cloud )

That's it for today. Have fun!

Subscribe to my RSS Feed if you enjoy these daily Interesting Bits posts.

Kevin

{ 0 comments }

Good afternoon everybody! I hope your day is going well.

Here are today's Interesting Information Security Bits from around the web.

  1. Autorun is finally going to be updated to be a bit more selective in what it allows you to do with files found on removable media. I still suggest you turn it off.
    Microsoft to Change AutoPlay Behavior - Security Watch
    Tags: ( windows autorun )
  2. As usual, Didier is ready to help us with the current PDF issue. He has added a feature to disable scripts in a suspected or even a not-suspected PDF. Thanks Didier!
    Quickpost: Disarming a PDF File << Didier Stevens
    Tags: ( pdf )
  3. This in line with the recent talk about enterprises really not doing well at patching.
    The Kilo-Day threat and mundane security
    Tags: ( threats )
  4. I got a real chuckle out of this.
    12 Steps of IT Security Anonymous : The Security Catalyst
    Tags: ( general )

That's it for today. Have fun!

Subscribe to my RSS Feed if you enjoy these daily Interesting Bits posts.

Kevin

{ 0 comments }

Good afternoon everybody! I hope your day is going well.

Here are today's Interesting Information Security Bits from around the web.

  1. A Romanian man is the first foreigner to be sentenced to a prison sentence in the U.S.
    U.S. sentences first foreigner for phishing
    Tags: ( phishing )
  2. Happy birthday to Security Fix. 4 Years and counting.
    Happy 4th Birthday, Security Fix - Security Fix
    Tags: ( general )
  3. Didier keeps churning out nifty stuff for us. This new tools helps us know if a pdf has the capability to potentially do us harm. It doesn't scan for intent, just for the possibility.
    PDFiD << Didier Stevens
    Tags: ( pdf )

That's it for today. Have fun!

Subscribe to my RSS Feed if you enjoy these daily Interesting Bits posts.

Kevin

{ 0 comments }

Good afternoon everybody! I hope your day is going well.

Here are today's Interesting Information Security Bits from around the web.

  1. This looks like it will be a nifty tool.
    Microsoft to release exploitability tool
    Tags: ( microsoft code-review fuzzing )
  2. The patches for Adobe Acrobat and Reader version 7 and 8 are now available.
    Security Updates Available for Adobe Reader and Acrobat Versions 7 and 8 - Security Watch
    Tags: ( pdf vulnerability adobe patches )
  3. Whoops. First miss-configure things, then let people see it, then tell the folks that find it that they don't know what they are talking about. Trust me, these guys definitely know what they are talking about. Also made it to the Register.
    Digital Soapbox - Information Security, Risk & Data Protection Blog: FOX News Fail on Twitter
    Tags: ( vulnerability )
  4. Not that there was much doubt that it would happen, but all three browsers have fallen in the CanSecWest conference hacking contest.
    A grim day for browser security at hacker contest * The Register
    Tags: ( hacking contest cansecwest )
  5. A nice article about privacy settings for LinkedIn.
    LinkedIn Privacy Settings: What You Need to Know - Network World
    Tags: ( privacy linkedin )

That's it for today. Have fun!

Subscribe to my RSS Feed if you enjoy these daily Interesting Bits posts.

Kevin

{ 0 comments }

Good afternoon everybody! I hope your day is going well.

Here are today's Interesting Information Security Bits from around the web.

  1. Time to patch Firefox again. Yup, again.
    Firefox 3.07 and Other Mozilla Apps Fix Several Vulnerabilities - Security Watch
    Tags: ( browser firefox patches )
  2. No click necessary to get owned.
    Quickpost: /JBIG2Decode Trigger Trio << Didier Stevens
    Tags: ( exploit pdf adobe infosce vulnerablility )
  3. My first reaction to this is, "Privacy just died." Then I stopped and thought about wire-taps that are allowed in the United States with appropriate warrants and wondered if I was overreacting. I've landed on being very concerned.
    Police will have power to secretly search homes [in the NSW jurisdiction of Australia]| The Daily Telegraph
    Tags: ( privacy surveillance )

That's it for today. Have fun!

Subscribe to my RSS Feed if you enjoy these daily Interesting Bits posts.

Kevin

{ 0 comments }

In today's Bits post we take a look browser bugs, Blackberry Server bugs, fun with hardware hacking, defining effectiveness, the Source Boston schedule, Incident Response Management, and Downadup.

  1. Oh look, it's a browser bug. How novel. (yes, that was sarcasm and this appears to be pretty nasty)
    Browser bug could allow phishing without e-mail - Network World
    Tags: ( vulnerability browser javascript phishing )
  2. Time to patch your Blackberry Servers.
    RIM issues security patches for BlackBerry | Security - CNET News
    Tags: ( pdf vulnerability blackberry patches rim )
  3. Didier's been playing with some hardware. Nifty stuff.
    A Hardware Tip for Fuzzing Embedded Devices << Didier Stevens
    Tags: ( hardware hacking embedded devices phidgets )
  4. Read this post. Also read the comments. Some good device and a very workable definition of effectiveness and where efficiency and optimization come into play.
    Verizon Business Security Blog >> Blog Archive >> What is an "effective" Control?
    Tags: ( control effectiveness )
  5. The Source Boston 2009 sessions have all been solidified and the schedule is up and ready for you perusal. Have fun. I so wish I was going to be there.
    Source Boston - Sessions
    Tags: ( source conferences )
  6. A nice article about Incident Response Management from Kees.
    Incident Response Management - Kees Leune Information Security Blog
    Tags: ( management incident response )
  7. Wow. Take look at what F-Secure is doing and what they have found out. This botnet appears to be huge.
    How Big is Downadup? Very Big. - F-Secure Weblog : News from the Lab
    Tags: ( )

That's it for today. Have fun!

Subscribe to my RSS Feed if you enjoy these daily Interesting Bits posts.

Kevin

Reblog this post [with Zemanta]

{ 0 comments }

Hi there. Here are today's interesting bits.

From the Blogosphere.

F-secure has posted a notice about two Mac OSX trojans.

Adobe is in the news again with a patch for yet another critical PDF Reader flaw. Head-up provide by Zero Day.

Via TaoSecurity, a post by Pascal Meunier, Virtualization Is Successful Because Operating Systems are Weak, puts forth an interesting way to look at virtualization.

What it looks like is that we have sinking boats, so we’re putting them inside a bigger, more powerful boat, virtualization...

Chris Eng at Veracode has Part 1 of Minimizing the Attack Surface up. Good read.

Security4all points us at a way to get Nessus 3 installed on Backtrack 3. Very cool, but watch that new licensing.

From the Newsosphere.

Verisign has been picked by Microsoft as the OpenID provider for users of HealthVault.

The Marshall Islands, a small country in the South Pacific, was effectively denied access to email by a denial of service attack.

Yahoo! Mail was vulnerable to a XSS attack which allowed access to confidential information. It's fixed now.

Some HSBC websites are also susceptible to XSS attacks.

Surprise, Surprise, China networks host a large number of the websites pushing malware.

That's it for today folks.

Have a good one.

Kevin

Technorati Tags: , , , , , , ,

{ 0 comments }