pii

Good afternoon everybody! I hope your day is going well.

Here are today's Interesting Information Security Bits from around the web.

  1. Some interesting statistics from a survey performed at Infosecurity Europe.
    Survey: 37% of employees would become insiders given the right incentive | Zero Day | ZDNet.com
    Tags: ( insider )
  2. Rebecca received and interesting questions about PII and your employer's access to it after you part ways. Her answer is worth reading.
    Employee Rights to PII When You Leave Your Employer or Lose Your Job - Realtime IT Compliance
    Tags: ( pii )
  3. The Princess of Antiquity is back and picking up her Non-technical series on Cryptography. I have pointed to previous posts before. Good stuff.
    Symmetric Key Cryptography (Non-Technical) << Princess of Antiquity
    Tags: ( cryptography )
  4. Like the title says, a new NIST draft guide has been released. These are always worth reading.
    NIST Guide to Enterprise Password Management
    Tags: ( nist passwords )

That's it for today. Have fun!

Subscribe to my RSS Feed if you enjoy these daily Interesting Bits posts.

Kevin

{ 0 comments }

Today's Bits has really big phone bills, blocking wi-fi signals, a new NIST publication about protecting PII, more storytelling by Synjunkie, generational differences and their impact on business's security, the winners of the latest Ethical Hacker challenge, HITB videos, and the Top 10 Hacking videos on YouTube.  Read on for details.

  1. Just like any networked device/system, make sure your phone systems are appropriately resistant to attack. Otherwise, you might be faced with some serious phone bills.
    Police investigate phone hacker spree : thewest.com.au
    Tags: ( pbx )
  2. This is interesting, but be careful. There may be laws that affect whether you can you this type of product.
    Techworld.com - New paint promises high-speed Wi-Fi shielding
    Tags: ( wireless blocking )
  3. Rebecca lets us know that NIST has a new publication ready for us, "Guide to Protecting the Confidentiality of Personally Identifiable Information" This should be a good read.
    New Guidelines for Safeguarding Personal Data - Realtime IT Compliance
    Tags: ( pii protection )
  4. Synjunkie has part 3 of the his Newbie Haxor storyline up.
    Syn: The Story of a Newbie Hax0r - Part 3. Lets Get Physical
    Tags: ( stories )
  5. This has been a topic I have been thinking about quite a bit as I get more involved in social networking. As indicated below, the generation just now entering the work force and the one right behind them communicate in a way that is completely different than any generation before them. We are going to have to learn how to accommodate this while maintaining security.
    IT Security's Next Big Threat: Young People - security trends/Vulnerabilities - DarkReading
    Tags: ( risk )
  6. The winners of the latest challenge at the Ethical Hacker Network are posted.
    The Ethical Hacker Network - Santa Claus is Hacking to Town - Answers and Winners
    Tags: ( challenge )
  7. Martin points out that the HITB Malaysia videos are available now.
    Network Security Blog >> HITB Videos available
    Tags: ( videos conferences hitb )
  8. Here ya go. Some hacking videos for you pleasure.
    Hat tip: http://www.stevegoodbarn.com
    Top 10 YouTube hacking videos | NetworkWorld.com Community
    Tags: ( videos hacking )

That's it for today. Have fun!

Subscribe to my RSS Feed if you enjoy these daily Interesting Bits posts.

Kevin

Reblog this post [with Zemanta]

{ 0 comments }

Well the start of a new weeks is here, along with a batch of interesting things to take a look at. Only blogs again this time.

360 Security, along with many other folks, points out that the Apple DNS Patch Fails To Randomize.

Kurt Dobbins over at Arbor Networks has an interesting post up about the Myths and Realities of the Net Neutrality Debate. Good stuff in there.

Bruce Schneier brings to our attention that the U.S. government has published its policy regarding Seizing Laptops at Borders. Basically, we take when we want to and you don't have any say in the matter.

Nifty post up at Neohapsis talking about exploiting hardware vulnerabilities in the Intel CPU. Neat stuff. Kris Kaspersky's talk "Remote Code Execution Through Intel CPU Bugs" to be given at Hack in the Box was the impetus.

Wesley has created his first Metasploit module. It is a nifty tool. You should go take a look if you are interested in pen testing.

CG points to a paper and demo for DHCP script injection. Lots of fun to be had there.

Ha.ckers.org has a nice little bookmarklet that make is easy to use MSN IP Search to find domains on the same IP address as the web page you are reading.

Chris Hayes
continues his discussion of risk in response to Shrdlu's comments on a previous post. Good stuff.

Finally, Gary Warner points us to another story about an insider selling PII.

I will be leaving for Vegas on Thursday so there will be light posting here until next week.

Kevin

Technorati Tags: , , , , , , , ,

{ 1 comment }