research

Good afternoon everybody! I hope your day is going well.

Here are today's Interesting Information Security Bits from around the web.

  1. This is a nice summation of some recent research on data breaches.
    Reports: SQL injection attacks and malware led to most data breaches | Zero Day | ZDNet.com
    Tags: ( research )
  2. Good points on writing custom error pages.
    Digital Soapbox - Down the Security Rabbithole!: Accidental Anti-Automation in Web App Sec
    Tags: ( error-pages )
  3. This article points to a couple of Skype policies that might be helpful.
    Example Skype Security Policies: Low-Medium Security Levels
    Tags: ( skype )
  4. FreeBSD and its ilk are a bit of a different breed. Hal gives some tips on digging into them forensically.
    FreeBSD Computer Forensic Tips & Tricks
    Tags: ( freebsd forensics )
  5. While compliance does not equal security, it does have its place. Give what Dennis has to say a gander.
    Security From Scratch: Using Compliance For Good : The Security Catalyst
    Tags: ( compliance )
  6. If you have any of the following going on, you really need to look at your procedures and policies.
    Immutable Security >> Administrators by Proxy
    Tags: ( windows administrators )
  7. Let your voice be heard fellow security bloggers. Time to vote for the Social Security Blogger Awards.
    The Ashimmy Blog: Vote for the Social Security Blogger Awards
    Tags: ( security-bloggers awards )
  8. Looks like there is going to be a Security Bloggers Meet-up in April in London. Wish I could be there.
    Security Bloggers Meet Up, proposed 27th April near Earls Court London | Security Active Blog
    Tags: ( meet-up )
  9. Looking for some research you can't find anywhere else? Let Rich and company know.
    Securosis Blog | Choose Your Own Whitepaper Adventure (and Upcoming Papers)
    Tags: ( research )
  10. Vercode offers some clarity about the Blackberry application released at Shmoocon. Key: Not a hack.
    In Which We Dispel Misconceptions
    Tags: ( blackberry spyware )

That's it for today. Have fun!

Subscribe to my RSS Feed if you enjoy these daily Interesting Bits posts.

Kevin

{ 0 comments }

It is Thanksgiving Day week in the U.S. and that means a couple of days off. I decided to tack on an extra day and won't be working tomorrow either. Yay! Five days off in a row.

Anywho, I will also be taking those days off from the Interesting Bits posts so this one will have to tide you over until Monday 🙂

Here are today's Interesting Information Security Bits from around the web.

  1. 10 things to think about not doing when on Facebook. This list will keep you safer.
    Errata Security: 10 Facebook Don'ts
    Tags: ( facebook )
  2. Is your iPhone infected with the Duh worm? Paul tells us how to clean it up.
    How to clean up the Duh iPhone worm | Paul Ducklin's blog
    Tags: ( iphone worm )
  3. Russel is looking for some collaborators on an research project he is working on. It looks to be very interesting. From his post: "The topic is the arms race between attackers and defenders from the perspective of innovation rates and "evolutionary success" - the Red Queen problem (running just to stand still). Here's a sample research question: "can bureaucracies (defenders) keep up with a decentralized black market (attackers)?", and similar." Read the rest of the post and drop him a line if you are interested.
    Information Security as an Evolutionary Arms Race - Research Collaborators Wanted << The New School of Information Security
    Tags: ( research )
  4. Shrdlu once again has penned an article that you should go read. Metrics are great, but they have to mean something.
    The meaning of metrics
    Tags: ( metrics risk )
  5. There is 0-day out there for IE 6 and IE 7. Microsoft's recommendation in some cases is to upgrade to IE 8. Um, oops.
    Major IE8 flaw makes 'safe' sites unsafe
    Tags: ( ie vulnerabilities )
  6. An interesting post that explores a conundrum that some organizations face when trying to comply with PCI. What happens when some of what I do requires me to be out of compliance with PCI-DSS?
    Branden Williams's Security Convergence Blog >> Multi-Function Service Providers, What To Do?
    Tags: ( pci )
  7. From the post: "We have uploaded the audio recording of select talks from the Ohio Information Security Summit that took place October 29-30, 2009 in Cleveland, Ohio." Looks like some good stuff is available. Check out the post for the details.
    Security Justice >> Blog Archive >> Select Talks from ISS2009 Now Available for Download
    Tags: ( audo conferences talks )
  8. A new tool is available that shows some interesting things about the internet.
    Room362.com - Blog - SHODAN The Computer Search
    Tags: ( tools )

That's it for today. Have fun!

Subscribe to my RSS Feed if you enjoy these daily Interesting Bits posts.

Kevin

{ 0 comments }