security program

Good afternoon everybody! I hope your day is going well.

Here are today's Interesting Information Security Bits from around the web.

  1. Shhh. It's a secret, but here are some items that evil hacker types won't tell you.
    13 Things a Web Application Attacker Won't Tell You - denimgroup's posterous
    Tags: ( webappsec )
  2. Kees points us to some free training on Incident Command Systems offered by FEMA. Worth checking out.
    Incident Response and the Incident Command System - Kees Leune
    Tags: ( incident-response )
  3. David Meier's first Securosis post is live and its a good one.
    Securosis Blog | Realistic Security
    Tags: ( security-program )
  4. Those cute little snort pigs don't make very good rockets. The VRT team proves it.
    VRT: of Pigs and Rockets
    Tags: ( humor )
  5. This malware not only steals your money, it modifies your statement so you don't know you've been stolen from. Wow.
    New Malware Re-Writes Online Bank Statements to Cover Fraud | Threat Level | Wired.com
    Tags: ( malware )
  6. Looks like Microsoft's Security Essentials does a pretty good job.
    Security Fix - Stress Testing Microsoft's Free Anti-virus Offering
    Tags: ( anti-virus anti-malware microsoft )

That's it for today. Have fun!

Subscribe to my RSS Feed if you enjoy these daily Interesting Bits posts.

Kevin

{ 0 comments }

Good afternoon everybody! I hope your day is going well.

Here are today's Interesting Information Security Bits from around the web.

  1. Dre is reading a lot of the same people as I am when it comes to security programs. This post has some good stuff in it along with some great additional reading for us.
    What makes a solid security program? | tssci security
    Tags: ( security-program )
  2. Another day, another case of people handing over credentials to anybody who asks.
    Another Twitter Scam: Twitviewer -- spylogic.net
    Tags: ( twitter )
  3. Looks like there is a nasty BIND vulnerability being actively exploited. Time to update.
    BIND 9 Issue
    Tags: ( bind dns )
  4. Very nice. I like the way he approached this.
    Tactical Web Application Security: Lessons Learned From Casino Surveillance
    Tags: ( general )
  5. Wim is getting into FAIR. Very cool stuff.
    all is FAIR in love and war. << The Security Kitchen
    Tags: ( fair )
  6. An interesting case of what you read on the internet isn't always true 🙂
    Fake Retweets Lead To Spam - SpywareGuide Greynets Blog
    Tags: ( twitter )
  7. Sometimes high availability doesn't make your life easier. Check out Shrdlu's post and think about your situation a little.
    When 'high availability' isn't good enough.
    Tags: ( general )
  8. If you are an information security professional or want to be, I strongly recommend you carve out the time to attend Mike and Lee's talk at Defcon. They know what they are talking about and you should too!
    Effective Information Security Career Planning at DefCon | Information Security Leaders
    Tags: ( career )
  9. No big surprise here for me.
    Study says SSL-certficate warnings are as good as useless - News - The H Security: News and features
    Tags: ( ssl )

That's it for today. Have fun!

Subscribe to my RSS Feed if you enjoy these daily Interesting Bits posts.

Kevin

{ 0 comments }

Good afternoon everybody! I hope your day is going well.

Here are today's Interesting Information Security Bits from around the web.

  1. This might be very interesting. I have not read it yet, but it is going on the reading pile.
    ISACA Business Model for Information Security : Security Watch - Internet Security News: IT security, Business security, Computer security, Network security, and more
    Tags: ( security program )
  2. $1 trillion would pay for a log of security measures.
    Study: Cybercrime cost firms $1 trillion globally | Security - CNET News
    Tags: ( general )
  3. Ever had a packet capture from a wireless network and you couldn't read because your tool only understood ethernet? Wlan2eth to the rescue. A nifty tool that converts and WLAN pcap file into an ethernet pcap.
    New Tool: wlan2eth
    Tags: ( wifi )
  4. The Call for Papers is open for SecTor 2009. I have heard really good things about this conference. If you have an idea, why not contribute it?
    Security Experts Speaking Opportunities Black Hat White Hat Toronto Canada
    Tags: ( conferences cfp sector )
  5. I'm not promoting hacking, but this really is classic.
    Motorists warned of "Zombies Ahead" on hacked road sign | Graham Cluley's blog
    Tags: ( humor hacking )

That's it for today. Have fun!

Subscribe to my RSS Feed if you enjoy these daily Interesting Bits posts.

Kevin

{ 0 comments }

Since at least a couple people find these posts helpful and/or interesting (thanks Zach and Kees), they will continue.

Dean De Beer posts about the increasing complexity of scams our users are seeing. One wonders how long until it will be virtually impossible for the average user to determine if an email is legitimate or not.

Andy Willingham has penned a missive that discusses something that every information security professional has to come to terms with at one time or another. He calls it audit driven programs.

Our last entry today comes from Alex Hutton. He posits that under certain circumstances checklists are not for dummies, but they sure are dumb. As he says, checklists have their place, but are completely inadequate and often misleading when used for some purposes.

Have a great day.

Kevin

Technorati Tags: , , , ,

{ 0 comments }