skype

Good afternoon everybody! I hope your day is going well.

Here are today's Interesting Information Security Bits from around the web.

  1. This is a nice summation of some recent research on data breaches.
    Reports: SQL injection attacks and malware led to most data breaches | Zero Day | ZDNet.com
    Tags: ( research )
  2. Good points on writing custom error pages.
    Digital Soapbox - Down the Security Rabbithole!: Accidental Anti-Automation in Web App Sec
    Tags: ( error-pages )
  3. This article points to a couple of Skype policies that might be helpful.
    Example Skype Security Policies: Low-Medium Security Levels
    Tags: ( skype )
  4. FreeBSD and its ilk are a bit of a different breed. Hal gives some tips on digging into them forensically.
    FreeBSD Computer Forensic Tips & Tricks
    Tags: ( freebsd forensics )
  5. While compliance does not equal security, it does have its place. Give what Dennis has to say a gander.
    Security From Scratch: Using Compliance For Good : The Security Catalyst
    Tags: ( compliance )
  6. If you have any of the following going on, you really need to look at your procedures and policies.
    Immutable Security >> Administrators by Proxy
    Tags: ( windows administrators )
  7. Let your voice be heard fellow security bloggers. Time to vote for the Social Security Blogger Awards.
    The Ashimmy Blog: Vote for the Social Security Blogger Awards
    Tags: ( security-bloggers awards )
  8. Looks like there is going to be a Security Bloggers Meet-up in April in London. Wish I could be there.
    Security Bloggers Meet Up, proposed 27th April near Earls Court London | Security Active Blog
    Tags: ( meet-up )
  9. Looking for some research you can't find anywhere else? Let Rich and company know.
    Securosis Blog | Choose Your Own Whitepaper Adventure (and Upcoming Papers)
    Tags: ( research )
  10. Vercode offers some clarity about the Blackberry application released at Shmoocon. Key: Not a hack.
    In Which We Dispel Misconceptions
    Tags: ( blackberry spyware )

That's it for today. Have fun!

Subscribe to my RSS Feed if you enjoy these daily Interesting Bits posts.

Kevin

{ 0 comments }

Good afternoon everybody! I hope your day is going well.

Here are today's Interesting Information Security Bits from around the web.

  1. You probably already are aware of this. Monster.com has indicated that they have suffered a breach. The evil doers have pretty much everything you ever put into Monster that you would consider sensitive.
    Monster.com suffers database breach deja vu * The Register
    Tags: ( breach monstor )
  2. Andrew has a nifty little script you can use to remotely check the time on your windows boxen.
    Andrew Hay >> Blog Archive >> Quick Script to Remotely Check Windows System Time
    Tags: ( tools windows scripts time )
  3. Sensepost has a challenge up regarding reverse engineering an FTP server. Give it a go.
    QoW: Software Reversing and Exploitation
    Tags: ( challenge exploit software reversing )
  4. Alex calls PCI security through obscurity.
    The Source of PCI DSS "Failure" | RiskAnalys.is
    Tags: ( pci )
  5. Chris disagrees with Alex's notion that PCI is security through obscurity.
    PCI-DSS Is Not About "Security by Obscurity" << Risktical Ramblings
    Tags: ( pci )
  6. A nice set of links to good articles on cloud computing. Includes some security related info too.
    Hat Tip: http://rationalsecurity.typepad.com/blog/2009/01/cloud-security-link-love-monk-style.html
    System Advancements at the Monastery >> Blog Archive >> Recent Cloud Postings
    Tags: ( cloud )
  7. Part 2 of Erik's series on Security Your Linux Host is available.
    Art of Information Security >> Secure Your Linux Host - Part 2: Secure SSH
    Tags: ( linux securing )
  8. Nice walk through of an XSS attack.
    Hat tip: @lbhuston
    Anatomy of an XSS Attack
    Tags: ( xss )
  9. A nice exploration of Skype and its use in your environment.
    Skype, is it right for you?
    Tags: ( skype )

That's it for today. Have fun!

Subscribe to my RSS Feed if you enjoy these daily Interesting Bits posts.

Kevin

Reblog this post [with Zemanta]

{ 0 comments }

Today's Bits brings us posts that talk about rule breakers, DHS profiles of international travelers, playing like you're a printer with netcat, some possible policies that may need attention and things to think about when using Skype in the enterprise. Read on for the details.

  1. I have seen everyone of the these happen more times than I can count.
    The 4 Security Rules Employees Love to Break - Network World
    Tags: ( general awareness )
  2. This is an interesting read about what information the Department of Homeland Security has on international travelers. If you are curious about what they have on you, you can find out.
    A rare peek at Homeland Security's files on travelers - This Just In - Budget Travel
    Tags: ( travel dhs profile )
  3. Wesley has a nice how-to that show you a method for catching print jobs with netcat. Very handy for the issue he was trying to solve. However, as a commenter points out, what a great way to grab data in a pen test 🙂
    McGrew Security Blog >> Blog Archive >> Pretending to be a Printer with Netcat
    Tags: ( mitm printer netcat )
  4. Rebecca makes a really good point in this post. If your policies and procedures don't address twitter and its ilk, you should probably get on that.
    Business Info Fact Of The Day: Employees In Most Organizations Are Twittering - Realtime IT Compliance
    Tags: ( twitter procedure policies )
  5. A couple things to think about regarding Skype in the enterprise.
    Lawrence Orans on Containing the Risk of Using Skype
    Tags: ( general skype )

That's it for today. Have fun!

Subscribe to my RSS Feed if you enjoy these daily Interesting Bits posts.

Kevin

{ 0 comments }