social engineering

Good afternoon everybody! I hope your day is going well.

Here are today's Interesting Information Security Bits from around the web.

  1. Microsoft has released their free anti-virus/anti-malware tool.
    Microsoft's New Tool in the Fight Against Malware Free to Consumers - Technology News - redOrbit
    Tags: ( anti-virus anti-malware free microsoft )
  2. Eric has a couple of interesting tools that might be fun to play with. One is an HTTP based SSH client. It runs on the server with no client other than a browser. The other is called Sockets Over HTTP (SOHT)
    EricDaugherty.com - Eric Daugherty's Open Source Projects
    Tags: ( tools evasion )
  3. Mike Murray is a cool dude. He made a promise and followed through on it. Check out this post to see the full version of the talk he gave at Hacker Halted.
    Hacker Halted Redux
    Tags: ( social-engineering video )
  4. Need to get around Green Dam censorship for some reason. Check out Dam Burst.
    jon.oberheide.org - blog - disabling green dam with dam burst
    Tags: ( green-dam dam-burst )
  5. I have pointed out the other articles in Alec's investigations into using entropy to detect encrypted sessions in live network traffic. Here is a continuation of that study. This is extremely cool and has the geek in me all excited 🙂
    Detecting encrypted traffic with net-entropy, part two << wirewatcher
    Tags: ( encryption network-forensics )

That's it for today. Have fun!

Subscribe to my RSS Feed if you enjoy these daily Interesting Bits posts.

Kevin

{ 0 comments }

Good afternoon everybody! I hope your day is going well.

Here are today's Interesting Information Security Bits from around the web.

  1. Two new and nifty things are coming, a social engineering framework and a new training module from Offensive Security on Metasploit. Yum!
    Social Engineering Framework and Metasploit Unleashed | SecuraBit
    Tags: ( training social-engineering metasploit )
  2. Looks like the gubment is looking at OpenID.
    Technology Security: US Government moves towards OpenID
    Tags: ( openid governement )

That's it for today. Have fun!

Subscribe to my RSS Feed if you enjoy these daily Interesting Bits posts.

Kevin

{ 0 comments }

Good afternoon everybody! I hope your day is going well.

Here are today's Interesting Information Security Bits from around the web.

  1. You have (hopefully) an information security policy. You also have an (shame on you if you don't) acceptable use policy. How about a social media policy? Hat tip @agent0x0 who retweeted @koskim
    Should Your Company Have a Social Media Policy?
    Tags: ( policy social-media )
  2. Some nice tips on what to do and what not to do when you land that interview in today's difficult markets.
    10 Dos and Don'ts for Security Job Interviews - CSO Online - Security and Risk
    Tags: ( career interviewing )
  3. This is pretty nifty and a great way to maintain backwards compatibility with applications that require Windows XP to run when you move to Windows 7.
    Windows 7's XP Mode and Security
    Tags: ( windows-7 xp-mode )
  4. I don't own a Mac, so I have not read this article in depth. However, it certainly can't hurt to check it out and send it to those who do have Macs that might benefit from the information within.
    15 easy fixes for Mac security risks
    Tags: ( macosx securing )
  5. ENISA is conducting a security risk assessment of cloud computing. They are interested in your input. Go forth and opine on their survey.
    ENISA Cloud Risk Assessment: What Are Your Concerns about Cloud Computing? | Cloud Security
    Tags: ( cloud assessment enisa )
  6. Time to patch Firefox if you haven't already. For those running the beta, beta 4 is out also.
    Mozilla Updates Firefox, Now At Version 3.0.10
    Tags: ( vulnerability firefox patches )
  7. I attended part 1 and it was quite good. Check it out.
    The Ethical Hacker Network - Webcast: Modern Social Engineering Part II - Top 5 Ways to Manipulate Humans Over the Wire
    Tags: ( webcasts social-engineering )
  8. Chris's thoughts on the Verizon Breach report.
    2009 Verizon Breach Report << Risktical Ramblings
    Tags: ( verizon dbir )
  9. John talks about an interesting report that takes a look at the cost of a lost laptop. Not as obvious as you might think.
    The Real Costs Of Laptop Loss - Evil Bytes Blog - Dark Reading
    Tags: ( laptops )
  10. Dan's list of 10 add-ons that information security professionals might find helpful. I use several of them.
    10 Essential Firefox Plugins for the Infosec Professional | dmiessler.com
    Tags: ( firefox add-ons )
  11. Some nifty updates and changes in the Jeriko project. Check it out.
    Jeriko Group and Source Code Repository | GNUCITIZEN
    Tags: ( pentest jeriko )
  12. Time to patch your Chrome installations.
    Google Releases Chrome Browser Security Fix
    Tags: ( google chrome )

That's it for today. Have fun!

Subscribe to my RSS Feed if you enjoy these daily Interesting Bits posts.

Kevin

{ 0 comments }

Good afternoon everybody! I hope your day is going well.

Here are today's Interesting Information Security Bits from around the web.

  1. Tricky. Very, very tricky and easy to fall for.
    BBC NEWS | Technology | Parking ticket leads to a virus
    Tags: ( malware social-engineering )
  2. Julie has a great post up on the Security Forum. Moving outside of your comfort zone goes hand-in-hand with the never stop learning tenet that I live by.
    Running Outside the Zone : The Security Catalyst
    Tags: ( general )
  3. Rich and Alane have released the full paper "The Business Justification for Data Security." I gotta tell ya, my reading pile is getting taller and taller. This one, however, will go near the top.
    The Business Justification for Data Security- Version 1.0 | securosis.com
    Tags: ( security justification model )
  4. Jeremiah takes a stab explaining what a number of the organizations that produce web app sec guidance are and also talks about the lists they produce. A good read.
    Jeremiah Grossman: Who's who and what's what
    Tags: ( webappsec )
  5. The public draft for "Recommended Security Controls for Federal Information Systems and Organizations" is available for review and comments.
    Recommended Security Controls for Federal Information Systems and Organizations (PDF)
    Tags: ( nist 800-53 )

That's it for today. Have fun!

Subscribe to my RSS Feed if you enjoy these daily Interesting Bits posts.

Kevin

{ 0 comments }

Rich Mogull has a post up that points to the New Identity Theft Stats provided by Debix. Interesting to actually see some numbers.

Amrit Williams has some interesting thoughts on the iPhone creating a mobile malware tipping point.

Russell Handorf gives us some guidance on How-to easily deploy honeypots for production networks.

Kai Roer gives us a look at how someone might go about gathering information about you or your company.

I came across this from friend feed. SecurityTube.net - videos for security folks. Some interesting stuff there.

Finally, are you a computer security professional. Read the the article and see how many of the observations you agree with or exhibit.

Have a good day.

Kevin

Technorati Tags: , , , , ,

{ 0 comments }