Good afternoon everybody! I hope your day is going well.

Here are today's Interesting Information Security Bits from around the web.

  1. Amrit debunks 5 information security myths.
    The Top 5 Cyber Security Myths << Amrit Williams Blog
    Tags: ( general myths )
  2. WooHoo! Sourcefire celebrated 10 years last week.
    Sourcefire Network Security - Investor Relations - Press Release
    Tags: ( ids ips sourcefire )
  3. (via M. E. Kabay @ NetworkWorld) A list of information security maxims. Quite a hoot.
    Security Maxims [Vulnerability Assessment Team (VAT)] - Nuclear Engineering Division (Argonne)
    Tags: ( humor maxims )
  4. An exploitable DirectShow vulnerability has surface. There are some work-arounds though.
    Microsoft DirectShow is Vulnerable - F-Secure Weblog : News from the Lab
    Tags: ( directshow microsoft vulnerability )
  5. As usual, Jennifer makes a somewhat difficult topic easy to understand. This is particularly topical for me as I was just having this discussion with some folks last week.
    Understand the differences in network access control solutions
    Tags: ( nac )
  6. Richard is asking for some feedback on an Information Security Incident Rating scale he has developed. Take a peek and let him know what you think.
    TaoSecurity: Information Security Incident Rating
    Tags: ( breach data-leakage )
  7. Daniel shows us how to setup splunk as a remote syslog server.
    HOWTO: Use Splunk as Your Remote Syslog Server |
    Tags: ( splunk syslog )
  8. Issue 21 is out.
    (IN)SECURE Magazine
    Tags: ( magazine insecure )

That's it for today. Have fun!

Subscribe to my RSS Feed if you enjoy these daily Interesting Bits posts.



Hi folks. Lots of stuff today so let's just get to it.

From the Blogosphere.

Alan over at Security Thoughts answers Dre's post about the CISSP is on it way out. I tend to agree with Alan more that Dre, but understand Dre's point also. How's that for being wishy washy. Go read both.

Jeremiah asks 5 questions about webappsec in order to generate some conversation. Good reading in there.

By way of Zero Day, Sourcefire has released a free tool, OfficeCat, that attempts to scan Microsoft Office files for detection of possible exploits. Very nifty.

Rebecca has an article up that gives us Sixs Ways Organizations Can Lessen Mobile Computing Risks. Good collection of things to think about.

Matasano has some comments available about several vulnerabilities in Ruby. Everybody using Ruby has some patching to do.

Anton is happy about the release of their CEE (Common Event Expression) white paper.

Jeremiah is really on a roll with the asking of interesting questions that spark some great interaction. The question this time, "Day 1: Starting at the beginning". Your a new hire in charge of security, what are your first steps. BTW - Congratulate him on achieving his purple belt in Brazillian Jiu Jitsu while you are there.

From the Newsophere.

Via Dark Reading, a researcher is going to be demonstrating a remote permanent denial-of-service (PDOS) attack at EUSecWest this week. Should be interesting.

Also from Dark Reading, Fortinet has been awarded four new patents for network virtualization and security related inventions.

Information Week
has a Reuters article up that informs us that the bill shielding U.S. telephone companies from lawsuits has passed the House.

Well that's it. Have a great day.

KevinTechnorati Tags: , , , , , , , , ,