usb

Happy New Year everyone! Welcome to the first edition of Interesting Information Security Bits for 2010. We have great crop of things to check out today.

Here are today's Interesting Information Security Bits from around the web.

  1. If you couldn't make it to #26C3, many of the talks are now available on video. Check it out here.
    Download the #26C3 videos and bonus material | Security4all - Dedicated to digital security, enterprise 2.0 and presentation skills
    Tags: ( conferences 26c3 videos )
  2. Uh-oh. Not good.
    NIST-certified USB Flash drives with hardware encryption cracked - The H Security: News and Features
    Tags: ( usb encryption )
  3. Interesting look at small and mid-sized companies being targeted by cyber gangs. By the way, this is Brian Krebs's new site. He is no longer with the Washington Post. Make sure to add it to your RSS reader.
    Buried Warning Signs -- Krebs on Security
    Tags: ( online-banking theft )
  4. Very cool. A new e-mag has been started. Into the Boxes is an e-mag about digital forensics and incident response. Good stuff.
    Into The Boxes: Issue 0x0 << Into The Boxes
    Tags: ( incident-response forensics )
  5. Jack is ready to get the Shmoobus back on the road. If you are in northeast and looking for a ride, check it out.
    Uncommon Sense Security: Shmoobus II
    Tags: ( conferences shmoo )
  6. Mike Rothman has joined Securosis. Good things will come of this.
    Securosis Blog | Introducing Securosis Plus: Now with 100% More Incite!
    Tags: ( general )
  7. Nifty. Version 2 is now available of the Web Application Security Consortium's Threat Classification
    The Web Application Security Consortium / Threat Classification
    Tags: ( wasc threat-classification )
  8. A neat map of the WASC Threat Classification document to the OWASP Top Ten RC1.
    Jeremiah Grossman: WASC Threat Classification to OWASP Top Ten RC1 Mapping
    Tags: ( owasp wasc threat-classification )

That's it for today. Have fun!

Subscribe to my RSS Feed if you enjoy these daily Interesting Bits posts.

Kevin

{ 0 comments }

Hi there folks.

With the final release of Backtrack 4 Final right around the corner, I thought I would get ahead of the curve and update the how-to. I have access to the pre-final via the Informer.

The updated version is where the original Beta instructions used to live. I have copied the Beta instructions to a new page. They can be found here.

So here you go.

http://www.infosecramblings.com/backtrack/backtrack-4-usbpersistent-changesnessus/

-Kevin

{ 0 comments }

Here are today's interesting bits in information security.

  1. This is an interesting story of the DarkMarket sting.
    Three years undercover with the identity thieves
    Tags: ( general )
  2. Just because the website you are visiting is a popular, well-known site doesn't mean that it is complete safe. Conversely, just because a site is declared to host malware, doesn't mean they whole site is malicious.
    70 Of Top 100 Web Sites Spread Malware -- Malware -- InformationWeek
    Tags: ( malware )
  3. Want to get some personally identifiable information on somebody. Find out where they get the dry cleaning done and get a job. Wow.
    9,000 USBs left in Laundrettes : Security Watch - Internet Security News: IT security, Business security, Computer security, Network security, and more
    Tags: ( data gathering breach usb )
  4. Time to patch Quicktime.
    QuickTime 7.6 Fixes First 7 Bugs of 2009 - Security Watch
    Tags: ( vulnerability patches quicktime )
  5. I pointed this out recently. Looks like Seagate users are going to need to patch again.
    Seagate Offers Second Fix For Hard-Drive Firmware -- Storage Security -- InformationWeek
    Tags: ( availability )
  6. This is very cool. I use OpenDNS at home and have never been happier.
    New Security Services Land In Home Routers - DarkReading
    Tags: ( home-networking )
  7. Gonna be a meetup for podcasters at ShmooCon. Looks like a lot of fun.
    Podcasters Meetup at ShmooCon - Room362.com
    Tags: ( conferences meetup shmoocon )
  8. A very nice article about why we need to keep identity and authentication as separate and distinct.
    Hat tip: http://www.schneier.com/blog/archives/2009/01/identity_authen.html
    It's Me, and Here's My Proof: Why Identity and Authentication Must Remain Distinct
    Tags: ( identity authentication access-control )
  9. A new blog talking about SSL and some of the pitfalls one can come across in various implementations.
    Introducing SSLFail.com | tssci security
    Tags: ( ssl )

That's it for today. Have fun!

Subscribe to my RSS Feed if you enjoy these daily Interesting Bits posts.

Kevin

Reblog this post [with Zemanta]

{ 0 comments }