videos

To those in the U.S., welcome back to work unless, of course, you are reading this when it was posted 🙂

Here are some Interesting Information Security Bits from around the web.

  1. Sounds like Paul and I have the same pet peeve. If you are accepting credentials on a page, serve the whole page over SSL, not just the form submission part.
    Not just plain old http | Paul Ducklin's blog
    Tags: ( https integrity )
  2. Are you wondering what is a public network and what is not from a PCI perspective? If so, check out Branden's post.
    Branden Williams's Security Convergence Blog >> The Gobble-Gobble of Public Networks
    Tags: ( pci public )
  3. The call for papers for HITB 2010 Dubai is now open.
    The Professional Security Testers Warehouse for the CEH GPEN QISP Q/ISP OPST CPTS - Hack In The Box (HITB) Security Conference 2010 Dubai
    Tags: ( conferences cfp hack-in-the-box )
  4. Some interesting data about usernames and passwords used during brute force attacks. It was collected by Microsoft.
    Microsoft Malware Protection Center : Do and don'ts for p@$$w0rd$
    Tags: ( passwords )
  5. The Notocon videos are available now.
    The Professional Security Testers Warehouse for the CEH GPEN QISP Q/ISP OPST CPTS - Notacon 2009 video files are now online
    Tags: ( conferences notocon videos )
  6. Ever beat your head against the wall because you can't figure out why that stupid program keeps running every time you restart your computer? This fine list will help track down that pesky critter.
    Immutable Security >> Windows Startup Locations
    Tags: ( windows startup )
  7. This is very very cool. How about being able to ssh to your host on port 80, even when it has a fully functional Apache server running on the same port? Like I said, that is seriously cool.
    Creating Ghost Services with Single Packet Authorization
    Tags: ( access-control tools )

That's it for today. Have fun!

Subscribe to my RSS Feed if you enjoy these daily Interesting Bits posts.

Kevin

{ 0 comments }

Good afternoon everybody! I hope your day is going well.

Here are today's Interesting Information Security Bits from around the web.

  1. Adrian takes a look at a few database encryption myths.
    Securosis Blog | Database Encryption Misconceptions
    Tags: ( database encryption )
  2. The Infosec Cynic interviews Anton Chuvakin.
    Anton Chuvakin - Stuck In the Lift With The Cynic | The Infosec Cynic
    Tags: ( interview )
  3. A new free encryption tool is available. This one is provided by Sophos. That's pretty cool.
    Guest blog: Sophos Free Encryption | Graham Cluley's blog
    Tags: ( encryption tools sophos )
  4. Mark points out that Federal CIO Council's Information Security and Identity Management Committee released a document titled "Guidelines for Secure Use of Social Media by Federal Departments and Agencies." This is good stuff even if you aren't in the public sector.
    New Social Media "Guidelines" - Securing GovSpace
    Tags: ( social-networking guidelines )
  5. This is worth a read and a watch. It is the talk given by Matsano and Nate McFetters at last year's C4 conference. It is some guidance for independent Apple software developers. It also applies to non-apple developers too.
    Matasano Security LLC - Chargen - Indie Software Security: A ~12 Step Program
    Tags: ( sdl )
  6. Jack gives his perspective of the recent Massachusetts 201 CMR 17.00 public hearing. He was not impressed.
    Uncommon Sense Security: Making sausage, one hearing at a time
    Tags: ( law policy )
  7. The BruCon videos are up on the wiki and Xavier is also hosting a local copy.
    /dev/random >> BruCON Talks Video Mirror
    Tags: ( brucon videos )
  8. If you are having some issues with sqlninja and metasploit, take a look at this post.
    RaDaJo (RAul, DAvid and JOrge) Security Blog: Sqlninja & Metasploit
    Tags: ( sqlninja metasploit )
  9. Malware, like all software, tends to have common traits. This article talks about what some of them are.
    Categories of Common Malware Traits
    Tags: ( malware )

That's it for today. Have fun!

Subscribe to my RSS Feed if you enjoy these daily Interesting Bits posts.

Kevin

{ 0 comments }

Good afternoon everybody! I hope your day is going well.

Here are today's Interesting Information Security Bits from around the web.

  1. Download your HAR2009 videos here.
    HAR2009: where to get the presentation videos | Security4all - Dedicated to digital security, enterprise 2.0 and presentation skills
    Tags: ( har2009 videos )
  2. A nice list of password managers worthy of a gander.
    Password Managers, something worth considering. Some Options | Security Active Blog
    Tags: ( passwords tools )
  3. The ToorCon 11 Call for Papers is open.
    ToorCon - Conference
    Tags: ( toorcon conferences cfp )
  4. Kees is trying to get a infosec community going on Long Island. If you are in that area, check it out.
    Long Island Information Security - Kees Leune
    Tags: ( general )

That's it for today. Have fun!

Subscribe to my RSS Feed if you enjoy these daily Interesting Bits posts.

Kevin

{ 0 comments }

Today's Bits has really big phone bills, blocking wi-fi signals, a new NIST publication about protecting PII, more storytelling by Synjunkie, generational differences and their impact on business's security, the winners of the latest Ethical Hacker challenge, HITB videos, and the Top 10 Hacking videos on YouTube.  Read on for details.

  1. Just like any networked device/system, make sure your phone systems are appropriately resistant to attack. Otherwise, you might be faced with some serious phone bills.
    Police investigate phone hacker spree : thewest.com.au
    Tags: ( pbx )
  2. This is interesting, but be careful. There may be laws that affect whether you can you this type of product.
    Techworld.com - New paint promises high-speed Wi-Fi shielding
    Tags: ( wireless blocking )
  3. Rebecca lets us know that NIST has a new publication ready for us, "Guide to Protecting the Confidentiality of Personally Identifiable Information" This should be a good read.
    New Guidelines for Safeguarding Personal Data - Realtime IT Compliance
    Tags: ( pii protection )
  4. Synjunkie has part 3 of the his Newbie Haxor storyline up.
    Syn: The Story of a Newbie Hax0r - Part 3. Lets Get Physical
    Tags: ( stories )
  5. This has been a topic I have been thinking about quite a bit as I get more involved in social networking. As indicated below, the generation just now entering the work force and the one right behind them communicate in a way that is completely different than any generation before them. We are going to have to learn how to accommodate this while maintaining security.
    IT Security's Next Big Threat: Young People - security trends/Vulnerabilities - DarkReading
    Tags: ( risk )
  6. The winners of the latest challenge at the Ethical Hacker Network are posted.
    The Ethical Hacker Network - Santa Claus is Hacking to Town - Answers and Winners
    Tags: ( challenge )
  7. Martin points out that the HITB Malaysia videos are available now.
    Network Security Blog >> HITB Videos available
    Tags: ( videos conferences hitb )
  8. Here ya go. Some hacking videos for you pleasure.
    Hat tip: http://www.stevegoodbarn.com
    Top 10 YouTube hacking videos | NetworkWorld.com Community
    Tags: ( videos hacking )

That's it for today. Have fun!

Subscribe to my RSS Feed if you enjoy these daily Interesting Bits posts.

Kevin

Reblog this post [with Zemanta]

{ 0 comments }

@hevnsnt posted the following message to Twitter this morning.

hevnsnt watching Strand's hacker vids at http://vimeo.com/user595761/videos

There are some nice videos there. Here are the titles of a few with direct links:

Definitely worth spending some time on.

-Kevin

, , ,

{ 0 comments }