webappsc

Interesting Information Security Bits for 03/27/2009

by kriggins on March 27, 2009

in Interesting Bits

Good afternoon everybody! I hope your day is going well.

Here are today's Interesting Information Security Bits from around the web.

  1. F-Secure has a great Q&A posted about Conficker. Short version: Like the good book [Hitchhiker's Guide to the Galaxy] says, "Don't Panic!"
    Questions and Answers: Conficker and April 1st - F-Secure Weblog : News from the Lab
    Tags: ( malware conficker )
  2. A very thoughtful and thought generating piece by Jeremiah. The comments are also worth reading. I am very interested to see where this goes and hope to be a part of it in some small way.
    Jeremiah Grossman: Website security needs a strategy
    Tags: ( webappsec )
  3. Some nice guidance for when you decide to develop that file upload utility.
    SecuriTeam Blogs >> File upload security recommendations
    Tags: ( secure-coding )
  4. Lorrie reviews Michael's book which I have also reviewed. I agree with everything she says.
    Why you must dive Into the Breach
    Tags: ( books reviews )
  5. Time to patch OpenSSL.
    OpenSSL patches three security holes | Zero Day | ZDNet.com
    Tags: ( vulnerability patches openssl )
  6. Daniel puts together a very good set of observations regarding information security as an enabler. Like Daniel, I am not a proponent of presenting information security as a enabler. Except for specific cases where information security related activities/products actually produce your revenue stream, it does not increase revenue, provide efficiencies, or other wise make it 'easier' to do business. It IS a vital part of doing all the above safely and responsibly however.
    The Problem With Selling Information Security as a "Business Enabler" | dmiessler.com
    Tags: ( opinion )
  7. More yummy goodness from Synjunkie on abusing Citrix servers.
    Syn: Abusing Citrix - Part 4
    Tags: ( hacking citrix )
  8. Andrew is tackling a topic that is near and dear to us all, being provided development opportunities by our employers.
    A Multipart Letter to Employers of Security Professionals : The Security Catalyst
    Tags: ( general )
  9. Go give your six words on security. I will be.
    6 words on Security: A Challenge : The Security Catalyst
    Tags: ( general )

That's it for today. Have fun!

Subscribe to my RSS Feed if you enjoy these daily Interesting Bits posts.

Kevin

{ 0 comments }