white papers

Good day all. Got a pretty good bunch o bits to take a look at today. So, without further ado, here we go!

From the Blogosphere.

The Sunbelt blog warns us about some CareerBuilder jobs being emailed out which are scams. Be careful out there. They will get you any way they can.

Finjin came across over half a gigabyte of stolen US Healthcare and airline data. Ouch.

Adam writes that Identity Theft is more than Fraud By Impersonation. He points out than in many cases, the real pain of identity theft is not monetary, but dealing with the tarnishing of you good name as you try to clean things up. He has a good suggestion for trying to help with this issue. Go read about it.

Security4all points us to a couple of white papers that are worth giving a gander. The Extended HTML Form Attack Revisited by Sandro and Enablesecurity and Defeating the Network Security Infrastructure by Philippe at Radarhack.com. They are both on my reading list now.

Irongeek has released a little tool called DecaffeinatID that

"DecaffeinatID is a simple little app that acts as an Intrusion Detection System (more of a log watcher really) to notify the user whenever fellow users at their local WiFi hotspot/ LAN are up to the kind of "reindeer games"

Looks pretty nifty.

Rich has another missive that deserves to be read more than once. He talks about Database connections and Trust. I am not going to attempt to summarize what he puts forth. Go read it.

You may have already heard about this, but a vulnerability exploit has been found in FF 3.0. It was reported to Tipping Point and passed on to Mozilla. They are working on a fix.

Amrit and Hoff both are talking about wheither virtualization security is a technical problem or an operational problem. Both are good reads. I won't spoil it for you by giving away their conclusions.

F-Secure has released version 3.0 of their Rescue CD. Could come in handy.

From the Newsosphere.

Via cjonline.com, some Kansas state equipment that was to be sold to the public contained confidential information. People, please make sure you have data retention, handling and destruction policies and procedures and that they are adhered to.

From Dark Reading, ICSA Labs Forum has advanced a security standard for IPv6.

Pointed to by Hack in the box and reported by Computer World UK, two laptops without encryption have been lost. This time by the HNS trust in the U.K.

Again via Hack in the box and reported by Wired, it looks like Citibank had an intrusion that allowed a couple of men to grab at least $750,000 from atm machines in New York City. Oops.

That's it for today. Have a good one.


Technorati Tags: , , , , , , , ,