Grec’s Weekly Infosec Ramblings for 2009-06-07
Move over 60-Day debaters; it seems that China has come to steal the spotlight with their “Great Firewall of China.” But even in the midst of international security gone awry, we do have some things to look forward to—mainly the iPhone and Google Wave. Read about all of that and more in this week’s Twitter digest.
More 60-Day stuff in case you haven’t gotten tired of it already.
- 60-DAY REPORT WISHES: Stuff we wish we would have heard. http://tinyurl.com/lq7jet #novablogger #
- CYBERSEC INITIATIVE: SF’s story summarizing the 60-day report and Obama’s speech. http://www.securityfocus.com/news/11551 #
- NOTHER 60-DAY/SPEECH SUM: DarkReading’s. Pretty much same as others but always good 2 get > 1 view. http://tinyurl.com/n236tl #
- NEWSBITES: Discussions on the 60-Day review and more… http://bit.ly/16HGaZ #
- gd critique. RT @IBMFedCyber Gene Spafford cmts on 60Day review: http://is.gd/LVOP – still thinking it ovr but i’m somewhat on his side hre. #
- Nice article. Not foc on private sector – good/bad? RT @TruSecure What Obama’s Cybersec Plans Mean 4 Businesses.. http://tinyurl.com/l5ywpo #
While it might not be quite as popular as the discussions surrounding the 60-Day initiative, there’s no denying that visualization has become quite popular.
- VISUALIZATIAON: All the rage now … w/ so much sec info 2 analyze. Rev+free chapt of App Sec Viz. http://tinyurl.com/nr9eml #
But either way you look at it, the issues in China will be stealing all of the spotlight soon enough.
- AROUND GREAT FIREWALL OF CHINA: Have blocked most of everything. Still ways to get your fix though. http://tinyurl.com/qcaxws #
- CHINA BLOCKS SOCIAL NET SITES: 4 those that haven’t heard. Unfort, no 1 in China will get this. http://tinyurl.com/kodu8d #
But some of the other most interesting newsbites last week?
- NEWSBITES: Playing catchup… some interesting stories though. http://bit.ly/xJhSp #
- NEWSBITES: Ok, here is another one… Love these summaries. http://bit.ly/1yboOH #
- NOTHER NEWSBITES: All caught up new w/ these. Good reading. Lot of companies seem 2 b loosing data. http://tinyurl.com/nepcuc #
There were also quite a few interesting posts written by local infosec bloggers.
- INCIDENT RATINGS: Bejtlich’s attempt to try to help mgmt understand. http://tinyurl.com/m2qtfe #novablogger #
- FALSE ARGUMENTS: @electricfork discusses trying to convince people to “fix it”. http://tinyurl.com/nmlk7f #novablogger #
- METASPLOIT LIBRARIES: @carnal0wnage discusses simplifying metasploit development. http://tinyurl.com/lzo8gl #novablogger #
- RT @VRT_Sourcefire New Blog Post: DoJoSec roundup http://tinyurl.com/q3zqtm #mtg #
- RT @VRT_Sourcefire New Blog Post: ClamAV DoJoSec Talk Addendum http://tinyurl.com/plyw2b #mtg #
- RT @geminisecurity New blog post: XVI32: Hex Editor of Champions http://bit.ly/f1vk5 #novablogger #
- BEJTLICH 4 CYBERSEC COORDINATOR: Rich reposted quote fr art that included part of him as new head. http://tinyurl.com/occ5bc #novablogger #
- RISK & TERPS: @rybolov discusses a risk managers guide to working with interpreters. http://bit.ly/jMybC
#novablogger # - Excellent post. Need 2 brk out of structure at certain point. RT @pauldotcom New Post: “Find time 2 put the tools away” http://bit.ly/bV38k #
- Nice tutorial. RT @geminisecurity New blog post: Apache & SSL: Generating CSR & Self-Signed Cert http://bit.ly/16iO59 #novablogger #
But if you’re tired of just reading about news and events, why not get involved in some?
- RT @baltimorenode Baltimore Node organization and planning meeting: June 11, 7PM @ Red Emma’s bookstore. http://is.gd/Pnst #mtg #
- RT @danphilpott PrivacyCampDC 2009 – R u coming? Register here & c who else will b there! #Privacy http://ow.ly/bnAp (via @IsCool) #con #
- RT @hacdc New post: OpenStreetMap Mapping Party June 13th, all day http://tinyurl.com/opmusr #mtg #
- RT @charmsec > @SANSInstitute CharmSec invites #sansfire09 attendees, instructors, 2 drop in at Pickles, 6/14, 7pm, walking distance #mtg #
DojoSec is a great place to start.
- RT @VRT_Sourcefire New Blog Post: Tweeting from DoJoSec http://tinyurl.com/q3xqwl #mtg #
- RT @marcusjcarey DojoSec content for tomorrow night is awesome, it’s streaming 6PM EST tomorrow night http://stream.dojosec.com #mtg #
- RT @marcusjcarey Tomorrow at DojoSec, Sourcefire going to show people how to write custom Clam AV signatures http://www.dojosec.com #mtg #
- RT @dojosec This Thursday – DojoSec Monthly Briefings. Visit http://www.dojosec.com for details. #mtg #
But now for some not-so-surprising news in the form of Twitter becoming something you can make money off of. (Just remember to be careful!)
- MAKE $$$ ON TWITTER?: Not sec related but an interesting art. May work but you’d need 2 b very careful .. or get massive unfollows. #
But that pales in comparison to the news we’ve all been waiting for…
- CIS IPHONE CONFIG: CIS released stnd 4 iPhone. Now Apple just needs 2 build in sec features.
http://tinyurl.com/n7qvhc #
Well, it’s the news we’ve been waiting for, anyways. But maybe others of you have been looking forward to Google Wave?
- RIDING THE SECURITY WAVE: Google Wave looks 2 b very useful. Hopefully, security is being built in. http://tinyurl.com/ofwa6l #
- Has anyone seen anything on how Google is building security into Wave? #
Hopefully they’re building in some good security, unlike other people we could mention.
- PHISHERS & FACEBOOK: It all comes back to social engineering. Again end user training is big here. http://tinyurl.com/mhhxjy #
People should check out these resources to stay protected in the future.
- SOCIAL MEDIA POLICY: Sec starts w/ policy. This article outlines basics any co. should consider. http://tinyurl.com/qyagg7 #
- TWITTER SAFETY: Nice art a/b how 2 stay safe. Most attacks are social eng based. Sound familiar? http://tinyurl.com/o5yp6f #
Since summer’s right around the corner, why not check out some great summer reads?
- Great ideas! RT @CSOonline NEW: Summer Reading for Security Pros: Schneier or Sagan? http://tinyurl.com/pwfznb #cmt #
Don’t forget to follow me during the week @grecs for more news and events.
o o o o o
Wanna hack your career
RSS Feed
Email Alerts