While there was some interesting news going around the Twittersphere this week, we were happy to see that there were quite a few events that were being discussed.

We also got a Facebook, so be sure to join us at facebook.com/grecs. Now, on to the tweets!

It seems that social engineering has been getting quite a bit of attention lately…

• Is where good opsec helps. RT @CSOonline NEW: Social Engineering: 5 Sec Holes at Office: We poked around a secure building .. (cont… #
• …cont) http://tinyurl.com/lpj9b7 #cmt #
• More. RT @CSOonline NEW: Social Engineering: The Fine Art of BS, Face 2 Face: A confrontation w/ facilitie.. http://tinyurl.com/m4vpll #cmt #

We can’t help but feel that getting back to basics would help with some of the problems people encounter because of social engineering.

• It’s the basics! RT @mubix RT @devilok: “Def Passwords Led to $55 Million in Bogus Charges” http://bit.ly/HJ4Hv ….. @hdmoore ? #cmt #

In addition to talking about social engineering, local security bloggers had a lot to say this week. Check out our top three picks of the week here.

• RT @geminisecurity New blog post: iPhone 3G S – Hardware Encryption? http://bit.ly/eyNZR #novablogger #
• Should do this for entire OS. RT @TruSecure Internet Cleanroom: New weapon against drive-by download attacks http://tinyurl.com/l44sgp #
• RT @geminisecurity New blog post: DNSSEC http://securitymusings.com/article/1117/dnssec #novablogger #
• RT @room362 [Blog] Rant Back – ValSmith: http://ping.fm/0GWaJ #novablogger #
• RT @mubix RT @room362: [Blog] PassiveX fun with Metasploit: http://ping.fm/9jwKJ #novablogger #
• RT @mubix Blogged PassiveX fun w/ Metasploit – Room362.com: Posted this walkthrough 2 Metasploit ma.. http://tinyurl.com/nfx9b8 #novablogger #
• Awesome post w/ everything! RT @room362 [Blog] Getting your fill of Reverse Eng & Malware Anal: http://ping.fm/8Y3bb #novablogger #
• CONS, PEN TEST, & IR: In 1 of 1st posts on new @carnal0wnage blog, valsmith goes 4 broke. http://tinyurl.com/ny75dh #novablogger #
• PDF DEFILING: Nother post at @carnal0wnage, amesc gives intro in brking PDF viewers. http://tinyurl.com/nn4wxw #novablogger #
• IS SEC INCIDENT CLASS: Catching up on Bejtlick reading. Here’s update 2 his classification scheme. http://tinyurl.com/l5zy7u #novablogger #
• IR LESSON 1: Bejtlich defines the phases of a compromise. http://tinyurl.com/mjttfw #novablogger #
• IR LESSON 2: Next, Bejtlich goes into details of various incident detection paradigms. http://tinyurl.com/kjvrnq #novablogger #
• IR LESSON 3: Rich continues series by disc methods of digital situational awareness. http://tinyurl.com/oto3tf #novablogger #
• CLASSIFICATION SCHEME UPDATE: Bejtlich updates his class scheme to include 3 crisis levels. http://tinyurl.com/ktrbrw #novablogger #
• CRISIS 0?: A reader suggested another crisis level of 0. Rich discusses pros/cons. http://tinyurl.com/nz6hd5 #novablogger #
• CI OPTS 4 DIGITAL SEC: Bejtlich expands his situational awareness methods to CI ops. http://tinyurl.com/mqyyyv #novablogger #
• POA&M ABUSE: Somehow I missed his tweet but here @rybolov discusses POA&M abuse. http://bit.ly/1biVC8
  #novablogger #

And now, all of those events we mentioned, starting with CharmsecFIRE. (Speaking of which… did anyone check out CharmsecFIRE? If so, how was it?)

• RT @electricfork looking forward to charmsecFIRE this Sunday #charmsec #sansfire #blatantplugging http://charmsec.org #mtg #
• RT @marcusjcarey CharmSec 13.5 “CharmSecFire” will be June 14th at 7PM, a Sunday evening, at Pickles (not Slainte!). #mtg #

The GMU Cloud Computing and Security event…

• RT @technogeezer Getting rdy 4 pre-panel con call 4 GMU Cloud Computing Sec & Compliance Challenges tomorrow, http://bit.ly/1wt9R #mtg #
• RT @technogeezer Presentations from the Security & Cloud Computing Panel at GMU, http://bit.ly/19Y9p #con #

The ISACA – NCA meetup…

• RT @DuvalSearch Attending NCAC ISACA Annual Meeting morrow in DC. Come say hi & meet us at free mixer afterwards http://bit.ly/15SVVD #mtg #

PrivacyCampDC…

• RT @txitua RT @Phillyberg: Fantastic event 2 talk a/b #privacy, transparency & #opengov. @privacycampDC http://tr.im/nOjS (pls. RT) #con #

AppSecDC09… (For those of you who like to procrastinate, don’t forget to get your talks submitted to AppSecDC by today!)

• RT @AppSecDC09 Only 1 week left 2 submit talks 4 @AppSecDC09. #CFP ends 6/15/09! Goto http://bit.ly/ZVgpO 4 submission instructs. #con #

And Symantec.

• RT @marcusjcarey FREE Event – Symantec Government Symposium 2009 @SymantecGovSym http://twurl.nl/nqoqjs | See you there #mtg #

Told you there was quite a few events. They all look interesting—even more interesting than the controversy surrounding the iPhone 3G S.

• Is full-flash encrytpion in 3.0? RT @mubix RT @devilok: “YouTube – iPhone Forensics-Live Recovery over USB” http://bit.ly/nokoc #
• Sort of answers my earlier question. RT @jaysonstreet RT @antonznet iphones 3GS new hardware encrypt- not very encrypt http://2short.ca/2a9y #

We can’t help but wonder if rapid expansion is part of Apple’s security problems…

• So true. RT @IBMFedCyber RT @helpnetsecurity: Sec risks grow as bizes rush 2 adopt emerging tech (http://bit.ly/7GFdZ) #cmt #

We also can’t help but wonder if Obama’s Cyber Security Plan will be able to do something about the problem.

• RT @IBMFedCyber RT @infosecstuff: Obama’s Cyber Plan Needs More Oomph – Interview w/ Eugene Spafford of Purdue Univ http://snipr.com/jtyz3 #
• RT @cyberwar Hathaway wants cyber security policy official job. http://bit.ly/1anuFk #

Maybe the NIST is a more likely bet?

• RT @danphilpott NIST released the FIPS 186-3 Digital Signature Standard (DSS) today: http://is.gd/XrUx (PDF) #
• RT @danphilpott NIST released a markup version of the recently released final draft for SP 800-53 Revision 3: http://is.gd/Xs8G #
• RT @danphilpott NIST also posted the Federal Register Notice announcing FIPS 186–3 Digital Signature Standard: http://is.gd/Xstk (PDF) #

More stuff about cyber plan…

• RT @IBMFedCyber RT @infosecstuff: Obama’s Cyber Plan Needs More Oomph – Interview w/ Eugene Spafford of Purdue Univ http://snipr.com/jtyz3 #
• RT @cyberwar Hathaway wants cyber security policy official job. http://bit.ly/1anuFk #

And now, a word to the wise…

• Just closed on selling 1st house! Been tough week. My advice in my current state of mind – never buy a home. Much easier to bug landlord. #

And, don’t forget…

• Just got facebook.com/grecs. Just hit that 5 character mark. #

Don’t forget to follow me during the week @grecs for more news and events.

o o o o o

Wanna hack your career?

Tags: digest, grecs, twitter

This entry was posted on June 15, 2009 at 11:00 am and is filed under NoVA Email Lists/Networking. You can follow any responses to this entry through the RSS 2.0 feed.