Get the best tweets of the week in our “Infosec Ramblings” feature, published every Monday. In it we highlight Twitter trends, what’s going on in the local MD/DC/NoVA area, and (try to) entertain you in the process.

If you don’t already follow us on Twitter, stop by and say hello @grecs.

In case you missed them, here’s a breakdown of the meetups from this past week.

• Reminder: HacDC Microcontroller Mondays Meetup is 2day! http://tiny.cc/qTGMg. C ths nova #mtg & othrs http://bit.ly/nipmtg. #
• RT @electricfork Hey, isn’t charmsec this week? I’m in, who else is going? #mtg #
• RT @charmsec CharmSec 15 is in 2 days. nevr bn? stp at Slainte 4 dinner, chat w/ fellow Baltimore infosec folks. No dues,.. #mtg #
• Reminder: CapSecDC Meetup is 2morrow http://tiny.cc/YjfcP. C ths #mtg & othrs via iCal http://bit.ly/nipcal. #
• Reminder: CharmSec Meetup is 2morrow http://tiny.cc/TEbd2. C ths #mtg & othrs via iCal http://bit.ly/nipcal. #

Be sure to check out these upcoming meetups!

• RT @owaspdc nxt OWASP DC #Mtg is August 5th at GWU. Dan Cornell on Vuln Mgmt in AppSec, & Mike Smith on SCAP. http://bit.ly/13TdnC #
• RT @OWASPNoVA Aug #Mtg info posted: Dan Cornell & great panel. How 2 conduct manual assessments http://tinyurl.com/d237zr #
• RT @rybolov OK, subtitle for my upcoming SCAP preso (OWASP DC Chapter 08/05): “Automatisch, Praktisch, Gut!” #mtg #

In addition to meetups, there’s also some upcoming conferences that you might want to check out.

• RT @AppSecDC09 Due to huge response to #AppSecDC CFP we will be adding 4th track to conference. More at http://appsecdc.org #con #
• RT @AppSecDC09 #AppSecDC More talks; McCray: Adv SQL Injection, Fisher: The Big Picture: Web Risks & Assesments Beyond Scanning #con #
• RT @AppSecDC09 #AppSecDC Eston & Johnson: Social Zombies: Your Friends Want to Eat Your Brains, Lars Ewe: Dev Issues w/i AJAX Apps #con #
• RT @danphilpott Looking forward to CSA Federal Cloud Security Symposium on August 5th at Mitre (McLean, VA): http://bit.ly/7GeRF #con #
• RT @securitytwits RT @oneeyedcarmen: @securitytwits Anyone planning to attend CSI2009 in DC in Oct? #con #

And the best news of all… Shmoo dates have been announced!

• RT @securitytwits RT @jack_daniel: February 5-7, 2010. Shmoocon. That is all. (and, yes, your company can help sponsor a ShmooBus.) #con #

While many of the usual NoVA Bloggers were at BlackHat, there were still a few brave souls keeping the blogosphere going while the others were gone.

• RT @geminisecurity New blog post: Sanitizing Input in Web Apps (Part 2) http://bit.ly/yoSvz #novablogger #
• RT @rybolov Another quite long blog thingy on going to war with the cyberarmy we have… http://bit.ly/2VaFsp #novablogger #

Speaking of NoVA Bloggers, security expert Richard Bejtlich kept up a steady stream of great posts all week.

• VOICE OVER IP SECURITY BOOK REVIEW: Bejtlich’s review of this book. 4 stars… http://tinyurl.com/n3tpl8 #novablogger #
• THREAT-CENTRIC THINKING: Another post Bejtlich did 4 Fudsec.com on how more thinking this way. http://tinyurl.com/lm7tdh #novablogger #
• OISF Meeting Notes: Nice sum fr Bejtlich on this month’s OISF meeting. Go GPLed network IDS/IPS! http://tinyurl.com/njfchv #novablogger #
• COULD DEFINITION: From BH EU Bejtlich’s favorite slide for definition. http://tinyurl.com/kkonj3 #novablogger #
• BEJTLICH BH THOUGHTS: Plus he mentions his new Twitter acct. Now we all know it’s really him. http://tinyurl.com/lkv8n6 #novablogger #
• Meant “CLOUD” not “COULD”… #
• COMPANY FINED BY CUSTOMER: Someone pointed out this interesting story to Bejtlich. http://tinyurl.com/l8lrvy #novablogger #

Oh, and he’s now on Twitter!

• RT @iamnowonmai Bejtlich is on Twitter – @taosecurity #

Looking to learn some new skills? Give these a try.

• NEW CHALLENGE: @sans_isc announced new hacker chall called Prison Break – Breaking, Entering & Decoding. http://twurl.nl/ibklbx #edu #
• hre is direct link. RT @ethicalhacker Ed Skoudis presents new Skillz Challenge based on Fox’s Prison Break http://bit.ly/qPZcP #edu #
• RT @bearo80 US Cyber Challenge – CSIS http://ff.im/-5N2UU #edu #
• ONLINE SECURITY EDUCATION: Nice post fr @GovInfoSecurity. 5 good universities to choose fr. BS, MS, PhD, … http://bit.ly/goon9 #edu #

You can also try some of these great tools.

• RT @DarkReading ‘MonkeyFist’ Launches Dynamic CSRF Web Attacks http://bit.ly/yTWOO #tool #
• RT @mubix Maltego Mesh is out on Informer: http://bit.ly/n8beU – Awesome! #tool #

And now, all about the iPhone.

• IPHONE SECURITY: Nice sum. RT @dallendoug .@mringlein RT Hints for iPhone users at #defcon http://bit.ly/jmCnq (via @thedarktangent) #
• RT @quine TAFT – “There’s an Attack For That” – iPhone app to attack imp and config flaws, Vmail notification #blackhat #
• Interesting. RT @mubix @securls: iPhone 3GS Security Holes Revealed in YouTube Vids http://bit.ly/13cw5z #
• RT @krvw iPhone 3.0.1 update is out. Apparently fixes the SMS bug reported at BH. Use iTunes to update yours ASAP! #
• RT @mubix FCC getting ready to drop a bomb on Apple for denying the Google Voice iPhone App: http://bit.ly/150CTX #

Have you heard about Twitter Gate?

• Lol. RT @bobgourley The hunt is on. Who is @realtweetthroat? Started analysis based on text content. U have any clues? #realtwittergate #

Twitter, per usual, is also having some other problems.

• RT @avivra Burn baby, burn! #MoTB 28: Reflected XSS vulnerability in tweetburner. http://is.gd/1SMiq #
• RT @avivra Last Month of Twitter Bugs vuln – #MoTB 31: Twitter Integrated Search Reflected XSS. http://is.gd/1Xmgl #

In case you missed it last week, please be sure to visit Marcus at his new online home!

• RT @marcusjcarey Moving all my business operations over to Saecur – http://www.saecur.com Twitter:@saecur #

Oh, and before we go… there’s some good news for those of you who want to be spies.

• RT @IBMFedCyber > @baltimoresun: Wanna be a spy? NSA might create as many as 11,000 new jobs in Maryland. http://tr.im/uXrv #job #

Tags: digest, grecs, twitter

This entry was posted on August 3, 2009 at 12:00 pm and is filed under NoVA Email Lists/Networking. You can follow any responses to this entry through the RSS 2.0 feed.