Grecs’ Weekly Infosec Ramblings for 2009-10-29

If you’re not already following the NovaInfosec Twits and are wondering where to get the best tweets about security in the NoVA, DC, and MD area, look no further than this post.

Posted every Friday, our “Infosec Ramblings” post takes the best security tweets from the past week and puts them into one easy to digest post.

If you don’t want to wait an entire week to read the best security tweets, be sure to stop by @grecs or learn more about the NovaInfosec Twits.

There seemed to be quite a few meetups this past week. Did you get to attend any of them?

• RT @hacdc HacDC hosting class on fun w/ EL Wire on 10/27 at 7:30, just in time 4 Halloween! 1525 Newton St NW in Columbia Heights #mtg #
• RT @charmsec U R coridally invited to very special, very spooky CharmSec, this Thurs, 29th, at @Slaintepub. We start at 7pm. #mtg #
• RT @baltimorenode Weekly meeting tonight 7:30. Agenda: http://ow.ly/wP89 #mtg #
• Reminder:10/28 CapSecDC Meetup – Normal meeting (Washington, DC) c ths #mtg & othrs via iCal http://bit.ly/nipcal #
• Reminder:10/29 CharmSec Meetup (Baltimore, MD) C ths nova #mtg & othrs http://bit.ly/nipmtg #
• RT @electricfork hey everyone, @charmsec is this Thursday. looking forward to this months since I missed October. #mtg #

There’s also some upcoming meetups for those of you who are interested.

• RT @hacdc ELWire Night @ HacDC tomorrow been postponed. Stay tuned 4 more updates. Feel free 2 come by 4 Open Lab time instead. #mtg #
• RT @baltimorenode Circuit Bending Workshop this Sat 1pm. http://ow.ly/wPpo Adv tickets: http://plasticsurgery101.eventbrite.com/ #mtg #
• RT @baltimorenode Circuit Bending Workshop this Sat 1pm. http://ow.ly/xjF9 Adv tickets: http://ow.ly/xjEc #mtg #

If you don’t have time to make it to any of the weekly security meetups, why not try attending one of these upcoming conferences?

• RT @taosecurity Wed last day 4 discounted reg 4 SANS WhatWorks in Incident Detection Summit in DC on 9-10 Dec 09 http://bit.ly/DhEZH #con #
• Looks fun. RT @signalmag Next AFCEA Solutions Dec 2-3 on cybersecurity http://www.afcea.org/events/solutions/09/cyber/intro.asp #con #
• RT @TrustBearer We’re heading out to D.C. this week for Smart Cards in Gov #Con. We’ll be in booth #309 – be… http://bit.ly/3jrYcQ #
• RT @shmoocon Upcoming cfp deadlines for #ShmooCon: Nov. 1, papers for first round consideration due. Nov 20, cfp ends. #con #
• #Con updates.. RT @marcusjcarey DojoCon Speaker page updated, still more info on the way http://bit.ly/4v70vd #

For those of you that don’t know, we have some pretty awesome infosec bloggers in the local area. You can check out some of their articles below.

• EVIL MAID: You’ve prob already seen this .. but @taosecurity summarizes it in this post. http://ow.ly/w4Db #novablogger #
• METASPLOIT JSP SHELLS: @carnal0wnage gives a nice technical how-to. http://ow.ly/w4H7 #novablogger #
• BLACKHAT ORACLE/METASPLOIT TALK: If it involves Oracle & Metasploit then @carnal0wnage is prob involved. http://ow.ly/w4M1 #novablogger #
• WIN 7 SECURITY UPGRADE TIPS: @geminisecurity gives general security advice 4 upgrading 2 Win 7. http://ow.ly/w4QI #novablogger #
• LOLCATS 4 SIR BRUCE: @rybolov snuck 1 in b4 shutting down. He points to a pretty hilarious site. http://ow.ly/w4RO #novablogger #
• Awesome list of resourses. RT @mubix Getting your n00b fill of security: http://ping.fm/c6hDi #novablogger #
• WE’RE NOT GOING 2 TAKE IT: RT @taosecurity Partnerships & procurement R not answer 2 cyber threats. http://bit.ly/ScUeq #novablogger #
• RT @marcusjcarey Part 1 & 2 of my Metasponse talk is posted on YouTube http://bit.ly/3suyOy Thanks to Joshua Marpet #novablogger #
• RT @marcusjcarey My complete Metasponse talk from Techno Forensics is now posted on the Saecur Blog http://bit.ly/3suyOy #novablogger #
• Congrats! RT @alexhutton Apparently I have blog post up! http://securityblog.verizonbusiness.com. Its a/b asset value. #novablogger #
• RT @carnal0wnage [Blog Spam] Metasploit Meterpreter & timestomp http://carnal0wnage.attackresearch.com/node/390 #novablogger #

Hacking is an important part in the infosec field; here are some blogs about hacking from infosec bloggers in the local area.

• CHINESE SPONSORED HACKING: @taosecurity brings this article to light. Prob not much of surprise. http://ow.ly/w4Cq #novablogger #
• MORE RE CHINESE HACKING: @moranned highlights more details from this recent report. http://ow.ly/w4DX #novablogger #
• ORACLE HACKER’S HANDBOOK: @carnal0wnage gives good review for this book. http://ow.ly/w4FS #novablogger #
• UNAUTHORIZED ACCESS: Old-school vid @carnal0wnage found out in the twitterverse. http://ow.ly/w4I8 #novablogger #
• SQL INJECTION ATTACKS & DEFENSE: @carnal0wnage puts out nother book review. Seems 2 like this 1 too. http://ow.ly/w4J9 #novablogger #
• HACKING CRAZY TAXI: @mubix ‘s adventures in winning bets and getting high scores… http://ow.ly/w4NO #novablogger #
• NOVA HACKERS: @mubix formalizing NovaSec Luncheons in2 this grp; complete w/ Google mailing list. http://ow.ly/w4Pj #novablogger #mtg #

In case you missed them, here were some of our blog posts from this week.

• BLOGGED: Top 3 NoVA Infosec Blog Posts of the Week http://ow.ly/15WRU0 #
• BLOGGED: Grecs’ Weekly Infosec Ramblings for 2009-10-22 http://ow.ly/15WK1H #
• BLOGGED: Where You Want to Be This Week – 10-26-2009 http://ow.ly/15Xohk #

You can also keep yourself busy with these interesting newsbites:

• RT @danphilpott: YAY! NIST’s Information Technology Lab will not reorganize! http://bit.ly/1Nortf #
• RT @GovInfoSecurity: Search On for 1,000 DHS Cybersecurity Pros. First 150 jobs posted on USAJobs.gov. http://bit.ly/q7VgB #
• Looks like essential reading. RT @danphilpott Network World art on NIST SP 800-53 Rev 3, first of 4 part series: http://bit.ly/hJ4ww #
• Pros & cons. RT @derekcslater RT @BillBrenner70 Companies Seek Social Networking’s Promise, Find Peril Instead: http://ping.fm/sE7EI #
• Awesome. RT @danphilpott RT @infosecstuff: PC World: US Gov’t Cybersecurity Spending to Grow Significantly http://bit.ly/2UQxgh #
• Interesting. Makes sense but what cool acro. RT @DarkReading The ABC’s of DAM (Database Activity Monitoring): http://bit.ly/1XBA48 #
• Any1 know what this runs on? Win/Nix/Mac? RT @jaysonstreet “Hotspot sniffer eavesdrops on iPhone in real-time” http://is.gd/4CoK4 #
• Big news this week. RT @cyberwar Well written analysis of Obama donation site “hack” http://tinyurl.com/ykaq2lk HT @danielkennedy74 #
• RT @ThisIsHNN barackobama.com SQL Injection my have actually been Roosevelt Univ’s cal http://tr.im/De70 So what really happened? #
• Wow, interesting story. RT @rockyd Just observed organized neighborhood dumpster diving. For more see –> http://bit.ly/26A86o #
• RT @danphilpott NIST rel draft of SP 800-34 Rev. 1 Contingency Planning Guide for Federal Information Systems http://bit.ly/164qQa #
• This could be big. RT @danphilpott NIST released a reference database application of SP 800-53 Rev. 3: http://bit.ly/39aNJy #
• RT @danphilpott NIST posted SP 500-280 Mobile ID Device Best Practice Recommendation Version 1.0: http://bit.ly/2jiSSn #
• Well it was good for tweets while it lasted. RT @briankrebs Barackobama.com ‘hack’ is a hoax http://bit.ly/3DnIvK #
• NOTHER MS TOOL: @regsecurity reports on another free Microsoft security tool that locks down buggy apps. http://bit.ly/X6oKF #
• #tobookmark RT @ebellis 4 those who asked, check http://www.webappsec.org 4 info on WASC threat classification & security stats. #scap #wasc #
• Nice writeup! RT @briankrebs Former Anti-Virus Researcher Turns Tables On Industry http://bit.ly/3wCO3N #
• Wow, an iPhone app for SpoofCard. RT @DrInfoSec Call Spoofing: So easy, even famous people do it! http://bit.ly/2WyWf3 #
• Expected results; interesting tool – UAF. RT @DarkReading iPhone, BlackBerry, Palm Pre All Vuln 2 Spear-Phishing http://bit.ly/3xa91F #

Well, that’s all for this week. Be sure to follow us @grecs for more great tweets during the week!

No related posts.

Tags: digest, grecs, twitter