If you’re not already following the NovaInfosec Twits and are wondering where to get the best tweets about security in the NoVA, DC, and MD area, look no further than this post.
Posted every Friday, our “Infosec Ramblings” post takes the best security tweets from the past week and puts them into one easy to digest post.
If you don’t want to wait an entire week to read the best security tweets, be sure to stop by @grecs or learn more about the NovaInfosec Twits.
There seemed to be quite a few meetups this past week. Did you get to attend any of them?
- RT @DuvalSearch Will b attending ISACA Academic & Career Night Mixer in Arlington on 11/17. Hope 2 c u there! http://bit.ly/4pNZ7y #mtg #
- Reminder:ISACA NCA Meetup – 2nd Career & Academic Night – Fall Mixer Nov 17 c ths #mtg & othrs via iCal http://bit.ly/nipcal #
- Reminder: ISSA DC Meetup – Securing Cloud Computing Are You Ready? Nov 17 C ths nova #mtg & othrs http://bit.ly/nipmtg #
- Reminder: ISSA Baltimore Meetup – Avoid Epic Fail: Plan For Network Security Unknown Nov 18 c ths #mtg & othrs via iCal http://bit.ly/nipcal #
- Reminder: ISSA NoVA Meetup – Thoughts on the Future of the Internet and Security Nov 19 C ths nova #mtg & othrs http://bit.ly/nipmtg #
- RT @DuvalSearch We will b attending ISACA Academic & Career Night Mixer in Arlington tonight. Hope 2 c u there! http://bit.ly/4pNZ7y #mtg #
- RT @electricfork: Very special thanksgiving @charmsec is tomorrow. moved up week 2 avoid holiday. Hoping 2 b there, just tad late. #mtg #
- #mtgRT @charmsec: Come 2 @CharmSec 2morrow & learn how 2 turn your computer in2 $-making machine! This is not scam*! It’s so easy! #
- RT @baltimorenode: Open Hack tonight. Hours 7:30ish to 9:30is. Brought to you by @matthewforr. #mtg #
There’s also some upcoming meetups for those of you who are interested.
- RT @IBMFedCyber For those in the DC Area: Hacking 102 free event: http://bit.ly/bMCUx – Hands on Lab. #mtg #
If you don’t have time to make it to any of the weekly security meetups, why not try attending one of these upcoming conferences?
- RT @carnal0wnage @BlackHatEvents Black Hat DC 2010 Upd: 1st round of presos announced. Check them out http://bit.ly/11s2Sw #con #
- Nice sum! RT @wadew: Blog Post: My thoughts on AppSecDC 2009 & why U should “OWASP” – http://bit.ly/2l35sq #AppSecDC #OWASP #con #
- RT @shmoocon: Just reminder- #ShmooCon CFP closes 11/20, that’s tomorrow, at midnight EST. http://www.shmoocon.org/cfp.html #con #
For those of you that don’t know, we have some pretty awesome infosec bloggers in the local area. You can check out some of their articles below.
- RT @falconsview posted resp 2 @andywillingham ‘s post on building sec progs – “How NOT 2 Build Sec Progs” http://bit.ly/yNuUu #novablogger #
- RT @taosecurity Embedded Hardware and Software Pen Tester Positions in GE Smart Grid http://bit.ly/aGpWA #novablogger #job #
- RT @carnal0wnage [blog spam] decompiling flash files w/ SWFScan http://j.mp/4hWLbd #novablogger #
- RT @carnal0wnage [Blog Spam] Customizing Your Metasploit Banners…hey you’re messing.. http://bit.ly/3avrOE #novablogger #
- Yeah! Wade’s back. RT @wadew Blog post: Why use development standards – http://bit.ly/Sf8wU #novablogger #
- EXTENDING SEC: @taosecurity discusses security event correlation. http://bit.ly/33Kmsa #novablogger #
- OFFENSIVE CYBERWAR: @moranned posts about recent article on US’s offensive cyberwar capabilities. http://ow.ly/Dcks #novablogger #
- POLITICAL QUIBBLES: @falconsview doesn’t talk infosec but about some political quibbles. http://ow.ly/DcnW #novablogger #
- Nice sum! RT @wadew: Blog Post: My thoughts on #AppSecDC 2009 & why U should “OWASP” – http://bit.ly/2l35sq #OWASP #con #novablogger #
- NEW ASTARO REVIEW: @mubix has a post about the new FREE Astaro product for the enterprise. Enjoy! http://ow.ly/DvFH #novablogger #
- IMPORTANCE OF POLICIES & PROCEDURES: Or “Stop Blaming the Admins” by @mubix. http://ow.ly/DKUM #novablogger #
- Bypass authen by pretending 2 b Googlebot. RT @mubix: {blog} Brute Forcing Compatibility – http://bit.ly/4BRE5X #novablogger #
In case you missed them, here were some of our blog posts from this week.
- BLOGGED: Grecs’ Weekly Infosec Ramblings for 2009-11-12 http://ow.ly/161m3z #
- BLOGGED: Top 3 NoVA Infosec Blog Posts of the Week http://ow.ly/161qG4 #
- BLOGGED: Grecs’ Weekly Infosec Ramblings for 2009-11-12 http://ow.ly/161sPw #
- BLOGGED: Where You Want to Be This Week (11-16) http://ow.ly/1622Re #
You can also keep yourself busy with these interesting newsbites:
- RT @schneierblog FBI/CIA/NSA Info Sharing b/f 9/11: It’s conventional wisdom that legal “wall” b/t intelligence an… http://bit.ly/30ruin #
- Uh oh. RT @regsecurity Researcher busts into Twiitter via SSL reneg hole http://bit.ly/4nlTxH #
- WHY SEC PROS FAIL: Interesting art. Like 1 quote in para 6. http://bit.ly/3UssEx #
- 3 is huge IMO. RT @DrInfoSec Top 5 Social Engineering Exploit Techniques http://bit.ly/45O1XW [good 4 awareness] #
- So true. RT @DrInfoSec W/ social media, even innocuous cmts can add up 2 data breach http://bit.ly/gpEZp [dangers of aggregate PII] #
- Gotta get 1. RT @schneierblog Bruce Schneier Action Figure: A month ago, ThatsMyFace.com approached me.. http://bit.ly/4dc6hA #
- HACKER DOJO: @marcusjcarey, wonder where Google, Microsoft, & Yahoo got this term from? Next 1 is even in DC. http://ow.ly/CDma #
- CRYPTO-GRAM: It’s that time of the month again.. http://ow.ly/CDxj #
- Software dev is hard to do right. RT @DrInfoSec ICSA: “44% of sec products had inherent security problems” http://bit.ly/2iknvt #
- RT @iamnowonmai RT @jack_daniel: Astaro has rolled out free unlimited IP *commercial-use* firewall packages. http://bit.ly/1AueYP #
- RT @IBMFedCyber Aren’t we due “Cyber coordinator expected 2 b named in coming weeks” soon? Oh wait here it is: http://bit.ly/Svbg #
- RT @mubix RT @exploitdb: The Offensive Security Exploit Database is live! http://exploits.offsec.com #
- Is this what happened? Milworm gone? RT @pauldotcom @hdmoore: checking out milw0rm replacement: http://j.mp/GcsQ4 #
- MS SECURITY TOOLS GOOD ENOUGH: Lifehacker put together this nice art. Looks like bad news 4 3rd party vendors. http://ow.ly/CRED #
- CRYPTO-GRAM: In case you missed my previous tweet .. It’s that time of the month again.. http://ow.ly/CRJP #
- MASTERCARD GOES SMS: Authen via SMS is prime time now. Guess I should migrate to 1of unlimited SMS plans. http://ow.ly/CRTK #
- $1400/PAGE FOR C&A REPORTS: Last week’s Newbites had an article on how much all this paper we create costs. http://ow.ly/CSkm #
- Interesting. RT @IBMFedCyber Do Social sites risk security clearance?: http://bit.ly/4ukrPF #
- Nice summary. RT @DarkReading: What’s new in the new Metasploit version: http://ow.ly/DbGc #
- Nice way of simplying complex prob – a Top X list. RT @GovInfoSecurity 12 Ways 2 Improve Fed Cybersecurity. http://bit.ly/1Se36s #
- Good summary. RT @GovInfoSecurity: NIST Draft Takes New, “Near Real-Time” Approach on Risk Management. http://bit.ly/1zlXeS #
- New comment on “Security Musings” http://bt.io/AQBj #
- RT @danphilpott Added #FISMApedia GAO-10-230T Continued Efforts Needed to Protect Info Sys’s fr Evolving Threats http://bit.ly/4djWi6 #
- Wind out of 60 Min piece? RT @danphilpott: Intel community admits cybersec attack source attributions flawed: http://bit.ly/26uMaa #
- RT @ThisIsHNN: Zues botnet owners busted? http://tr.im/FdPU “Two suspected computer hackers have been arrested in Manchester”… UK #
- NovaInfosecTwits hasn’t done as well http://ow.ly/DpZw RT @rybolov @dslunceford 11/20 mark 1yr anniv of GovTwit directory 150 IDs to 2500 #
- TOP CYBER THREATS OF ’09: It’s already starting. Anyway nice summary fr Symantec. Plus few predictions for ’10. http://ow.ly/DqON #
- NEWSBITES: There a new edition out as of yesterday. Los Alamos, bad security products, etc. http://ow.ly/DrlG #
- More on the new 800-37. RT @DrInfoSec: RT @NextGov NIST updates information security guidelines http://bit.ly/3fCjF3 #gov20 #
- That was the 2nd of the major updated docs. Here is NexGov’s write-up on the earlier 800-53 update. http://ow.ly/DvL4 Good stuff. #
- Typical knee-jerk reaction. Although really shouldn’t b doing. RT @briankrebs:Bill would ban P2P use on fed networks http://bit.ly/14ayRW #
- Nice historic look at Diffie. RT @regsecurity Crypto pioneer and security chief exits Sun http://bit.ly/1mc2ID #
- Another. This time they mk U watch a webcast. #2010predictions RT @regsecurity 2010 Threat Predictions http://bit.ly/r5Z7A #
- TOP CYBER THREATS OF ’09: It’s starting. Anyway nice sum fr Symantec. + few predictions 4 ’10. http://ow.ly/DqON #2010predictions <- tag #
- RT @ksignal9 @jabolins @teksquisite @tweetmeme Fed gov using PS3 to crack pedophile passwords | The Industry Standard http://bit … #
- RT @SCMagazine: House committee passes cybersec R&D/standards bill: Cybersecurity Enhancement Act of 2009.. http://bit.ly/1rJalR #
- NEW FAKE AV – ANTIAID: Something we’ll have to deal with for family/friends. http://ow.ly/DL2E #
- TOP CYBER THREATS OF ’09: This time a commentary on Symantec report instead of slideshare. #2010predictions http://ow.ly/DLEu #
- OVAL: Interesting in learning about OVAL. Here’s good starter article. http://ow.ly/DLHV #
If newbits are your thing, here are some security reports
- RT @danphilpott: NIST released the Final Public Draft of SP 800-37r1 Guide 4 Applying RMF to Fed Info Systems http://bit.ly/e1N6x #
- Not bad.. Only 18 pages. RT @IBMFedCyber: Updatd GAO (Nov 17) report on cyber threats: http://bit.ly/QXZYC (pdf) #
And finally, if your in the job market, here are some job openings
- #job RT @rgaucher Cigital is looking 4 sec consultants (strong experience in pen-test, code review) in NYC & NoVA – DM me if interested. #
- Want a #job in Sercret Service? RT @GovInfoSecurity: An IT Security Career in Secret Service: What it Takes. http://bit.ly/1uVXM9 #
- RT @taosecurity Embedded Hardware and Software Pen Tester Positions in GE Smart Grid http://bit.ly/aGpWA #novablogger #job #
Well, that’s all for this week. Be sure to follow us@grecs for more great tweets during the week!
No related posts.
