If you’re not already following the NovaInfosec Twits and are wondering where to get the best tweets about security in the NoVA, DC, and MD area, look no further than this post.

Posted every Friday, our “Infosec Ramblings” post takes the best security tweets from the past week and puts them into one easy to digest post.

If you don’t want to wait an entire week to read the best security tweets, be sure to stop by @grecs or learn more about the NovaInfosec Twits.

There seemed to be quite a few meetups and cons this past week. Did you get to attend any of them? Additionally, there were some good training materials posted.

• SANS IDS SUMMARY: Nice post over at @VRT_Sourcefire. http://ow.ly/L0YO #con #
• Found out a/b ISIMC 2009 Fed ID Mgmt & Cybersec #Con going on nxt 2 days in Crystal City. Follow #isimc. http://ow.ly/Mq0M #
• Wow, 3 overlapping cons 2day! These plus #sanscdi. RT @dallendoug: #SwAForum NIST speaker just arrived from #ISIMC #
• RT @dionthegod: I’ll be there -> RT @grantstavely The 20th @CharmSec is tonight at @SlaintePub in Fells Point, @ 7PM, sharp. #mtg #
• RT @ethicalhacker Skoudis’ Annual Xmas Hacking Chall Released. Save Kris, hack Facebook, win prizes. :-O http://j.mp/4A6Tqm #edu #
• Some fun watching over the holidays. #edu RT @ethicalhacker: Could use helping hand. At 188 diggs w/ 4 hrs to 2. http://ow.ly/M2L1 #

There’s also some upcoming conferences for those of you who are interested.

• One is in DC. RT @signalmag Via SIGNAL Scape: 2 Great Feb Events Fr AFCEA: Feb may seem far away,.. http://bit.ly/4Lhg0w #con #
• RT @werntzp Thinking I should put #AFCEA DHS conference on my calendar. http://tinyurl.com/ybmra65 #homelandsecurity #con #

Of course the big upcoming conference for our area – ShmooCon – was big discussion this week.

• RT @mubix: Congrats @Dionthegod @taylorbanks @arcon @nathanhamiel and @marcinw on your @ShmooCon speaker acceptance! #
• RT @mubix Created #ShmooCon 2010 Speakers twitter list: http://bit.ly/838dKO – Let me know if I’m missing anyone! #con #
• Congrats. RT @packetwerks My Shmoocon talk “New World of Smartphone Security – What Ur iPhone Disclosed a/b U” accepted! C u in Feb! #con #
• More good news. RT @danphilpott: @jack_daniel: Tx 2 #Shmoocon team! @sfoak @anton_chuvakin @joshcorman & I will do panel on PCI realities #
• Shmoo is def on every1’s minds. RT @mubix: 2night @securityjustice podcast live w/ @gdead a/b Shmoocon! Freenode in #SecurityJustice #
• Congrats! RT @dionthegod: Bad news for my sanity: ShmooCon accepted. Speaking about my tool BaSO4 — data flow analysis for reversing.. #

Career and job opportunities seemed to be out there.

• Interesting. Never really thought a/b. RT @DarkReading: Gadi Evron: How security pros.. should work w/ reporters http://ow.ly/L13g #
• RT @rybolov: RT @patrickcmiller DHS is holding a Cybersecurity Virtual #Job Fair http://is.gd/5jKs5 #
• #job RT @CSOonline: SecurityJobs: Mult Cybersec Positions Avail: Location: DC Work in Field of Cybersec? http://bit.ly/6vqYdO #
• RT @jaysonstreet RT @attritionorg: any sec pros that got hit by economy & R completely without work? contact me (jericho) #job #
• RT @CSOonline: SecurityJobs: Cyber CounterIntelligence Instructor: Location: MDSecurityHeadhunter.com.. http://bit.ly/6HAKHa #job #

For those of you that don’t know, we have some pretty awesome infosec bloggers in the local area. You can check out some of their articles below.

• DO WWW AUTHENTICATION: @cktricky posts on how to test intranet sites protected this way. http://ow.ly/L1h8 #novablogger #
• HACKERS – NET CAFE SERIES: Man this brings back memories. Tx to @carnal0wnage for posting. http://ow.ly/LaVJ #novablogger #
• POSSIBILITY & RISK: @falconsview continues his rant .. this time possibility & its relationship w/ risk. http://ow.ly/LaYm #novablogger #
• RT @taosecurity #sansids Thanks for a great Incident Detection Summit! http://bit.ly/8i3IT9 #novablogger #
• RT @rybolov New blog thingy on Gov 2.0 and sec, big credit to @danphilpott who did most the work. http://bit.ly/5pOae7 #novablogger #
• RT @rybolov New blog thingy: @danphilpott & #OWASP R doing review of NIST SP 800-37R1 & need help. http://bit.ly/73ws5y #novablogger #
• RT @falconsview: new blog post: “NSS Labs Releases IPS Results” http://bit.ly/57B6Wf #novablogger #
• RT @mubix {blog} Meterpreter tunneling and VNC revamped http://bit.ly/5OOncd #novablogger #
• FEW RULES OF THUMB: @geminisecurity has a new post out regarding suspicious messages. http://ow.ly/MtZg #novablogger #
• 1st #2010predictions fr a #novablogger RT @falconsview: new blog post (bit of levity): “2010 Prognostication” http://bit.ly/541fPf #

In case you missed them, here were some of our blog posts from this week.

• BLOGGED: Top 3 NoVA Infosec Blog Posts of the Week http://ow.ly/168xro #
• BLOGGED: Grecs’ Weekly Infosec Ramblings for 2009-12-10 http://ow.ly/168AKv #
• BLOGGED: Where You Want to Be This Week for 2009-12-14 http://ow.ly/169sAI #
• BLOGGED: Old Saint NIST: Ho Ho Hold on, what’s this? http://ow.ly/169zul #
• BLOGGED: Who is @nathiet? http://ow.ly/16aE0c #

You can also keep yourself busy with these interesting newsbites:

• Interesting new capabilities. RT @ksignal9 RT @theprez98: SHODAN for Penetration Testers: an update http://bit.ly/6QnuzL #shodan #
• RT @danphilpott: NIST released a revised draft of FIPS 140-3 Security Requirements for Cryptographic Modules today: http://bit.ly/7o5onU #
• I can’t believe they R actually doing this. RT @briankrebs: Check your Facebook ‘privacy’ settings now http://bit.ly/7ApVfr #
• VIRUSZOO: Interesting. Infect a virtual system & get screenshots of results. http://ow.ly/Lb4V #
• NEWSBITES: Interesting reading as usual. Wow, XP support done in 7 months.. http://ow.ly/Lb9o #
• Damn they’re clever. RT @DrInfoSec Attackers generate new malware-hosting domains based on Twitter trends http://bit.ly/6G4xnv #
• This is good. RT @IBMFedCyber DISA Unix SRR scripts R being fixed 2 address vuln: http://is.gd/5ljun – Admins warned 2 stop use #
• DECAF: Guess what this does. Yes, it’s an anti-COFEE tool. http://bit.ly/5U9gyB #
• Adobe has been having it rough lately. RT @kpyke Shadowserver has info on Adobe deal. As always kill JavaScript: http://j.mp/7lHbpJ #
• Wow, it’s a/b time. RT @danphilpott @patrickcmiller: Presidential Task Force [DHS] on CUI Releases Report & Recs http://is.gd/5oByI #
• RT @danphilpott: NIST released draft of SP 800-126 Rev 1 Tech Specification for the SCAP: SCAP Vs 1.1 http://bit.ly/5DSvR8 #
• NEW ADOBE 0-DAY: Details on new vuln from @DarkReading. “best way 2 protect against .. is 2 disable JavaScript” http://ow.ly/MtJ9 #
• Nice find! RT @danphilpott: Very nice DoD IA cross-walk of various federal/military IA documents: http://bit.ly/7NYbcP #
• I’m sure U’ve all seen this. RT @jack_mannino: Predator – 4.5 million $s..Sending video unencrypted- priceless http://bit.ly/924Ifo #

Of course it is that time of year again … so we are getting plenty of 2009 reviews and predictions for 2010.

• MORE #2010PREDICTIONS: @CSOonline has put out 10 predictions from Kaminsky & Weatherford. http://ow.ly/Mlif #
• F-SECURE THREAY FORCAST: Folks over at @FSLabs have released their #2010predictions. http://bit.ly/74i28e #
• Nice decade-in-review article on Register – http://ow.ly/MTNO #

Well, that’s all for this week. Be sure to follow us @grecs for more great tweets during the week!

Tags: digest, grecs, twitter

This entry was posted on December 18, 2009 at 1:00 pm and is filed under NoVA Email Lists/Networking. You can follow any responses to this entry through the RSS 2.0 feed.