Grecs’ Weekly Infosec Ramblings for 2010-01-07

If you’re not already following the NovaInfosec Twits and are wondering where to get the best tweets about security in the NoVA, DC, and MD area, look no further than this post.

Posted every Friday, our “Infosec Ramblings” post takes the best security tweets from the past week and puts them into one easy to digest post.

If you don’t want to wait an entire week to read the best security tweets, be sure to stop by @grecs or learn more about the NovaInfosec Twits.

There were a few meetups this past week but unfortunately one got canceled due to weather.

• RT @hacdc New post: Thursday Talk on Twilio at HacDC: Build your own Dial-a-Song! http://tinyurl.com/yjlyenb #mtg #
• Reminder: DojoSec Meetup (Capitol College) Jan 07 http://ow.ly/TDte + ths #mtg & othrs via iCal http://bit.ly/nipcal #
• Reminder: OWASP VA Meetup – Various Discussions (Booz Allen (One Dulles Facility)) Jan 07 http://ow.ly/TDvs C ths nova #mtg & othrs… #
• IMPORTANT MEETUP UPDATE!!!: Sorry about the confusion but today’s DojoSec Meetup has been CANCELED due to the weather. #
• RT @baltimorenode: Open hack tonight. 7:00pm~9:00pm. We replenished the case of beer! #mtg #

There’s also some upcoming meetups and conferences for those of you who are interested.

• RT @baltimorenode Events happening in January http://baltimorenode.org/2010/01/events-happening-in-january/ #mtg #
• RT @ethicalhacker Free Ticket 2 Black Hat DC worth $1995 up 4 grabs 2 EH-Net Members. http://j.mp/72me9T #blackhatdc #con #
• RT @DarkReading @TechWebSecurity: BlackHat DC Reminder: Reg registration rate ends 1/15 @BlackHatEvents http://bit.ly/8gcz3q #con #

And of course there were lots of ShmooCon news and updates this week, especially on the 1/1 ticket sales.

• T – 1 hr 4 #shmoocon tics. Here R ur tips & tricks in case you missed it. http://ow.ly/RFyb #
• Me too. RT @marcusjcarey: You don’t have permission to access /cart/ on this server. #shmoocon tix #
• Think typo in 1st sentence. “Sorry, all of tickets 4 ShmooCon 2010 have been reserved. We will open purchase of reserved tickets in 1 hr.” #
• Now is it 1 hr from now at 1:10 or did they mean at 1:00? #
• I’ve only seen posts a/b peeps NOT getting tickets. Was any1 out there successful? If not, then it looks like there may b follow-on sale. #
• RT @shmoocon: And we’re sold out. Find out what happened here: http://www.shmoocon.org/news.html #
• Nice! RT @bbaskin Bought 2 #Shmoocon tix. Promised 1 2 @falconsview last wk. May put other on eBay & donate profit 2 @ihackcharities #
• RT @KPOsborn RT @nberthaume: Crack 5 hashes b/f noon tomorrow & grab shmoocode. http://ow.ly/RJNo #
• RT @ryancnelson @shmoocon …U say U have logs & emailed folks. all you’ll have is my IP address ur errors fr 12:01, no email address. #
• Good point. Think they were talking about something else @ryancnelson .. unfortunately. http://ow.ly/RJOm #
• RT @schuetzdj I have reservation code 4 2 I Love #shmoocon tix. 1st person 2 reply gets. (& follow me, so I can DM code 2 U privately! ) #
• RT @pauldotcom Buying, Selling, Trading Shmoocon tickets? Visit forum thread (http://is.gd/5MWoT) to find or sell golden ticket! #con #
• Another? RT @danphilpott RT @SRA_OneVault: Going 2 SchmooCon? Here is a twitter list of the speakers – http://ow.ly/T16S #con #
• RT @ThisIsHNN RT @security4all I’ve put my ShmooCon tic up 4 auction http://bit.ly/4DnWCQ (due 2 financial probs) (via @nikolasco) #con #
• RT @shmoocon Hip hip hooray! #shmoocon bags are here today http://yfrog.com/351a3yj #con #
• Nice sum + interview w/ Bruce Potter. #con RT @SecuraBit_Jay RT @SecuraBit: New post: Everything Shmoo! http://bit.ly/7iz1QK #

For those of you that don’t know, we have some pretty awesome infosec bloggers in the local area. You can check out some of their articles below.

• RT @taosecurity Find out Best Book Bejtlich Read in 2009 http://bit.ly/5oLRjv & then read top titles!.. #novablogger #
• RT @geminisecurity New blog post: Twitter bans “obvious” passwords http://j.mp/6gJjKR #novablogger #
• RT @cyberhiker New Blog Post: Technology Death Pronouncement. http://is.gd/5M6tG #novablogger #
• RT @wadew Blog Post: Thoughts on an AppSec program pt. 4 of 5: “Metrics and Defining Success” http://bit.ly/5ySmcY #novablogger #
• RT @wadew Blog Post: Thoughts on AppSec program pt. 5 of 5 – “Training, outreach, and networking” http://bit.ly/6aOOBX #novablogger #
• RT @falconsview new blog post: “Sponsors, Supporters, Speakers Needed for BSides Austin” http://bit.ly/8AIjyV #novablogger #
• RT @falconsview new blog post: “RSA 2010: Check Out This IAM 1-Day Tutorial” http://bit.ly/85R8Cr #novablogger #
• Wow, 2 posts in a day! RT @jack_mannino: Not educating your clients? FAIL http://bit.ly/5Wu3t1 #novablogger #
• RT @geminisecurity: New blog post: Algorithm and Key Length Deprecation http://ow.ly/TMOk #novablogger #
• RT @geminisecurity New blog post: Windows 7 – GodMode Feature http://j.mp/55gUqX #novablogger #

In case you missed them, here were some of our blog posts from this week.

• BLOGGED: Grecs’ Weekly Infosec Ramblings for 2009-12-31 http://ow.ly/16fprI #
• BLOGGED: Typos Hinder ShmooCon Ticket Sales But Still Sale Out http://ow.ly/16fAoK #
• BLOGGED: Where You Want to Be This Week for 2010-01-04 http://ow.ly/16goZx #
• BLOGGED: Upcoming Conferences for January, February, March http://ow.ly/16grQh #
• BLOGGED: ShmooCon 2010 FireTalks http://ow.ly/16honm #

The job market seems to be opening up some … plus looks like some good training opportunities to expand your career.

• RT @securitytwits RT @CuriousGuru: An #infosec vacancy 4 an ISSO in Arlington http://is.gd/5KLco Must b able 2 gain TS. #job ^gg #
• RT @mubix RT @SecurityTube: [Video] From Couch 2 Career in 80 hrs (Dojosec) http://is.gd/5MQM4 #job #
• RT @DrInfoSec How to become an internal IT auditor (by @mortman) http://bit.ly/7x7zS3 #job #
• RT @cyberwar If you are looking for a security job search on “cyber” on Linkedin jobs. Amazing number of positions. #job #
• Interesting RT @cyberwar Cyber Help Wanted. http://tinyurl.com/y9gud4h Change is coming to security industry. New blog post. #job #
• RT @rybolov Is anybody looking 4 Info Assurance jobs? I’m getting tons of people asking if I want 2 b their worker bee. #job #
• Nice. #edu RT @FSLabs: #Blog University Course on Malware Analysis http://bit.ly/4vxcSi #
• RT @mubix: RT @wikidsystems: RT @hurricanelabs: http://bit.ly/8kfzga – Hurricane Labs Hack Challenge Registration! #edu #
• RT @GovInfoSecurity Learn & Earn: Balancing Demands of Work & School. Infosec Pros Offer Tips 4 Manag Jobs, Edu http://bit.ly/5hJje3 #

As usual NIST has been active and in the news this past week.

• RT @scottr_nist Oh yeah, & NIST SP 800-57 Part 3 was published as well (finally!) – http://www.csrc.nist.gov/ 4 announcement. #
• RT @pmhesse NIST released a spec pub on application-specific key management guidance (SP-800-75 part 3) http://bit.ly/7Z3Ghp #
• RT @danphilpott 4 record, NIST does not certify USB drives & neither cracked USB drive uses crypto module listed as validated by NIST. #
• Good 2 know. RT @danphilpott RT @georgevhulme: Crypto Showdown, NIST picks 14 hash algorithms http://bit.ly/5PsnH3 #
• Really? Didn’t realize this. RT @pmhesse: . @dakami: NIST already deprecated 1024bit RSA in Gov. Time 4 industry 2 follow suit. #

You can also keep yourself busy with these interesting newsbites:

• Not good. RT @securitytwits RT @stevewerby “Bookmarklet 2 view any FB user’s public pic albums. http://fbl.li/photos.txt (@theharmonyguy)” #
• Mmm? @briankrebs was right. RT @jaysonstreet “Feds Warn Small Businesses 2 Use Dedicated PC 4 Online Banking” http://is.gd/5JIY4 #
• Just insane. RT @CSOonline Businesses May b Liable 4 Employee Statements on Social Networking Sites. http://bit.ly/7PhYLW #
• RT @briankrebs @rmogull: @securosis: Big news 2day- Securosis & Security Incite R merging http://bit.ly/7CZ4aK We haz more Rothman! #
• EMC BUYS ARCHER: From @DarkReading .. GRC & security cozy up. http://j.mp/6lKlJ1 #
• Lots of this happening. RT @mubix RandomStorm completes acquisition of Damn Vulnerable Web App – http://bit.ly/8ZZy4f (SC Magazine) #
• RT @ThisIsHNN RT @briankrebs Krebsonsecurity.com: Hackers May Have Unearthed Dirt on Robert Allen Stanford http://bit.ly/7DogAW #
• Interesting. RT @ksignal9 Register.co.uk article on Samy Kamkar’s FIOS XSS -> Geolocation attack. Well.. http://bit.ly/6lIx3x #
• Agreed. RT @jaysonstreet Or opt B Format & reinstall! “How 2 Rm AV Live & Other Fake AV Malware” http://bit.ly/8rAGtR #
• Nice history. RT @IBMFedCyber C Hacking’s roots all do come back 2 IBM! 20 Things U Didn’t Know a/b Computer Hacking http://bit.ly/5g2eYk #
• Nice. CCleaner, Eraser, & DBAN. RT @derekcslater Brandon Gregg: How 2 protect yr privacy from cmputr forensics http://j.mp/71FneX #
• More by Samy Kamkar. RT @regsecurity Hacker pierces hardware firewalls with web page http://bit.ly/8cMZwZ #
• In case you didn’t know. RT @Shpantzer: RT @jeremiahg: “Disabling Javascript on Adobe Acrobat” http://bit.ly/7bUNDz #
• Great 4 upcoming flight. RT @danphilpott Most recent DoD IATAC IAnewsletter has oodles of SCAP arts: http://bit.ly/8lvqmy (PDF) #
• Love this kind of stuff! #mom RT @Nathiet: How to Improve Your Personal Computer Security http://ow.ly/TEVG #
• Hate Flash cookies. Grrrrr. RT @mschafer: These “Cookies” won’t crumble. + they could leave U open 2 ID theft – http://bit.ly/57l0lf #
• Interesting. RT @regsecurity RSA crypto defiled again, with factoring of 768-bit keys http://bit.ly/65A7C4 #

Well, that’s all for this week. Be sure to follow us @grecs for more great tweets during the week!

No related posts.

Tags: digest, grecs, twitter