If you’re not already following some of our excellent NovaInfosec Twits and are wondering where to get the best NoVA-, DC-, and MD-related security tweets, look no further than this post. Published every Friday, our “Infosec Ramblings” post takes many of my security tweets/RTs from the past week and puts them into one easy to digest post. And if you don’t want to wait an entire week, just stop on by my @grecs Twitter account.
[Sorry for the tweet dump this week. Was very busy with some interesting behind the scenes stuff. -Grecs]
- BLOGGED: Grecs’ Weekly Infosec Ramblings for 2010-03-18 http://bit.ly/cLo2l7 #
- #NOVABLOGGER: Grecs’ Weekly Infosec Ramblings for 2010-03-18 http://bit.ly/cLo2l7 http://j.mp/nispblog #
- First version of the Facebook/OWASP Security sub-portal http://j.mp/cbZYiI (via @manicode) [Nice. FB app dev guidelines.] #
- #JOB Information Security Architecture Branch Chief at DHS. http://go.usa.gov/iqg (via @Mystie3k @rybolov) #
- Bunch of friends just got laid off. Anyone in Baltimore/DC looking for Desktop/Server Support? (via @oneeyedcarmen @charmsec) #
- #CON Security Domination via Hard Drive Isolation! SANS@Night at SANS NoVA http://j.mp/9JCENS Friday 4/9, Reston (via @Shpantzer) #
- #NOVABLOGGER: F**king With Foursquare Goes MSF Style http://bit.ly/bEAEJe http://j.mp/nispblog #
- #NOVABLOGGER: F**king With Foursquare Goes MSF Style http://bit.ly/a51g2w http://j.mp/nispblog #
- BLOGGED: Top 3 NoVA Infosec Blog Posts of the Week http://bit.ly/cOPr82 #
- #NOVABLOGGER: Top 3 NoVA Infosec Blog Posts of the Week http://bit.ly/cOPr82 http://j.mp/nispblog #
- IN CASE U MISSED IT: Top 3 NoVA Infosec Blog Posts of the Week http://bit.ly/bZldup #
- IN CASE U MISSED IT: Grecs’ Weekly Infosec Ramblings for 2010-03-18 http://bit.ly/bcuh11 #
- #NOVABLOGGER: Winner of GovSec Conference Free Pass http://bit.ly/cCdeh4 http://j.mp/nispblog #
- BLOGGED: Winner of GovSec Conference Free Pass http://bit.ly/cCdeh4 #
- Wow, rough day. Strange to be off Twitter for so long.
# - RT @falconsview: fyi DHS has an opening (in DC) for a security architect – ping me if you’re interested, looks interesting #JOB #
- #CON Are you registered for What’s Next in DNSSEC: Securing the DNS? http://bit.ly/d1o1XW #GovSec (via @GovSecUSLaw) #
- #MEETUP Reminder next OWASP DC is going 2 b taking place 3/24 at 6:30PM at GWU! details http://bit.ly/cdzXhe (via @owaspdc) #
- #CON Conference Focuses on Security Rule: http://bit.ly/9Zk7v6 (via @Nathiet) #
- Secure your Facebook with this How To on Threatpost – http://bit.ly/91ZeMg (via @mschafer @christenrice @threatpost) [Nice!] #
- #JOB Any websec types in DC looking 4 work? Send me a note at quigley@emerose.com — I have interesting lead. (via @emerose @securitytwits) #
- Watching computer security circa 1984: http://bit.ly/arsOSf (via @iamnowonmai) [Nice.] #
- Thanks to @drinfosec @openxxx @thecustos for the #ff nods! #
- #JOB Any sec folks w/ brains & cajones 2 do this? Dep Asst Director 4 Tech CI & Cyber Threats http://bit.ly/bWr6Ky (via @danphilpott) #
- #NOVABLOGGER: Working on a new tool http://bit.ly/9lx1tP http://j.mp/nispblog #
- Google Releases Free Web Security Scanner http://j.mp/dlRzyS [anyone tried it?] (via @DrInfoSec) [In case U missed this.] #
- IN CASE U MISSED IT: Winner of GovSec Conference Free Pass http://bit.ly/9yJOL9 #
- The state of ModSecurity today: http://bit.ly/cPufJg (via @manicode) [Quick update.] #
- “Bad BitDefender Antivirus Update Hobbles Windows PCs” http://bit.ly/c8336K (via @briankrebs) [This makes 4 a bad weekend.] #
- Re BitDefender probs .. At least they are open and working on it. In other situations, we’d have to wait until Monday morning. #
- #Blog Screenshots of latest Twitter phishing attack http://j.mp/aXjLlx (via @FSLabs) [Nothing new but good for awareness.] #
- Reminder: FISSEA Conference @ Tue Mar 23 – Thu Mar 25, 2010 (NovaInfosecPortal.com Calendar) #
- Reminder: FOSE Conference @ Tue Mar 23 – Thu Mar 25, 2010 (NovaInfosecPortal.com Calendar) #
- Reminder: GovSec Conference @ Tue Mar 23 – Wed Mar 24, 2010 (NovaInfosecPortal.com Calendar) #
- #NOVABLOGGER: Forget ROI and Risk. Consider Competitive Advantage http://bit.ly/94vflV http://j.mp/nispblog #
- 10 Security Reasons to Quit Facebook (And One Reason to Stay On) http://bit.ly/cGotV2 (via @CSOonline) [So true. What to do?] #
- CALENDAR UPD: Information Society Movement Meetup http://bit.ly/ctlp0P http://j.mp/nispcal #
- A write up of Google Skipfish – http://j.mp/cjpl4f (via @jaysonstreet @digininja) #
- BLOGGED: Where You Want to Be This Week for 2010-03-22 http://bit.ly/93HqLf #
- #NOVABLOGGER: Where You Want to Be This Week for 2010-03-22 http://bit.ly/93HqLf http://j.mp/nispblog #
- #NOVABLOGGER: Ways to Justify Security Programs: 13 Cs http://bit.ly/9ur8uM http://j.mp/nispblog #
- Germany Warns Surfers against Firefox http://bit.ly/bR9qco [1st no IE. Now no FF. Linx then?] #
- 50 Riskiest Online Cities http://bit.ly/dhMN3q [Minneapolis is #7] (via @DrInfoSec) [DC is #3.] #
- Victorinox Offers Hackers ÂŁ100,000 Challenge http://bit.ly/9WCo05 (via @regsecurity) #
- IN CASE U MISSED IT: Where You Want to Be This Week for 2010-03-22 http://bit.ly/9GXjKn #
- #NOVABLOGGER: The other theme at the 2010 RSA Conference http://bit.ly/9uaPKD http://j.mp/nispblog #
- Botnet pierces Microsoft Live through audio captchas http://bit.ly/cBv88i [Decodes audio captcha in 10s.] #
- #CON R U registered 4 What’s Next in DNSSEC: Securing the DNS? 3/24 – don’t miss! http://bit.ly/d1o1XW #GovSec (via @GovSecUSLaw) #
- Google has shut off censorship in China; redirecting users to http://www.google.com.hk/ (via @lseltzer @pmhesse) [Whoa.] #
- Google exits China search. Moves to Hong Kong. http://nyti.ms/akWevm (via @cyberwar) [NYT story.] #
- Slides from this morning’s ACT/IAC FISMA NextGen webinar w. Ron Ross, Patti Titus & myself: http://bit.ly/bwpIYg (via @danphilpott) #
- Check out status of Google service access fr inside China : http://bit.ly/cOkzhR (via @manicode) [Will b interesting 2 watch.] #
- Alexandria PD is investigating card skimmer found in ATM @ Wachovia Bank, 3694 King St. Clients advised 2 check statements. (via @evejou) #
- Taking CISSP Exam? Come to the Exam Prep Clinic on Wed 3/24: http://bit.ly/cluZRR #GovSec [Can't beat free.] #
- Secunia unveils ‘One Stop’ patch solution w/ MS WSUS & SCCM support http://bit.ly/btDR47 (via @DrInfoSec) [Finally! Now to test.] #
- “DHS Privacy Assessment Sheds Light on Einstein 3″ http://bit.ly/awPnut [Good read 2 catch up on sometimes controversial topic.] #
- Didn’t Mozilla say they weren’t coming out w/ 3.6.2 for latest badee until 3/30? Just got update notice 4. http://bit.ly/bNw2v0 #
- CALENDAR UPD: ISSA Nova meetup http://bit.ly/bMQSI7 http://j.mp/nispcal #
- Reminder: HTCIA DC Meetup @ Wed Mar 24 9am – 12pm (NovaInfosecPortal.com Calendar) #
- #NOVABLOGGER: Can’t Create a New Certificate Template to Issue? http://bit.ly/8YJr4V http://j.mp/nispblog #
- Mozilla swats Firefox zero-day bug a week early http://j.mp/aYXUHD (via @regsecurity) #
- NOVAINFOSEC TWITS: Friendly reminder.. NovaInfosec Twits list is opt-in. Find list & instructs 2 join at http://bit.ly/nisptwit. #
- Reminder: ISSA Baltimore Meetup @ Wed Mar 24 5:30pm – 7:30pm (NovaInfosecPortal.com Calendar) #
- Reminder: OWASP DC Meetup @ Wed Mar 24 6:30pm – 9:30pm (NovaInfosecPortal.com Calendar) #
- Local bloggers! Don’t get bullied into removing comments — know your rights http://bit.ly/9hEvAu (via @DCist_Updates @GoldbergLawDC) #
- “How 2 Embrace FISMA NextGen w/o Getting Indigestion” http://bit.ly/duWlVq (via @danphilpott) ["..keep an eye on the overall ball."] #
- Security Certification Directory fr @csoonline http://bit.ly/b553mM (via @danphilpott @benrothke @ISC2) [Nice reference.] #
- CNET reports Avast tracked 2.6Mil+ instances of malvertising http://bit.ly/bk4WRp (via @IBMFedCyber) [New word - "malvertising"?] #
- AVG Rescue CD: Free toolset 4 repair of infected machines http://bit.ly/9OKamX (via @DrInfoSec) [Many more also but nice 2 have.] #
- Sell exploit 2 wrong person, end up charged w/ conspiracy & get 3-years probation http://bit.ly/augDSy (via @ksignal9 @hdmoore) #
- MS’s Elevation of Priv Threat Modeling Game http://bit.ly/9B6C13 (via @DrInfoSec) [Is new 1 or same 1 that's been around 4 few weeks?] #
- B Careful Who U Know http://bit.ly/bqxcAP [good 4 awareness] (via @DrInfoSec) [Pose as employee of competitor & gain valuable info.] #
- FBI lists Top 10 posts in cybercriminal ops http://bit.ly/dfvHbx [takes a village?] (via @DrInfoSec) [Just need 2 reg as an LLC.] #
- New metrics 2 calculate cost of monitoring/managing network devices.. http://bit.ly/d74PV2 [And it's open source.] #
- #shodan index updated; ability to export up to 1k search results in xml format http://bit.ly/aaoCHi (via @mubix @achillean) #
- Will we c FISMA as currently practiced die tomorrow? http://bit.ly/a92STU (via @taosecurity) [Won't b able 2 sleep tonight. ] #
- My suggestion 4 new title 2 this art: MS finally makes it as Cloud Computing platform http://bit.ly/a0mEay (via @bobgourley) [Lol] #
- How 2 nap: Power nap w/o sleeping http://bit.ly/brwwny (via @ksignal9 @tek_news) [Works unless at customer site. Like toilet idea tho] #
- Does Senate Bill Ban President fr Shuttering Net in Cyber Emergency? Analysis of Cybersec Act of 2010. http://bit.ly/9rKSnB #
- BLOGGED: FOSE/GovSecUSLaw 2010 day 1 http://bit.ly/aR23Bj #
- #NOVABLOGGER: FOSE/GovSecUSLaw 2010 day 1 http://bit.ly/aR23Bj http://j.mp/nispblog #
- #NOVABLOGGER: Legal Defensibility Doctrine http://bit.ly/cO7Fdp http://j.mp/nispblog #
- “U.S. Senators propose international cybercrime cooperation laws – with teeth http://bit.ly/9hDPVU #
- ADD YOUR CONS: Want to add your #con events to our calendar at http://bit.ly/nispcal? Contact us at http://bit.ly/nispcontact. #
- #MEETUP CharmSec is tomorrow night at @slaintepub at 7. EOAIYKIE.. (via @charmsec) #
- #CON My slides from ShmooCon are posted on my website see http://bit.ly/bCVLuF for details. (via @transzorp) #
- #CON NIST Workshop 5/11-12, Safeguarding Health Info: Building Assurance via HIPAA Security http://bit.ly/c0EdU4 (via @danphilpott) #
- RT @ThisIsHNN @0xCharlie 2 b clear, I’m not revealing 20 apple bugs at #cansec, I’m revealing how found 20 bugs. <- Press is getting wrong #
- #CON NIST evt 4/21, Qualifying Id & Privilege Credential Products 4 TWIC & other DHS/TSA QPL http://bit.ly/9MzFKF (via @danphilpott) #
- #MEETUP OWASP DC TONIGHT at GWU at 6:30PM! 801 22nd St NW, Room B149 details http://bit.ly/cdzXhe (via @owaspdc) #
- Free AV Scanner Hits Cloud http://bit.ly/bFx0sn [Nother cloud AV. 1st was Panda.] #
- “Gmail Warns U If It Thinks Some1 Else Using Your Acct” http://tcrn.ch/aHMEtH (via @jaysonstreet) [Gmail always ahead in sec.] #
- Where Can I Find You? http://bit.ly/btwSJH (via @mckeay @melinamurray) [Reminder 2 Google yourself periodically.] #
- Fianlly made it to @owaspdc. Veracode talking now. #
- Reminder: CharmSec Meetup @ Thu Mar 25 7pm – 10pm (NovaInfosecPortal.com Calendar) #
- Watching my tweets show up on @dallendoug computer at @owaspdc. #
- Overall thoughts of Veracode talk at @owaspdc. Nice product/process/service & OWASP needs free license to use. #
- Nice break at @owaspdc. @danphilpott now talking a/b upcoming security pubs from NIST. Lots of discusion. #
- Is FISMA dead? @danphilpott gives update at @owaspdc fr today’s cybersec hearing on the hill. #
- At @owaspdc and after lots of discussion @danphilpott says FISMA is … not dead. #
- Chuck Willis next talking about OWASP BWA project at @owaspdc. #
- Basically bunch of broken open src web apps installed into an Ubuntu VM. Incl Web Goat, Vicnum, Mutilldae, DVWA, .. (BWA talk at @owaspdc) #
- Also old versions of real webapps – phpBB, WordPress, Yazd, .. (BWA talk at @owaspdc) #
- BWA in future? Apps that R bigger, more realistic, Flash, Ruby on Rails, .. http://www.owaspbwa.com 4 more info. Demo time! (at @owaspdc) #
- Well, @owaspdc is done. Nice meeting. To beer or not to beer? #
- #NOVABLOGGER: GE-CIRT Joins FIRST http://bit.ly/bsAuYA http://j.mp/nispblog #
- #NOVABLOGGER: Bejtlich in April Wired Magazine http://bit.ly/9IwN4V http://j.mp/nispblog #
- #NOVABLOGGER: Bejtlich Returns to PaulDotCom Podcast http://bit.ly/bL6X3q http://j.mp/nispblog #
- #NOVABLOGGER: Msfencode a Msfpayload Into An Existing Executable http://bit.ly/cxIlZH http://j.mp/nispblog #
- “iPhone, IE, Firefox, Safari get stomped at hacker contest” http://bit.ly/alZxti [Awesome work by these guys.] #
- “Commodore 64 reincarnated as quad-core Ubuntu box” http://bit.ly/aDhmct [Mmm? This or netbook? Brings back memories though.] #
- “Coming to Fring for iPhone: Two-way video calls” http://bit.ly/c96VL9 [As you'd expect Fring has something up their sleeve.] #
- “Cybersecurity Policy Roundup” http://bit.ly/9IerBX [@briankrebs wrap-up of some recent "Acts".] #
- “Senate Panel Approves Cybersecurity Act” http://bit.ly/9KBjRq [Step 1 of many .. but at least it's a start.] #
- #NOVABLOGGER: FreeConference Is Freaking Out http://bit.ly/d2uDLQ http://j.mp/nispblog #
- hmmm… an SSL MITM appliance marketed to LE? http://bit.ly/a0kogX (via @falconsview) [Should still be able to do cert check.] #
- ATM skimmer found at Alex, VA bank. http://bit.ly/cbhkBx (via @briankrebs) [Local ATM skimmer story.] #
- #CON Pen Test Summit Agenda Posted. June 14-15, Baltimore. http://bit.ly/cNRWZV (via @pauldotcom @edskoudis) #
- “Copyright Lawsuit filed against you”, Overview An email is.. http://bit.ly/bPdiLq (via @sans_isc) [Wow, this 1 looks good.] #
- Paller hammers FISMA in front of Congress yest http://bit.ly/aHhk41 Let’s hope private ind doesn’t get saddled w/ it! (via @taosecurity) #
- DoD issued Dir 5535.02 DoD Patent Sec Review Process yest. http://bit.ly/ar7fPb (via @danphilpott) [Patents .. grumble, grumble] #
- #MEETUP Headed to @charmsec tonight… will I see you there? (via @IBMFedCyber) #
- April 2010 NoVA Hackers Meetings http://bit.ly/cBhaEP (via @novahackers) #
- HELP US HELP U: Friendly reminder.. Support NovaInfosecPortal by purchasing thru 1 of our affiliates. More info at http://bit.ly/nisphelp. #
- “New Malware Overwrites Software Updaters”: http://bit.ly/bEC3Oi (via @CSOonline) [Very sneaky.] #
- “Pwn2Own winner tells Apple/MS 2 find own bugs” http://bit.ly/b50E3b (via @kpyke @danielkennedy74) [Teaching them how to dig a well.] #
- “How IE8 hacker bypassed DEP & ASLR” http://bit.ly/d2Hm8s [Good read 4 those interested.] #
- DoD’s way of securing home PCs so peeps can telecommute. Nice start but there are still holes. http://bit.ly/aC8E0Q #
- I’m thinking livecd would probably b better than running VM on top of infested home OS. Not good 4 every situation but nice 4 emergencies. #
- #MEETUP Hey Folks! Just a quick reminder — Next CapSec DC is March 31st! Just around the corner!! (via @capsecdc) #
- “Hacker’s Record Credit Card Theft Fetches 20-Year Sentence” http://bit.ly/9TDd3C [I'm sure you've all seen this.] #
- #NOVABLOGGER: FireHOL http://bit.ly/cev6h5 http://j.mp/nispblog #
- Research Suggests Govts May Fake SSL Certs (via @PrivacyProf) http://bit.ly/c99PTS [interesting] (via @DrInfoSec) [Interesting x2.] #
Well, that’s all for this week. Be sure to follow me on Twitter at @grecs for more great tweets during the week! See ya…
No related posts.
