If you’re not already following some of our excellent NovaInfosec Twits and are wondering where to get the best NoVA-, DC-, and MD-related security tweets, look no further than this post. Published every Friday, our “Infosec Ramblings” post takes many of my security tweets/RTs from the past week and puts them into one easy to digest post. And if you don’t want to wait an entire week, just stop on by my @grecs Twitter account.
[Sorry for the unsorted post this week. Some travel combined with a short vacation really didn't help.]
- BLOGGED: Grecs’ Weekly Infosec Ramblings for 2010-04-01 http://bit.ly/drJZuu #
- #NOVABLOGGER: Grecs’ Weekly Infosec Ramblings for 2010-04-01 http://bit.ly/drJZuu http://j.mp/nispblog #
- #NOVABLOGGER: Lolcats, Capital Hill, and a Haiku http://bit.ly/clHxii http://j.mp/nispblog #
- #NOVABLOGGER: A Funny Thing Happened Last Week on Capital Hill http://bit.ly/bPbO7I http://j.mp/nispblog #
- Got Asus Eee PC 1001P at MicroCtr last night for $300. Using it as 2nd PC 4 Skype & visit sites blocked by work. Good purchase? #
- #JOB Fed gov 2 spend $55 billion on #cybersec thu 2015 & hire 1000s more sec pros http://bit.ly/acCqBv (via @bobgourley) [Awesome!] #
- “Share — Or Keep Getting Pwned” http://bit.ly/aBNykU [Really hits home. Big questions are how & who?] #
- SecurityFocus.com bows out but @SecurityWeek steps in. http://bit.ly/aqp6J1 (via @cyberwar) [Interesting.] #
- Funny video. The surveillance society! http://bit.ly/baTVSW (via @cyberwar) [Speaking of connecting the dots.] #
- Thanks for the awesome #ff from @DrInfoSec @cktricky @bvpredator @Shpantzer! #
- IN CASE U MISSED IT: Grecs’ Weekly Infosec Ramblings for 2010-04-01 http://bit.ly/cB5lPm #
- #NOVABLOGGER: Protect Your Users by Learning from Quip http://bit.ly/aUw7vH http://j.mp/nispblog #
- Cognitive pwd questions no longer viable.. http://bit.ly/9BqQ3X [agree as many CC/bnk acct pwd resets go 2 email] (via @DrInfoSec) #
- OWASP ModSecurity Core Rule Set just made me “Awesome” out loud. http://bit.ly/d4VRuY (via @rybolov) [Looks like great prj!] #
- #NOVABLOGGER: New Google App – Skipfish Web App Analyzer http://bit.ly/cO7dL6 http://j.mp/nispblog #
- #CON Putting notes 2gether 4 Digital Gov Instit panel on Sec in the Cloud 4/13 http://j.mp/9XAae7 (via @technogeezer) [+ more in left col.] #
- #CON RT pls? > DC Event @PrivacyCamp DC 4.17 Register ! > http://j.mp/bUXmvy (via @PrivacyCamp @rybolov) #
- #NOVABLOGGER BLog Post: On Uncertain Security http://j.mp/cdHfWF (via @alexhutton) #
- Did some reorg on “Grecs’ Weekly Infosec Ramblings for 2010-04-01″ post. Should find it easier to digest now. http://bit.ly/drJZuu #
- WASC Threat Classification 2.0 now integrated in CAPEC: http://bit.ly/aMi1GO (via @rgaucher) [Interesting.] #
- CALENDAR UPD: Cyber Security Conference http://bit.ly/dupoah http://j.mp/nispcal #
- CALENDAR UPD: Global Privacy Summit http://bit.ly/aO8vQN http://j.mp/nispcal #
- CALENDAR UPD: PrivacyCampDC Conference http://bit.ly/9gb9fS http://j.mp/nispcal #
- Reminder: SANS Northern Virginia Bootcamp Conference @ Tue Apr 6 – Tue Apr 13, 2010 (NovaInfosecPortal.com Calendar) #
- CALENDAR UPD: IT Security Automation Conference http://bit.ly/cvwMbx http://j.mp/nispcal #
- Hacker jailbreaks the iPad less than a day after release http://bit.ly/9PfpNi (via @mschafer @WebSecurityNews) #
- A case for learning assembly as a pen tester: http://j.mp/cbWuTf (via @hdmoore @mubix) [Going bare metal baby.] #
- CALENDAR UPD: 2600 Arlington Meetup http://bit.ly/9cjXpY http://j.mp/nispcal #
- CALENDAR UPD: 2600 Baltimore Meetup http://bit.ly/dx8bqS http://j.mp/nispcal #
- If U R actually using Buzz – Google 2 roll out privacy setting reset 2day http://bit.ly/a7l2EZ (via @IBMFedCyber) #
- Regarding Buzz Privacy Reset (http://bit.ly/a7l2EZ) “..latest tweaks will also show every aspect of a user’s profile..” Not good. #
- “Protecting Sensitive Business Data on the iPad” http://bit.ly/cYPYim (via @Tony_Bradley @drinfosec) [Seems timely.] #
- #EDU woot…new forensic challenge out. http://bit.ly/bcFw87 (via @z0nbi @mubix) #
- Cisco Secure Development Lifecycle: An Overview http://bit.ly/9Znijy <- Be interested to see more (via @danphilpott) [Interesting.] #
- #NOVABLOGGER: SAS 70 and the Lies Auditors Tell http://bit.ly/aMTxQf http://j.mp/nispblog #
- #JOB DHS Offers Prospects 190 Cybersec Jobs as DHS Seeks to Fill 1,000 IT Security Positions http://bit.ly/ctGc1k #
- Firefox Plans Fix 4 Decade-Old Browsing History Leak http://bit.ly/blvR97 [CSS related. Every1 else also vuln.] #
- BLOGGED: Upcoming Conferences for April, May June http://bit.ly/aHeEcT #
- BLOGGED: Where You Want to Be This Week for 2010-04-05 http://bit.ly/8XHZ8J #
- “Privacy service knocked offline by ‘no bullsh*t’ registrar” http://bit.ly/bnls1v [GoogleSharing SSL cert revoked.
] # - Security is being driven by compliance, not protecting data. No shock there http://bit.ly/9ZAGnv (via @jack_mannino) [Agree.] #
- Exploits unneeded to attack via PDF files http://bit.ly/dmnsba – #patch2do (via @ksignal9 @InfoSec) [More probs for Adobe.] #
- OK brings in millions by selling personal data http://j.mp/cbNb4w [OSU sold PII w/ DOB in 19 cases] (via @DrInfoSec) [WTF!] #
- Students: Want 2 gain valuable experience this summer writing real Nmap code & earn $5,000 stipend? http://nmap.org/soc (via @nmap @ebellis) #
- #NOVABLOGGER: Network Time Protocol (NTP) Fun http://bit.ly/a357FL http://j.mp/nispblog #
- #NOVABLOGGER: Network Time Protocol (NTP) Fun http://bit.ly/9aqVig http://j.mp/nispblog #
- Cmts on FreePress article featuring @DrInfoSec: The article written by Dan Lineh.. http://j.mp/dyR7hM (via @DrInfoSec) #
- Child abuse frame-up backfires on stalker http://j.mp/bYkXQz (via @regsecurity) [Wow.] #
- #NOVABLOGGER: BeyondTrust Report on Removing Administrator: Correct? http://bit.ly/cIojEf http://j.mp/nispblog #
- #NOVABLOGGER: Defense Security Service Publishes 2009 Report on “Targeting U.S. Technologies” http://bit.ly/acR9uW http://j.mp/nispblog #
- Researchers Track Cyber-Espionage Ring to China http://j.mp/97CFWh [plot thickens?] (via @DrInfoSec) #
- NOVAINFOSEC TWITS: Friendly reminder.. NovaInfosec Twits list is opt-in. Find list & instructs 2 join at http://bit.ly/nisptwit. #
- #EDU Miracle on Thirty-Hack Street Answers & Winners Revealed @edskoudis @secureideas http://bit.ly/bEyy1B (via @ethicalhacker) #
- Comcast wins Net Neutrality case against FCC…..definitely not a good thing http://bit.ly/b4lPDj (via @jack_mannino) #
- NIST rel SP 800-122 Guide 2 Protecting Conf. of Personally Identifiable Information http://bit.ly/9oqsK0 (via @danphilpott) #
- Risk, Architecture & Development in SDLC http://bit.ly/cklBry (via @CSOonline) [Nice post. Build it in!] #
- #MEETUP Only 2 weeks until next Gentle Hacker’s Literary Salon featuring The Cyberiad Link 2 Amazon: http://bit.ly/bDbxR1 (via @hacdc) #
- #NOVABLOGGER: Cyber criminals getting specialized, FBI says http://bit.ly/cQfufO http://j.mp/nispblog #
- #NOVABLOGGER: Researchers Trace Data Theft to Intruders in China http://bit.ly/cGW4DF http://j.mp/nispblog #
- #CON Do you work near intersection of national security & cyber conflict? Check out InfowarCon 2010 http://j.mp/agctUT (via @bobgourley) #
- MalaRIA malicious RIA proxy released: http://j.mp/bogNIT (via @RSnake @jack_mannino) #
- RT @mubix @dragosr: I & many talk 2 agree. DEP + ASLR significantly raise difficulty bar to bug exploitation. http://bit.ly/atMkkZ #
- Maley: Here’s How Firing REALLY Went Down http://bit.ly/atMkkZ [The story continues.] #
- Maley: Here’s How Firing REALLY Went Down http://bit.ly/9tm1bn [The story continues. Correct link this time.] #
- CALENDAR UPD: INCMA Meetup http://bit.ly/aqkDqc http://j.mp/nispcal #
- CALENDAR UPD: ISSA DC Meetup http://bit.ly/aAsCKZ http://j.mp/nispcal #
- #NOVABLOGGER: Educational Videos http://bit.ly/bvryAT http://j.mp/nispblog #
- #NOVABLOGGER: Personal e-mail at work “OK”? http://bit.ly/aBLPtS http://j.mp/nispblog #
- Adobe Considers Changes to Mitigate PDF Attack http://j.mp/bXaxW5 (via @CSOonline) #
- Police cuff 70 eBay fraud suspects http://j.mp/bdrHAw (via @regsecurity) #
- iPad anti-virus shield guards against phantom threat http://bit.ly/d7s3NJ #
- #CON Just signed up for @PrivacyCamp on the 17th, you should go too. http://bit.ly/bUXmvy #privacy2010 (via @rybolov) #
- Where Do Security Pros Go to Get Back Their Online Reputation? http://bit.ly/ayv2li [Basic but def good idea 4 everyone.] #
- Researcher Details New Class Of Cross-Site Scripting Attack http://bit.ly/9mJASE (via @danphilpott) [Interesting. Tho new?] #
- Mozilla removes inactive RSA root certificate http://bit.ly/cGwgyZ #
- ADD YOUR CONS: Want to add your #con events to our calendar at http://bit.ly/nispcal? Contact us at http://bit.ly/nispcontact. #
- #NOVABLOGGER: Privacy Camp DC–April 17th http://bit.ly/bG8hJL http://j.mp/nispblog #
- #JOB @SRA_OneVault: We’re hiring: Cybersec Intel Anal TS/SCI http://bit.ly/bSijdP intrusion, hacker techniques,.. (via @Shpantzer) #
- Introducing QubesOS (by Rutkowska) http://bit.ly/a5smy1 [interesting; sandboxes apps] (via @DrInfoSec) #
- Reminder: OWASP VA Meetup @ Thu Apr 8 6pm – 9pm (NovaInfosecPortal.com Calendar) #
- VRT Matt’s PDF Primer http://bit.ly/cHLw1r (via @mubix) [Get 2 know the PDF format.] #
- iPad, Netbooks Can Remain in Carry-On http://bit.ly/9ERBIp [Great news for all those travelers out there.] #
- Cyberwar Buzzword Bingo Scorecard http://bit.ly/cfDrIj (via @kpoulsen @ChrisPaget @transzorp) [Awesome!] #
- #MEETUP Holy crap line up of talks 4 @NoVAHackers Dinner this mo rocks, everything fr hardcore attacking 2 con organization (via @mubix) #
- #NOVABLOGGER: I Am InfoSec, and So Can You http://bit.ly/cuTkU0 http://j.mp/nispblog #
- HELP US HELP U: Friendly reminder.. Support NovaInfosecPortal by purchasing thru 1 of our affiliates. More info at http://bit.ly/nisphelp. #
- #NOVABLOGGER: Microsoft Remote Desktop and Security http://bit.ly/9vP5uG http://j.mp/nispblog #
- Big Changes for the Security Bloggers Network http://j.mp/bX722y (via @ashimmy @mckeay) #
Well, that’s all for this week. Be sure to follow me on Twitter at @grecs for more great tweets during the week! See ya…
No related posts.
