If you’re not already following some of our excellent NovaInfosec Twits and are wondering where to get the best NoVA-, DC-, and MD-related security tweets, look no further than this post. Published every Friday [except today], our “Infosec Ramblings” post takes many of my security tweets/RTs from the past week and puts them into one easy to digest post. And if you don’t want to wait an entire week, just stop on by my @grecs Twitter account.
[Was hoping to clean this up some but my real job is killing me right now. It being almost the end of the week, I at least wanted to get this out because I'll have a new one to work on tomorrow.]
- #NOVABLOGGER: Grecs’ Weekly Infosec Ramblings for 2010-04-08 http://bit.ly/cIjKP4 http://j.mp/nispblog #
- BLOGGED: Grecs’ Weekly Infosec Ramblings for 2010-04-08 http://bit.ly/cIjKP4 #
- #JOB Are You Making a Security Career or Working a Job? http://j.mp/aB3R7B (via @CSOonline) #
- NoVAHA! mailing list – http://j.mp/agn5o5 (via @mubix) #
- #NOVABLOGGER: Nothing is clearly better than something, sometimes: A Security Parable http://bit.ly/bukOhP http://j.mp/nispblog #
- #JOB M looking for 4 SW Engineer (Platform Dev) http://bit.ly/cMv1O4 – full list of opps http://bit.ly/dbAzzy (via @Mandiant @Shpantzer) #
- Qubes OS: The Bento Security Model in Action http://j.mp/cOIigJ (via @CSOonline) [More in this interesting OS.] #
- DHS Testing Einstein 3 http://j.mp/bpyZVT (via @IBMFedCyber) #
- Secure coding starting 2 get through 2 software devs? @Fortify cmts on Errata Sec’s research: http://j.mp/bExu7d (via @mschafer) #
- who’s coming to SANS NoVA SANS@Night Friday? (via @Shpantzer) [I think there will b an interesting preso that night.
] # - #JOB Sourcefire hiring Security Consultant in DC – must have TS. http://j.mp/bI8DGp resumes please!” (via @JoelEsler @VRT_Sourcefire) #
- #NOVABLOGGER: Top 3 NoVA Infosec Blog Posts of the Week http://bit.ly/9FHDMO http://j.mp/nispblog #
- BLOGGED: Top 3 NoVA Infosec Blog Posts of the Week http://bit.ly/9FHDMO #
- #JOB Mandiant looking 2 hire recent grads in infosec http://j.mp/aPdy23 @securitytwits @owaspdc @OWASPNoVA (via @securitytwits @wadew) #
- All 4,000 US Air Marshalls mk 4 arrests/yr. ~ $200,000,000/arrest: http://j.mp/dx3bG0 (via @mikkohypponen @dallendoug) #
- Final: MS Security Compliance Toolkit http://j.mp/bKyukX (via @rhalbheer @bvPredator) [Wish would have named something else.] #
- hmmm… heard this morning that downtown is going to be insane Sun-Tue… big mtg btwn nuc powers heads of state… (via @falconsview) #
- Is China testing cyber-nukes? http://j.mp/cR6zCH (via @cyberwar) [Interesting. Prob has been around & known since 90s.] #
- Rogue AV Localization Fail http://j.mp/arFG06 (via @FSLabs) [Nice. 5 refreshes -> 5 diff AV scams.] #
- IN CASE U MISSED IT: Top 3 NoVA Infosec Blog Posts of the Week http://bit.ly/baTFuo #
- IN CASE U MISSED IT: Grecs’ Weekly Infosec Ramblings for 2010-04-08 http://bit.ly/crMu8s #
- Hundreds of WordPress blogs hit by “networkads.net” hack. http://j.mp/908a4q (via @briankrebs) #
- Mass infection of wordpress blogs hosted at Network Solutions http://j.mp/d5eCcD (via @ThisIsHNN) [W/ content 2 look 4 in ur DB.] #
- Java Bug Exposes Users 2 Serious Code-Execution Risk http://j.mp/dBl67D [Uninstall quickly. What % of sites even use anymore?] #
- Defense contractors battle ‘relentless’ online assaults http://j.mp/aUbsKZ [concerning, but to be expected] (via @DrInfoSec) #
- Escape from Shmoo: a zombie tragedy http://j.mp/cnHJsf (via @hadesarrow @schuetzdj) #
- 4000th tweet twilosophy: rel IS/priv news & cases; QOTDs; tweeting w/ IS/priv friends. No bull, no ads, ~10 tweets/day. (via @DrInfoSec) #
- HD Moore’s law: The # of exploits that can b found inexpensively on #Adobe #Acrobat has doubled approx every 2 yrs (via @dallendoug) #
- Why Responsible Vuln Disclosure Is Painful & Inefficient http://j.mp/aEMzwZ (via @kpyke) [Doing right thing is often hard.] #
- #NOVABLOGGER: Investigating a Phishing Attack http://bit.ly/biNBk9 http://j.mp/nispblog #
- #NOVABLOGGER: Bank of America Employee Charged With Planting Malware on ATMs Read More http://bit.ly/dykWnX http://j.mp/nispblog #
- #NOVABLOGGER: Ruby OptionParser Library http://bit.ly/bUHhn8 http://j.mp/nispblog #
- ICPP Copyright Foundation is Fake http://j.mp/b5xa4o [Nice malware analysis.] #
- #NOVABLOGGER: LearnSecurityOnline Advanced Penetration Testing Course http://bit.ly/dxrUAN http://j.mp/nispblog #
- #NOVABLOGGER: Barcode Hacking Process http://bit.ly/bQEsEo http://j.mp/nispblog #
- #NOVABLOGGER: Missing the Point … Again. http://bit.ly/aOIMyK http://j.mp/nispblog #
- The Apple way of (in)security http://is.gd/bq1Lr (via @CSOonline) [Nice write-up on security pros/cons of closed platform.] #
- #MEETUP Tomorrow is HacDC’s Annual Meeting. 7:30 PM at HacDC World Domination Headquarters. (via @hacdc) #
- Reminder: Security in the Clouds @ Wed Apr 14, 2010 (NovaInfosecPortal.com Calendar) #
- NIST Issues Privacy Guidance SP 800-122 http://j.mp/apNeFN [only 59 pages] (via @DrInfoSec) #
- 1 of my new fav sources of infosec/hacking info: http://infosecevents.net/ (via @pauldotcom) [Great #MEETUP #CON listing.] #
- Network Solutions mops up after mass WordPress breach http://j.mp/98dDaJ #
- #NOVABLOGGER: Stormtroopers365.com http://bit.ly/b0Kifr http://j.mp/nispblog #
- #NOVABLOGGER: Iowa bank compromised, serving exploits http://bit.ly/952Tp1 http://j.mp/nispblog #
- ‘Design flaw’ led to WordPress attacks http://j.mp/cwGxyW [More details on attack + how to detect if hacked.] #
- GAO Dissects FDCC, TIC Initiatives; Benefits Not Fully Realized. http://j.mp/bRuAlJ [Nice read.] #
- Dan Geer on Advanced Persistent Threats http://j.mp/9jeyzA [great read] (via @DrInfoSec) #
- How security professionals monitor their kids http://j.mp/bpZjoJ (via @CSOonline) [Interesting read.] #
- Opera on the iPhone http://j.mp/9G5MGz (via @jack_mannino) [This'll b interesting.] #
- #NOVABLOGGER: Decompiling Jar Files http://bit.ly/doAV2f http://j.mp/nispblog #
- #NOVABLOGGER: Where You Want to Be This Week for 2010-04-12 http://bit.ly/bdfRWX http://j.mp/nispblog #
- Twitter has plan 2 monetize thru Promoted Tweets http://j.mp/aCFiwv. Anyone else think this is a terrible idea? (via @pmhesse) #
- BLOGGED: Where You Want to Be This Week for 2010-04-12 http://bit.ly/bdfRWX #
- Twitter to start pushing advertising to users http://j.mp/b4F6XY (via @CSOonline) [Some analysis.] #
- Apache.org get’s hacked using XSS http://j.mp/cKibt1 (via @kineticfury) [Other big news this morn.] #
- NOVAINFOSEC TWITS: Haven’t mentioned in while. Localized vs of @securitytwits. We’d love 2 have u. http://bit.ly/nisptwit #
- IN CASE U MISSED IT: Where You Want to Be This Week for 2010-04-12 http://bit.ly/902LTa #
- Reminder: InfraGard NCMA Meetup @ Wed Apr 14 6pm – 8pm (NovaInfosecPortal.com Calendar) #
- #NOVABLOGGER: Redefining reality through redefinition of words: 0days http://bit.ly/cjLdoS http://j.mp/nispblog #
- it’s crazy to me that .. “basic” security advice 4 end-users is largely unchanged in, what, 15 years? (via @falconsview) [So true.] #
- Microsoft April 2010 Patch Tuesday http://j.mp/aYEpra (via @sans_isc) [I almost forgot. Anyway, nice overview as usual.] #
- #shodan upd: new website, more data & various fixes http://www.shodanhq.com/ (via @hdmoore @achillean @jaysonstreet) #
- April 2010 Vulnerability Report http://j.mp/d0ATW7 (via @VRT_Sourcefire) [Nice vid summary.] #
- Microsoft, Adobe, Oracle unite with massive patch batch http://j.mp/bn1fyL (via @regsecurity) [Wow, busy day.] #
- #NOVABLOGGER: Quick Poll On Long-Term Value http://bit.ly/d1HnB8 http://j.mp/nispblog #
- #NOVABLOGGER: Buby.kicks_ass? => true http://bit.ly/a7m6yv http://j.mp/nispblog #
- #NIST #FISMA Project Mgr Ron Ross Named to 2010 Fed 100 List http://bit.ly/aRvZU9 <- Ron’s earned this accolade (via @danphilpott) #
- FITSP: New Certification for Fed Security Pros. http://bit.ly/9KMClJ (via @InfosecCareer) [Mmmm? Another cert.] #
- Unpatched Java Exploit Spotted In-the-Wild http://bit.ly/a3xSfy (via @briankrebs) #
- ADD YOUR MEETUPS: Want to add your #meet up events to our calendar at http://bit.ly/nispcal? Contact us at http://bit.ly/nispcontact. #
- Researcher Shows New Clickjacking Methods http://bit.ly/aup4RO [There's always something new to play with.] #
- Internet abuzz with BitTorrent bypass code http://bit.ly/dzWOmp [Can't beat the name of this code.] #
- NSA to spend $902mn on info assurance http://bit.ly/cqDhlH (via @DarkReading) [See what they plan to spend it on too.] #
- RT @mckeay: Tweet 10K: Quit thinking of PCI (& compliancy) as an obstacle, start thinking of it as stepping stone on ur path 2 real security #
- Reminder: NoVA Hackers Association Meetup @ Thu Apr 15 5:30pm – 8:30pm (NovaInfosecPortal.com Calendar) #
- RT @Shpantzer: If sectwits raises $3000 for HFC by bsides boston, I will present in sunglasses. And a mohawk. #bsidesmohawk #
- See LTG Alexander talk Cybercom: Streaming video http://bit.ly/byUpDM (via @bobgourley) #
- #CON SecureAmericas Conference is scheduled for 5/24-25 at Crystal City Marriott. Anyone know if it is good? #
- ADVERTISE W/ US: Friendly reminder.. NovaInfosecPortal is always looking 4 local advertisers. More info at http://bit.ly/nispadvert. #
- #NOVABLOGGER: Monitor Network Traffic in Firefox with HttpFox http://bit.ly/dyOgRi http://j.mp/nispblog #
- #MEETUP #NoVAHA! Dinner tonight is going 2 b pimp.. 9 talks Web Hacking, Android Reversing, Metasploit, GPS, etc (via @mubix) #
- NSA Director Keith Alexander Comes Under Friendly Fire: http://bit.ly/9FSzEz [Summary of today's hearing.] #
- Reminder: PrivacyCampDC Conference @ Sat Apr 17, 2010 (NovaInfosecPortal.com Calendar) #
- Finally md it to #novahackers. Missed first 2 talks but listening to @falconsview talking about BSides. Will there b 1 locally? #
- SecurityBSides.com 4 more info. #novahackers #
- Next up is talk on GPS forensics. Go Lukus. #novahackers #
- Demos of BlackThorn ($) & POIEdit (free) getting data fr TomTom. Oh, and he passed the CISA exam. #novahackers #
- Geo info in iPhone using exifprobe & sqllite. #novahackers #
- Next up Lotus Domino & MetaSploit by @carnal0wnage. Wrote module to get vs info plus.. #novahackers #
- Facebook Fail by @theharmonyguy up next. Lots of gr8 stuff incl double iframes. Core prob is apps. Core platform itself too. #novahackers #
- Lots of other cool stuff at #novahackers. Join the list for more info. #
- Good times at #novahackers tonight. Lots of smart peeps are doing lots of smart things. Learned alot! #
- #NOVABLOGGER: Last Chance for TCP/IP Weapons School 2.0 in Las Vegas http://bit.ly/cvCRzQ http://j.mp/nispblog #
- #NOVABLOGGER: Bejtlich on Visible Risk Podcast http://bit.ly/bbuSZq http://j.mp/nispblog #
Well, that’s all for this week. Be sure to follow me on Twitter at @grecs for more great tweets during the week! See ya…
No related posts.
