Grecs’ Weekly Infosec Ramblings for 2010-04-29

If you’re not already following some of our excellent NovaInfosec Twits and are wondering where to get the best NoVA-, DC-, and MD-related security tweets, look no further than this post. Published every Friday, our “Infosec Ramblings” post takes many [all in this case ] of my security tweets/RTs from the past week and puts them into one easy to digest post. And if you don’t want to wait an entire week, just stop on by my @grecs Twitter account.

[Just a quick note... Real work is still bogging me down. I hope to make these posts more organized in the future. But until then I hope you all find some use from this tweet dump. ]

• #NOVABLOGGER: Grecs’ Weekly Infosec Ramblings for 2010-04-22 http://bit.ly/9oL0O6 http://j.mp/nispblog #
• BLOGGED: Grecs’ Weekly Infosec Ramblings for 2010-04-22 http://bit.ly/9oL0O6 #
• Gartner Outlines Six Most Common Virtualization Security Risks http://j.mp/b64N88 (via @DrInfoSec) [Nice analysis overall.] #
• How to opt out of Facebook’s Instant Personalization (with tutorial video) http://j.mp/9I0KGQ (via @EFF @jad_va) #
• PasswordCard Hides Mentally Encrypted #Passwords in Your Wallet http://j.mp/bjN3ud (via lifehacker) <- Interesting (via @danphilpott) #
• #CON MetriCon 5.0 announcement & CFP has been posted by @arj, a security metrics con: http://j.mp/dtIIaj (via @danphilpott) #
• IN CASE U MISSED IT: Grecs’ Weekly Infosec Ramblings for 2010-04-22 http://bit.ly/bwpQVP #
• #JOB Any data analysts looking 4 great job in baltimore area? basically fraud detection thru data mining, msg @rgaucher if interested #
• #NOVABLOGGER: CBS Report on Cybersecurity http://bit.ly/941yU9 http://j.mp/nispblog #
• Verizon dubs sec researchers ‘narcissistic vulnerability pimps’ http://j.mp/9xPHhK (via @regsecurity) #
• Lost iPhone prototype spurs police probe http://j.mp/au17Pb (via @bobgourley) [The saga continues.] #
• Copy Machines, a Security Risk? http://bit.ly/d5wmRw (via @bobgourley) [Report from CBS News in case you missed it.] #
• See Mudge & Schmidt in this vid upd on Cyberspace Security bit.ly/d7Uoyu Much more balanced than most reporting on cyber. (via @bobgourley) #
• Website Shares User Credit Cards with World+Dog http://bit.ly/aD8PZK [Seemed to b a Google cache problem.] #
• Thanks for the #FF from @bvpredator @jabra!!! #
• Reverse-Engineering Artist Busts Face Detection Tech http://j.mp/a7XcAu (via @curphey @rgaucher) [Interesting read.] #
• #NOVABLOGGER: Snort Near Real Time Detection Project http://bit.ly/9YPmjF http://j.mp/nispblog #
• #NOVABLOGGER: Thoughts on New OMB FISMA Memo http://bit.ly/cJCz1G http://j.mp/nispblog #
• #NOVABLOGGER: Review of The Rootkit Arsenal Posted http://bit.ly/bNFYIX http://j.mp/nispblog #
• How Young Upstarts Can Get Their Big Security Break in 6 Steps http://j.mp/d2GjGr [Awesome read & gr8 career advice.] #
• Expect OMB memo soon on US Gov Config Baseline (USGCB), future of the FDCC http://bit.ly/dCPzqU (via @danphilpott) #
• 4 those of U who actually want 2 delete FB acct & not just deactivate it: http://bit.ly/91AOeq (via @hackernewsbot @evejou) #
• Microsoft researcher: don’t bother changing your password.
  http://j.mp/aFSuRI (via @GoldbergLawDC) [Here we go again.] #
• #JOB Security Career Problem 7: Perspective Stuck in Box http://j.mp/b2Ukch [Nice article. Need 2 go back & read 1st 6 now.] #
• #NOVABLOGGER: Rebutting Cyberwar Rhetoric http://bit.ly/cGbijx http://j.mp/nispblog #
• Bye-bye to normal Twitter authentication. Only Oauth will be allowed soon. http://bit.ly/aQuUPX #
• CALENDAR UPD: Metricon Conference http://bit.ly/aIeB9g http://j.mp/nispcal #
• CALENDAR UPD: USENIX Security Symposium http://bit.ly/cIfKKY http://j.mp/nispcal #
• McAfee Promises 2 Reimburse Consumers 4 Bad Upd http://j.mp/cXRXGK [Need 2 reimburse businesses too. That's where real $ was lost.] #
• #NOVABLOGGER: Where You Want to Be This Week for 2010-04-26 http://bit.ly/c7v7Qj http://j.mp/nispblog #
• #NOVABLOGGER: Charting Cybercrime http://bit.ly/aH40mT http://j.mp/nispblog #
• BLOGGED: Where You Want to Be This Week for 2010-04-26 http://bit.ly/c7v7Qj #
• MS Security Intelligence Report Vol 8 covering threat landscape in H2 2009 http://j.mp/dzH1oy (via @msftsecresponse @danphilpott) #
• IN CASE U MISSED IT: Where You Want to Be This Week for 2010-04-26 http://bit.ly/csAcbx #
• #NOVABLOGGER: Android Emulators with Android Market http://bit.ly/blaSQ1 http://j.mp/nispblog #
• #NOVABLOGGER: Android Emulators with Android Market http://bit.ly/bqSRKS http://j.mp/nispblog #
• IronKey Rolls Out Secure Online Banking USB Drive http://j.mp/agOIVN [interesting but time will tell if it holds up] (via @DrInfoSec) #
• #JOB @Beaker’s perspective on getting ahead fr 07: How 2 Kick Ass in Infosec http://j.mp/d89POy (via @BillBrenner70 @ebellis) #
• Users’ Passwords Exposed by Splunk http://j.mp/bLsqB7 (via @regsecurity) #
• #NOVABLOGGER: Sens. press Facebook on giving data to advertisers http://bit.ly/aGKR3B http://j.mp/nispblog #
• #JOB RT @SecureSun: Looking for code reviewers in DC and NY – full time or contract work…ping me! (via @securitytwits) #
• 7th Annual (ISC)2 Gov InfoSec Leadership Awards (GISLA) Nominations R Open http://bit.ly/c1WPji (via @danphilpott) #
• Police seize Gizmodo’s computers in iPhone probe http://bit.ly/cuTmEO (via @Nathiet) [In case you missed this.] #
• OMB orders Fed agencies to adopt real-time approach 2 cyber threats http://bit.ly/bghaLh (via @BreakingPoint @rockyd) [More on this.] #
• NoSQL – Not The End Of RDBMS http://bit.ly/9Ooxov (via @timftutt) #
• Hunt begins for next generation of security pros http://bit.ly/bzdmZG [hunt?] (via @DrInfoSec) [Want a job in the UK?] #
• NOVAINFOSEC TWITS: Haven’t mentioned in while. Localized vs of @securitytwits. We’d love 2 have u. http://bit.ly/nisptwit #
• Reminder: ISSA Baltimore Meetup @ Wed Apr 28 4:30pm – 7:30pm (NovaInfosecPortal.com Calendar) #
• SNOsoft Research Team: Hacking Your Bank: http://bit.ly/bWvTJ5 (via @mushy99 @jaysonstreet) [Nice post.] #
• Security: Get the Board on Board http://bit.ly/aECWmK [good read] (via @DrInfoSec) [And true. ] #
• #NOVABLOGGER: The Browser Security Handbook http://bit.ly/bHwtCh http://j.mp/nispblog #
• CIA Unveils Its 5-Year Plan 4 Cybersecurity http://bit.ly/9Kx6NO (via @DarkReading) #
• What to say when users ask how to tell if a site is safe http://bit.ly/co3kGv (via @DarkReading) [Good summary.] #
• Reminder: NoVA Hackers Association Meetup @ Thu Apr 29 11:30am – 1pm (NovaInfosecPortal.com Calendar) #
• McAfee Offering Compensation 2 Bizes Hit by Faulty AV Upd http://bit.ly/c1uA0z [Nice but subscription doesn't cover all OT costs.] #
• #MEETUP holy crap, we have 8 talks lined up for May’s @NoVAHackers already… (via @mubix) #
• #MEETUP It’s been long month hasn’t it? @CharmSec 24 is this Thur, the 29th, at @SlaintePub. Join us. (via @charmsec) #
• “The 16 Coolest Twitter Infographics On The Web” http://huff.to/bPe2Oc (via @jaysonstreet) [Some interesting pics.] #
• Spammers Paying Others to Solve Captchas http://nyti.ms/byTzKj [$0.80-$1.20 / 1,000 captchas] (via @DrInfoSec) [Frustrating.] #
• ADD YOUR MEETUPS: Want to add your #meet up events to our calendar at http://bit.ly/nispcal? Contact us at http://bit.ly/nispcontact. #
• Reminder: CharmSec Meetup @ Thu Apr 29 7pm – 10pm (NovaInfosecPortal.com Calendar) #
• Costs of Data Breaches 2X as High in U.S. than in Other Countries http://bit.ly/dmu1Ol [We're just reporting more.] #
• What it takes for Security Pros to Build their Online Brand. http://bit.ly/9CjTUm [Lots of gr8 tips.] #
• Nice 3 part writeup on this year’s CCDC Nationals http://bit.ly/9fd196 (via pauldotcom). #
• #NOVABLOGGER Lawyers, Guns & Money: A Musical Infosec Cautionary Tale http://bit.ly/btHDtK http://j.mp/nispblog [Mostly a local 1. ] #
• Thanks, Twitter…4 ability 2 insert malicious code right in2 a tweet! .. http://bit.ly/a4rUMS (via @0ph3lia @timftutt) [<facepalm>] #
• Infamous Storm Worm Stages a Comeback http://bit.ly/cO3ZOW (via @briankrebs) [Don't call it a comeback. ] #
• Evidence that enforcement (consequences) is more important than awareness. http://bit.ly/atNp9U (via @falconsview) [Interesting] #
• Dissecting Latest MS Security Intel Report http://bit.ly/cnL0qE ["Keep your installed software patched to current levels."] #
• San Francisco Password-Hijacker Found Guilty http://bit.ly/9IsshL [In case U haven't seen.] #
• #JOB Looking 4 on-site eLearning Instructional Designer 2 help design cyber attack courses. (via @bbaskin @charmsec) #
• #NOVABLOGGER: Vuln Disclosure Summarized http://bit.ly/dBoUWY http://j.mp/nispblog #
• #NOVABLOGGER: Blame the Bullets, not PowerPoint http://bit.ly/b5PjAe http://j.mp/nispblog #
• Symantec Buys PGP & GuardianEdge http://bit.ly/9R5ZvI (via @nselby @Shpantzer) [Market consolidation continues.] #
• BackTrack Used by the NSA http://bit.ly/9DItRl (via @nselby @DaveMarcus @jaysonstreet) [Cool.] #
• Agencies Wrestle w/ Cybersec’s Harsh Realities http://bit.ly/bga9p2 <- “looking at risk-based approaches, not perfection” (via @IBMFedCyber) #
• Fake Twitter Email Continues 2 Plague Inboxes http://bit.ly/9sFuYY [be careful] (via @DrInfoSec) [<- What he said.] #
• Hackid Events http://bit.ly/cydgx7 – pls RT, lets get kids started hacking early, ..(via @mubix) [Cool.] #
• GSA Launches Short-URL Service http://bit.ly/cmNNz5 (via @Nextgov @IBMFedCyber) [Wonder if it's branded Bit.ly Pro account? ] #
• #CON FedScoop Cybersecurity Leadership Summit Summary http://bit.ly/bga9p2 [Just a sum of yesterdays activities.] #
• Why Doesn’t Windows Include Native PDF Reader Support? http://bit.ly/bIV0w3 [Basic 1 w/o ability 2 run exe's/JS, play sound, etc.] #
• Apple’s Jobs Criticizes Flash’s “Closed System” http://bit.ly/b4Q6wI [Pot/kettle/black thing..] #
• April’s Cyber Threat Landscape in Images http://bit.ly/99oDDW [good 4 #awareness] (via @DrInfoSec) [Nice gallery.] #
• A Closer Look at Rapport from Trusteer http://bit.ly/dakDJI (via @briankrebs) [Intersting; hadn't heard of b/f.] #
• #NOVABLOGGER: Android Emulator & BurpSuite http://bit.ly/aUVwEl http://j.mp/nispblog #
• ADVERTISE W/ US: Friendly reminder.. NovaInfosecPortal is always looking 4 local advertisers. More info at http://bit.ly/nispadvert. #
• #NOVABLOGGER: FireFox Add-Ons for Better Security http://bit.ly/dpsi76 http://j.mp/nispblog #
• Feds Will Get Own Social Network – “FedSpace” http://bit.ly/btIlut (via @digiphile @danphilpott) [Nother social net 2 keep up w/ ] #
• RT @Shpantzer RT @TiffanyRad Any1 in DC want 2C @reversespace b4 opening? Stop by Sat afternoon & unload/build furniture/eat. Ping 4 addy #

Well, that’s all for this week. Be sure to follow me on Twitter at @grecs for more great tweets during the week! See ya…

No related posts.

Tags: digest, grecs, twitter