If you’re not already following some of our excellent NovaInfosec Twits and are wondering where to get the best NoVA-, DC-, and MD-related security tweets, look no further than this post. Published every Friday, our “Infosec Ramblings” post takes many of my security tweets/RTs from the past week and puts them into one easy to digest post. And if you don’t want to wait an entire week, just stop on by my @grecs Twitter account.
There seemed to be quite a few cons and meetups this past week. Did you get to attend any of them?
- My review of Mandiant Incident Respose con (MIRcon) Day 2 http://j.mp/dCYn2y (via @greg_pendergast @taosecurity) #
- Reminder: ISSA DC Meetup @ Tue Oct 19 6:30pm – 8pm (NovaInfosecPortal.com Calendar) (via @novainfosec) #
- Reminder: NoVA Hackers Association Meetup @ Thu Oct 21 8pm – 11pm (NovaInfosecPortal.com Calendar) (via @novainfose) #
There’s also some upcoming meetups and cons for those of you who are interested.
- #MEETUP Hey folks! Don’t forget that the next #CapSecDC is next Wednesday, October 27th. Stay tuned for details! (via @capsecdc) #
- #CON Who will be attending #TechoForensics and/or #CSI2010 next week? (via @angelinaward) #
For those of you that don’t know, we have some pretty awesome infosec bloggers in the local area. You can check out some of their articles below.
- #NOVABLOGGER #JOB FYI NoVA/DC/MD: InfoSec Career Fair Tomorrow! http://bit.ly/cb9HWW http://j.mp/nispblog (via @novainfosec) #
- #NOVABLOGGER How We Used Iodine 2 Exfiltrate Data Out of Client’s Network During Pentest http://j.mp/aW7BDv (via @packetwerks) #
- #NOVABLOGGER RANT MODE = 1 http://bit.ly/d7Rrvo (via @alexhutton) [Love these rants, lol.] #
In case you missed them, here were some of our blog posts from this week.
- BLOGGED: Grecs’ Weekly Infosec Ramblings for 2010-10-15 http://bit.ly/aqcs4B #
- BLOGGED: Where You Want to Be This Week for 2010-10-18 http://bit.ly/axbAkE #
And it’s still Cyber Security Awareness Month … and here’s a quick summary of the tips SANS has been sending out.
- Cyber Security Awareness Month – Day 15 – What Teachers Need to Know About Their Students http://j.mp/9zhn7D (via @sans_isc) #
- Cyber Security Awareness Month – Day 16 – Securing a Donated Computer http://j.mp/d1ZrJx (via @sans_isc) #
- Cyber Security Awareness Month – Day 17 – What a boss should and should not have access to http://j.mp/aUsz2s (via @sans_isc) #
- Cyber Security Awareness Month – Day 18 – What U Should Tell Your Boss When There’s Crisis http://bit.ly/9tugnA (via @sans_isc) #
- Cyber Security Awareness Month – Day 19 – VPN and Remote Access Tools http://bit.ly/acsLfZ (via @sans_isc) [More to come for the 19th..] #
- Cyber Security Awareness Month – Day 19 – Remote User VPN Access http://bit.ly/d6GzcY (via @sans_isc) #
- Cyber Security Awareness Month – Day 19 – VPN Architectures – SSL or IPSec? http://bit.ly/awFfZl (via @sans_isc) #
- Cyber Security Awareness Month – Day 19 – Remote Access Tools http://bit.ly/9RFYzm (via @sans_isc) #
- Cyber Security Awareness Month – Day 19 – Remote User VPN Tunnels – to Split or not to Split? http://bit.ly/cpvjoA (via @sans_isc) #
- #MOBILE Cyber Security Awareness Month – Day 20 – Securing Mobile Devices http://bit.ly/cDf9B1 (via @sans_isc) #
- Cyber Security Awareness Month – Day 21 – Impossible Requests from the Boss http://bit.ly/cgHiNA (via @sans_isc) #
There were a few job/education related things posted.
- #JOB RT @frednecksec: Opening in group http://j.mp/d507Vr 186072 #nerccip #smartgrid <- doesn’t have 2 b in Columbia, MD. (via @Shpantzer) #
- #JOB SecurityJobs: IT Security Engineer (183501): Location: Frederick, MD http://j.mp/bDKAGM (via @CSOonline) #
- #JOB fyi, NoVA/DC/MD #Security #Seekers – free career fair in Arlington tomorrow night! http://j.mp/cL2ltU (via @falconsview) #
- #EDU Metasploit Unleashed Training Course by Offsec – Massive updates.. http://bit.ly/d6FoHa (via @dotrandomcode @jaysonstreet) #
Lots of government/regulatory happenings as well…
- The case for wiretapping the Internet: http://j.mp/9RgpOP (via @DarkReading) [Mmmm?] #
- NERC Requiring Power Companies to Mitigate Aurora Flaw http://j.mp/96YTFK [Wow, they've been working this for 3 years.] #
- Feds Say Agencies on Track to Use CyberScope http://bit.ly/cQSzb8 [I'm holding my breath.
] # - #NEWS Pentagon’s Insider Threat Push Offers Lessons for Enterprise http://bit.ly/9jUNUW #
- Court Strikes Down FB Probation http://j.mp/9xvbU7 “It is difficult .. to know when many trojans & viruses have struck.” #
- Predator Software Pirated? http://bit.ly/bPkcvl (via @schneierblog) [Mmm?] #
- Steady Approach 2 Critical Controls http://bit.ly/925czZ ["I won't say we were genius, but we created all of this.." cc @rybolov] #
- #NEWS GSA Awards 11 Vendors Spots on BPA 4 Fed Cloud Computing. Requires author by FedRAMP http://bit.ly/bmqPSo (via @danphilpott) #
- Future CyberPatriots Recruited at Workshop http://bit.ly/9Uogfx (via @mschafer) #
- #NEWS New US Gov Config Baseline (USGCB) Active Directory GPOs are Up http://bit.ly/8ZbzBR (via @danphilpott) #
Some interesting security tools and tips…
- Reddit user made a FF lockdown script: http://bit.ly/chVR3z – sorta like bastille linux for FF (via @mubix) [Nice.] #
- #TOOL Browser Scanner 2 Identify Security Issues http://bit.ly/caFYUD (via @ToolsWatch @jasonmoliver) [Interesting.] #
- Opt out fr 100 diff online profiling networks in 1 go http://bit.ly/aGG8pU (via @mikkohypponen @spacerog @jaysonstreet) [Interesting.] #
You can also keep yourself busy with these other interesting newsbites:
- CSA Consensus Assessments Initiative Questionnaire released! http://is.gd/g3lfH (via @cloudsa @danphilpott) #
- #MOBILE Espionage App Updated for Windows Phones http://j.mp/cF4ZSf [Can't wait for iPhone version.] #
- “Little Brother” is watching our “fragmentarian” society, & he is us http://j.mp/cZZTA3 (via @digiphile @mschafer) [Interesting.] #
- Schneier’s newsletter re police announcing narcotics checkpoint & then stopping cars who took next.. http://j.mp/bBWx9R (via @technogeezer) #
- #PRIVACY Surprise! Your “private” info still isn’t safe from Facebook app developers. http://j.mp/cmcUxx (via @GoldbergLawDC) #
- Killing Evercookie Part II – MobileSafari http://j.mp/aXVjui (via @singe @mubix) [Links 2 part 1 too for FF & Chrome.] #
- Evil Maid goes after TrueCrypt http://j.mp/9yyWXu (via @reversemode @jasonmoliver) [Interesting .. With PoC.] #
- Sly New Tactic Sneaks Hackers Past Security Dogs http://j.mp/cEurvG (via @regsecurity) [Seems to b popular this morning.] #
- #CLOUD Some Exciting News: CloudAudit Moves Under the CSA http://bit.ly/bGO3XH (via @Beaker @danphilpott) #
- Adobe Preps Sandboxing Tech to Fight Exploits http://j.mp/dwKt9I [Can't we just have a Reader Lite instead?] #
- Java Surpasses Adobe Kit as Most Attacked Software http://bit.ly/alIAUW [Hopefully most of us can just uninstall.] #
- Metasploit One Year after Rapid7 Acquisition http://bit.ly/a9QbNw #
- Announcing Metasploit Pro http://bit.ly/c84CBQ (Teams, Web Apps, VPN Pivoting..) (via @hdmoore @_Elwood_ @jaysonstreet) #
- Reported Attack Site! – Security Tool’s Latest Trick http://bit.ly/9VE6tQ [Nicely done.] #
- FaceTime 4 Mac Beta Opens Up Security Hole to Allow 4 Compromised Apple ID http://bit.ly/adtxnE (via @MacRumors @jasonmoliver) #
And in closing, who could forget the tweets of the week?
- I think renaming Echelon to Facebook was possibly the most effective re-branding exercise ever. (via @solearther @paperghost @quine) #
- zomg XKCD so gets tech support frustration! http://xkcd.com/806/ (via @falconsview) <- +1 #
- #TOTW Note to self: a tweet referring to “#2″ creates a hashtag that could be misinterpreted. (via @derekcslater) [Lol, nice!] #
- Best. Headline. Ever. “Seven Inches is Enough, RIM Tells Jobs” http://bit.ly/bmjdbQ (via @briankrebs) [Lolz.] #
Well, that’s all for this week. Be sure to follow me on Twitter at @grecs for more great tweets during the week! See ya…
No related posts.
Loading ...