NovaInfosecPortal.com

We finally started incorporating some social networking features into the site. As a previous blog post stated, we added the Share This button to our posts and pages. And just this weekend we finally incorporated our novainfosec Twitter account into the site. By following this account you’ll get tweets of new blog posts. Additionally, this works in reverse … so anything we tweet to the Twitter novainfosec account will show up as a blog post. We promise that this reverse capability isn’t going to get overloaded with what we’re eating for breakfast (for stuff like that you can follow my personal infosec Twitter account - grecs). We plan on using the novainfosec tweets for posting on-the-fly important updates when we don’t have access to a computer. We’re all sort of new to this Twitter thing so if you have any suggestions please let us know in the comments below.

rybolov has put up another great commentary on NIST’s recent publications … this time regarding the draft of SP 800-37 R1 - Guide for Security Authorization of Federal Information Systems. Check out his post on The Guerilla CISO.

A few weeks back I noticed a great little CSI newsletter being passed around the office that provided links to three great guides on how to lock down your profiles on MySpace, FaceBook, and LinkedIn. As a paranoid security person I’ve severely restricted my activities on these sites but have always yearned after the possible networking opportunities. Using these guides you can somewhat minimize the risks associated with putting your personal information online. I haven’t tried any of the suggestions yet but I’m guessing that if you implement them all, it probably makes the service a lot less usable. Such is the tradeoff between security and usability… When skimming the guides I was shocked to discover the one site I thought was most secure, LinkedIn, actually had the least amount of security controls in place. I’m still treading lightly but maybe you’ll see me more active on these sites some day. Here are links to the guides: MySpace, FaceBook, and LinkedIn.

You may want to pass these nice little guides around to any family and friends so they can tighten down their profiles as well. Also for anyone out there that uses these services more than I do, what do you think of these guidelines? Will they severely limit their usability?

As many of you probably already know SANS will be running the SANSFIRE infosec conference event later this month. Here are the logistics for this year’ conference: (more…)

I came across the “Hack” part of the “Hack-or-Halo” challenge for this year’s ShmooCon on White Wolf Security’s web site. (more…)

Learn Security Online has released an infosec hacking challenge event titled “CrackMe 0×03.” (more…)

Ed Skoudis’s Monthly Challenges has released an infosec hacking challenge event titled “It Happened One Friday.” (more…)

We’ve added a new training resource section that will provide an in-depth look into hacking challenges, courses, conferences, and formal university education options for infosec professionals based in or around the Northern Virginia (NoVA) area.

We’ve added a new NoVA Email Lists/Networking resource section that will provide an in-depth look into email lists, forums, and social networking options for infosec professionals based in or around the Northern Virginia (NoVA) area.

We’ve added a new Career Development resource section that will provide an in-depth look into security career options for infosec professionals based in or around the Northern Virginia (NoVA) area.