INFOSEC SCOPE CREEP: I’m sure many in NoVA have come across this situation. Here’s how to deal. http://tinyurl.com/69wrt6 # DISGRUNTLED EMPLOYEES: Something to consider. http://tinyurl.com/6juspy # COVERUP: Vulns aren’t issue here. It’s the suppression. http://tinyurl.com/6xkmgd #
Read more »

PEN TEST DEBRIEF: Nice review of a pen test. http://tinyurl.com/5fb9cy # PERSPECTIVES: Looks like a nice Firefox plugin to make it little easier to deal with all those self-signed certs. http://tinyurl.com/5gym27 # CSO to CFO: Interesting idea. Make the people who won’t give us money responsible for infosec. http://tinyurl.com/5tx7zq # SANS FORENSICS/IR NOTES: Richard Bejtlich’s notes from...
Read more »

SCAREWARE GALORE: These have been cropping up a lot lately. http://tinyurl.com/5w592x http://tinyurl.com/56h3z4 # Internet-Scale MITM: Same concept as disclosed at Defcon. http://tinyurl.com/5pghz4 Here’s a possible solution. http://tinyurl.com/6dnqls # IPHONE VPN: Good but I hope securing it doesn’t become an integration nightmare. Apple needs to step up. http://tinyurl.com/6obsa6 #
Read more »

NEWSBITES: Yep, it’s out again. http://tinyurl.com/5p5xc6 # INSECURE WEBAPP ALERT: Nice new service. http://tinyurl.com/5coy56 # ELECTION & INFOSEC: Havn’t seen much in this area. Remember seeing dems having something. http://tinyurl.com/6cl7sb # PWC STUDY: Obvious; worth aread http://tinyurl.com/5h8bcw #
Read more »

PERFECT CLIENT: Encapsulation options could include MokaFive and MojoPac. #
Read more »

ORACLE TOO: Wow, admins hit hard this week. http://tinyurl.com/5xdrzm # SECURITY SUITES REACT: As expected Secunia’s report is being attacked. http://tinyurl.com/4gfvwj # WATCH OUT SNORT: Gov funding for next gen IDS. Why? http://tinyurl.com/4u46w9 # ANOTHER CLICKJACKING STORY: Couldn’t pass this one up because of its great title. http://www.securityfocus.com/news/11535 # 09 PREDICTIONS: Predictions season is already upon us. http://tinyurl.com/4wdch7...
Read more »

ANTI-AV TOOL: PaulDotCom list mentioned a tool called PE-Scrambler. Looks interesting. Think link is http://www.rnicrosoft.net (clever domain). # EXPLOIT PREDICTION: Article on how MS is rolling out a exploitability rating for patches today. http://tinyurl.com/4k5z7v # DARKMARKET.WS FBI STING: FBI has been running this site for 2 years and seem to have had a lot of success...
Read more »