Interesting Information Security Bits for July 21st, 2008

July 21, 2008

And we’re off.

From the Blogosphere

Via F-Secure’s blog, a discussion of what needs to happen to exploit the Microsoft Access Viewer vulnerability under a couple of different scenario’s. Worth a look.

Gunnar Peterson has an pointed view of outside vs. inside as it applies to our enterprise networks. I won’t spoil it for you since it is a good read.

Jeramiah has survey up for Web Application Security Professionals. He will be releasing the results in the near future. I took it and so should you if you have anything to do with WebApp security. Good questions.

Via Wesley McGrew, Princeton released their tools for dumping and retrieving keys from memory after a cold boot. There was a bit of twittering going on about these tools during The Last Hope conference. Intersting stuff.

Via DevCentral, a new Google tech talk is up. This time covering SQL injection, XSRF, and XSSI. Good stuff.

LearnSecurityOnline has released Crackme 0×04 for us to solve.

TaoSecurity has a perspective on the recent DNS vulnerability that is worth reading.

The tisecurityguy brings to our attention an open source tool for tracking your laptop should it be stolen. As he says, “best of all, it’s open source, which means free.”

From the Newsosphere

DarkReading: The U.K.’s Ministry of Defence lost some USB sticks….with secret information on them.

DarkReading: Damballa Inc. is to release and new tool for malware analysis at Black Hat 2008 in Las Vegas. Free to enterprises and vendors.

Information Week: RIM has fixed the BlackBerry Enterprise Server pdf vulnerability.

That’s all folks. Have a great day.

Kevin

Technorati Tags: , , , , , , ,


Follow

Get every new post delivered to your Inbox.