Good afternoon everybody! I hope your day is going well. Here are today’s Interesting Information Security Bits from around the web.
- Modern Exploits – Do You Still Need To Learn Assembly Language (ASM) | Darknet – The Darkside
Yup. I agree with Darknet.org.uk’s stance. A little Assembly never hurt anybody and can be very helpful. Granted, many areas of InfoSec may not need it, but it sure doesn’t hurt.
- Initech, Inc. Risktical Ramblings
From the Post:
“As part of my goal of wanting to post some risk scenarios and accompanying assessments on the blog, I went ahead and posted a profile of a company (and one of its subsidiaries) over on the “Initech, Inc” page. Instead of having to write background and “given” information for each and every risk scenario – doing it once will save a lot of time.”
This is a really neat idea. I look forward to seeing what Chris will bring us in the future.
- KU: Technology Documentation:
Vi @jfug on twitter, a link to a good set of resources published by the security department at Kansas University. Some good stuff there.
- HiR Information Report: Make your own lock picks – Part 1
Ax0n has a series of articles that show you how to make you own set of lock picks. Nifty.
- DecaffeinatID: A Very Simple IDS / Log Watching App / ARPWatch For Windows
DecaffeinatID has been updated. Go take a gander.
- Neopwn, the World’s First Pentesting Mobile Phone
** Posted using Viigo: Mobile RSS, Sports, Current Events and more ** thefanboy writes “What do you get when you cross BackTrack Linux apps with a mobile phone? This is the first ever publicly available mobile phone running a full custom Linux network auditing distribution, and it runs it surprisingly well. One can literally go from phone to pwn in 2 seconds. Based off of the Openmoko Neo Freerunner, many steps have been taken to compensate from the lack of a QWERTY keyboard with automation scripts, dialogs, and a point-and-pwn menu. It runs applications such as Metasploit and the Aircrack suite quite well, especially given the fact that it supports a wide array of USB WLAN cards.”
Read more of this story at Slashdot.
- McAfee offers $465 million for Secure Computing | News – Security – CNET News
More consolidation in the information security vendor space.
- IT Security Expert: Eugene Kaspersky on the Latest Malware Trends
Dave Whitelegg had the opportunity to talk with Eugene Kaspersky recently.
- VMWare issues “critical” ESXi security advisory – Zero Day – ZDNet.com
Ryan Naraine points out on the Zero Day blog that VMWare has issued a critical ESXi security advisory. Time to patch folks.
- 1 Raindrop: Mark Curphey On Builders and Breakers
Gunnar writes about builders vs. breakers. He references Security Buddha’s excellent article on the same subject. Both are worth reading.
That’s it for today.