Interesting Information Security Bits for 09/22/2008

Good afternoon everybody! I hope your day is going well. Here are today’s Interesting Information Security Bits from around the web.

  1. Modern Exploits – Do You Still Need To Learn Assembly Language (ASM) | Darknet – The Darkside
    Yup. I agree with Darknet.org.uk’s stance. A little Assembly never hurt anybody and can be very helpful. Granted, many areas of InfoSec may not need it, but it sure doesn’t hurt.
  2. Initech, Inc. Risktical Ramblings
    From the Post:
    “As part of my goal of wanting to post some risk scenarios and accompanying assessments on the blog, I went ahead and posted a profile of a company (and one of its subsidiaries) over on the “Initech, Inc” page. Instead of having to write background and “given” information for each and every risk scenario – doing it once will save a lot of time.”
    This is a really neat idea. I look forward to seeing what Chris will bring us in the future.
  3. KU: Technology Documentation:
    Vi @jfug on twitter, a link to a good set of resources published by the security department at Kansas University. Some good stuff there.
  4. HiR Information Report: Make your own lock picks – Part 1
    Ax0n has a series of articles that show you how to make you own set of lock picks. Nifty.
  5. DecaffeinatID: A Very Simple IDS / Log Watching App / ARPWatch For Windows
    DecaffeinatID has been updated. Go take a gander.
  6. Neopwn, the World’s First Pentesting Mobile Phone
    ** Posted using Viigo: Mobile RSS, Sports, Current Events and more ** thefanboy writes “What do you get when you cross BackTrack Linux apps with a mobile phone? This is the first ever publicly available mobile phone running a full custom Linux network auditing distribution, and it runs it surprisingly well. One can literally go from phone to pwn in 2 seconds. Based off of the Openmoko Neo Freerunner, many steps have been taken to compensate from the lack of a QWERTY keyboard with automation scripts, dialogs, and a point-and-pwn menu. It runs applications such as Metasploit and the Aircrack suite quite well, especially given the fact that it supports a wide array of USB WLAN cards.”

    Read more of this story at Slashdot.

  7. McAfee offers $465 million for Secure Computing | News – Security – CNET News
    More consolidation in the information security vendor space.
  8. IT Security Expert: Eugene Kaspersky on the Latest Malware Trends
    Dave Whitelegg had the opportunity to talk with Eugene Kaspersky recently.
  9. VMWare issues “critical” ESXi security advisory – Zero Day – ZDNet.com
    Ryan Naraine points out on the Zero Day blog that VMWare has issued a critical ESXi security advisory. Time to patch folks.
  10. 1 Raindrop: Mark Curphey On Builders and Breakers
    Gunnar writes about builders vs. breakers. He references Security Buddha’s excellent article on the same subject. Both are worth reading.

That’s it for today.

Have fun!

Kevin

Advertisements

Comments are closed.

%d bloggers like this: