Good afternoon everybody! I hope your day is going well.
Here are today’s Interesting Information Security Bits from around the web.
- Schneier on Security: Threat Modeling at Microsoft
Schneier points us to a white paper by Adam Shostack on Microsoft’s threat modeling methodology. I have only read the first part, but it looks interesting.
- McGrew Security Blog >> Blog Archive >> Slides for a forensics class lecture on ext2/3
Welsey has put up the slides for a talk he is giving about ext2/ext3 file system forensics. You should go check them out.
- Apocalyptic Vulnerability Percentages – FUD 101 ha.ckers.org web application security lab
A good read from RSnake about just how vulnerable are we.
- PPT_VeriSign_Webcast_Brazil_20081008.pdf (application/pdf Object)
Slides from a threat briefing on Brazil that was given by Brazil last week.
- Carnal0wnage Blog: OWASP APPSEC 2008 Conference Videos Online
Videos are out from the OWASP AppSec 2008 conference.
- Matasano Chargen >> Blog Archive >> Detecting Anonymizing Proxies
A good article on how to detect anonymizing proxies on you network.
- Matasano Chargen >> Blog Archive >> Owning Networks With Soldering Irons and Radio Shack Parts
A great walk through of Stephen’s experience with a recent pen test that required him to do some hardware hacking.
- Dell Launches SingleClick Remote Access – Host security News Wire – Dark Reading
Dell is now offering a “Go to my PC” like service.
- Over half of U.K. firms have lost data
Ouch. On top of the pure mind boggling statistic that 55% of British companies have had a breach and that 49% have had more than one, is the finding that only 10% were considered to be the result of malicious entities. Go take look.
- U.S. proposes digital signing of DNS root zone file
The U.S . department is looking for comments on how to implement DNSSEC for records in the root zone.
- Error puts data on 30 million German phone users on Internet (AFP) by AFP: Yahoo! Tech
Not once, but twice now, the Deutsche Telekom has lost personal data. Lots of it.
Hat tip: @mckeay
That’s it for today. Have fun!