Interesting Information Security Bits for 11/07/2008

Good afternoon everybody! I hope your day is going well.

Here are today’s Interesting Information Security Bits from around the web.

1. Virtualization: How to Isolate Application Traffic
   Lori has penned a nice article pointing out how we can use VLANs to isolate application traffic. She makes and excellent point in the article, “we’ve grown to use VLANs as an architectural tool rather than a security tool, and often don’t consider how valuable such a simple, existing technology can easily be applied to more emerging, cutting edge concepts.”
2. Typical Injection Points in a Web Application | Startup Security
   Damon fills us in on some good spots to check for vulnerabilities in web applications.
3. Discovering Rogue Access Points With Nmap
   Nifty way to detect rogue wireless APs from the wireside.
4. Researcher: Android may not need antivirus software
   Now I’m not saying you have to have anti-virus software for your mobile device, but I sure don’t agree with several of the statements made in this article.

That’s it for today. Have fun!

Subscribe to my RSS Feed if you enjoy these daily Interesting Bits posts.

Kevin

Interesting Information Security Bits for 11/06/2008

Good afternoon everybody! I hope your day is going well.

Here are today’s Interesting Information Security Bits from around the web.

1. TaoSecurity: Defining Security Event Correlation
   Richard has a good post up on defining security event correlation. Go check it out.
2. Why use Firefox << Techdulla
   Techdulla tells us why he uses Firefox for his browser. I agree with everything he says and will add that putting the AdBlock add-on into place makes it even better.
3. HiR Information Report: Xorg.conf for OpenBSD MacBook / Parallels
   Ax0n is here to help you get Xorg running on your Mac using Parallels.
4. Android-Powered G1 Gets Antivirus Software — Google Android — InformationWeek
   Looks like you can get Anti-virus software for your G1 phone.
5. Once thought safe, WPA Wi-Fi encryption is cracked
   Oops. Time to upgrade to WPA2. Okay, you don’t have to run out right now and do it, but it looks like some researchers have found a method of getting the TKIP key in a short time frame.

That’s it for today. Have fun!

Subscribe to my RSS Feed if you enjoy these daily Interesting Bits posts.

Kevin

Interesting Information Security Bits for 11/05/2008

Good afternoon everybody! I hope your day is going well.

Here are today’s Interesting Information Security Bits from around the web.

1. CSI Stick – So who has a copy of your phone? << SANS Computer Forensics, Investigation, and Response
   This is both very cool and very scary. Tool that allows you to quickly and easily suck the data out of a cell phone or smart phone. So much for locking the keyboards on those puppies.
2. Assuming the breach: What is good pen-testing?
   Planet Heidi has some good guidance for effective pen testing. You should go read it if do them and, more importantly, if you get the results.

That’s it for today. Have fun!

Subscribe to my RSS Feed if you enjoy these daily Interesting Bits posts.

Kevin

Interesting Information Security Bits for 11/04/2008

Good afternoon everybody! I hope your day is going well.

Here are today’s Interesting Information Security Bits from around the web.

1. /dev/random >> Blog Archive >> Critical dns2tcp Vulnerability!
   Looks like dns2tcp has a vulnerability that needs to be taken care of. Time to upgrade.
2. TrueCrypt – Free Open-Source On-The-Fly Disk Encryption Software for Windows Vista/XP, Mac OS X and Linux – Documentation
   A new version of Truecrypt is out. Version 6.1 was released on October 31st, 2008.

   Hat tip: Xavier at http://blog.rootshell.be

3. Research Blog – Research – SecureWorks
   A very nice description and review of the worm that is trying to take advantage of MS08-067.
4. PCI Blog – Compliance Demystified >> Blog Archive >> Cloud computing security and PCI
   Another good article about PCI and cloud computing.
5. Tenable Network Security: Log Correlation Engine 3.0 Released
   Like the title says, Tenable has released a new version of their Correlation engine.
6. Man cops to $1m phony bar code shoplifting scheme * The Register
   Real life shopping cart hacking 🙂
7. Security at the point of sale
   An interesting article about the different ways that thiefs are exploiting retail checkout systems.
8. Core Security finds critical Adobe Reader hole | Latest Security News – CNET News
   Looks like it’s time to patch Adobe Reader again.

That’s it for today. Have fun!

Subscribe to my RSS Feed if you enjoy these daily Interesting Bits posts.

Kevin

Interesting Information Security Bits for 11/03/2008

Good afternoon everybody! I hope your day is going well.

Here are today’s Interesting Information Security Bits from around the web.

1. Microsoft: Trojans are huge and China is tops in browser exploits | Latest Security News – CNET News
   An interesting report has been put out by Microsoft that is worth a gander.
2. Google patches Android security flaw | Latest Security News – CNET News
   There is a patch available for your G1 phone. Better go get it done if you haven’t already.
3. Cloud Computing: It’s the destination, not the journey that is important
   Lori has a very good point here. You should go read her article because it applies to all of us.
4. PortSwigger.net – web application security: [MoBP] Filtering and deleting content
   Interesting things going on with the Burp Suite. New features and a major release just around the corner.
5. PortSwigger.net – web application security: [MoBP] The new target site map
   More cool stuff.
6. ToorCon X Presentations | Infosec Events
   Yup, more reading.
7. OWASP NYC AppSec 2008 Video | Infosec Events
   and watching.
8. Network Security Blog >> PCI Compliance in the Cloud: Get it in writing!
   Martin has written a article that you should read if you have any responsibility for PCI.

That’s it for today. Have fun!

Subscribe to my RSS Feed if you enjoy these daily Interesting Bits posts.

Kevin

Interesting Information Security Bits for 11/01/2008

Good afternoon everybody! I hope your day is going well.

Here are today’s Interesting Information Security Bits from around the web.

1. PortSwigger.net – web application security: The Month of Burp Pr0n
   Looks like a major release of the Burp suite is just around the corner. Keep your eyes open.
2. I-Hacked.com Taking Advantage Of Technology – RJ45 Ethernet Loopback Cuff link/Keychain
   Ax0n has an neat little project posted on i-hacked that shows you how to create an ethernet loopback tester. Bonus: They can be used as cuff links or easily carried on your key chain.
3. Blackhat Webinar: Clickjacking and Browser Security
   The next Blackhat Webinar has been announced. Jeremiah Grossman will be talking about Clickjacking. Date: November 20th, 2008 Time: 4:00 pm ET/1:00 pm PT

That’s it for today. Have fun!

Subscribe to my RSS Feed if you enjoy these daily Interesting Bits posts.

Kevin

Interesting Information Security Bits for 10/31/2008

Good afternoon everybody! I hope your day is going well.

Here are today’s Interesting Information Security Bits from around the web.

1. spylogic.net – Facebook Privacy & Security Guide Released
   Tom has released his Facebook Security & Privacy Guide. You really should take a look if you have a Facebook account.
2. Tips for getting started in information security – Kees Leune
   Kees gives those interested in entering the information security profession some really good things to think about and offers up some practical guidance that is will realy help new entrants focus on getting where they want to go.
3. Freeform Comment: View from the defence: seven reasons for security as a service
   An article by Jon Collins summarizing the panel he hosted on SaaS at RSA Europe. Some good points are made in its favor.

That’s it for today. Have fun!

Subscribe to my RSS Feed if you enjoy these daily Interesting Bits posts.

Kevin

Interesting Information Security Bits for 10/21/2008

Good afternoon everybody! I hope your day is going well.

Here are today’s Interesting Information Security Bits from around the web.

1. Your Simple Guide To Endpoint Encryption Options | securosis.com
   Rich gives us a great resource for discussing and determining how and to what extent we should implement endpoint encryption.
2. PCI, Risk Management & “The Blackberry Arsenal” << Risktical Ramblings
   A good story with some good take aways for both those answering to RFPs and those reviewing the answers to RFPs.
3. BrokenHalo LABORATORIES >> Midnight Research Labs releases Depant
   This looks like a really neat tool. Scans your target for services with default passwords. Yummy.
4. .:Computer Defense:. >> NoScript Force SSL
   Using NoScript, you can force sites to SSL that don’t do a good job of it themselves.Hat tip: Michael Farnum and Security4All
5. IT security guide: Understanding cyber-risks means knowing what questions to ask
   Something free from ANSI. You should go get your copy if for no other reason than that 🙂 Seriously, good stuff in here.
6. Researchers hack wired keyboards, hijack keystrokes | Zero Day | ZDNet.com
   Tempest for the 2000s. Looks like avoiding those wireless keyboards may not actually provide the security you may have felt that it did.

That’s it for today. Have fun!

Subscribe to my RSS Feed if you enjoy these daily Interesting Bits posts.

Kevin

Interesting Information Security Bits for 10/20/2008

Good afternoon everybody! I hope your day is going well.

Here are today’s Interesting Information Security Bits from around the web.

1. pdgmail: new tool for gmail memory forensics << SANS Computer Forensics, Investigation, and Response
   If you use GMail, you should really read this article. Sandboxing in some fashion sounds like a really good idea.
2. TaoSecurity: Trying Firefox with CMU Perspectives
   Much like the web of trust used in GPG signatures, Perspectives for Firefox uses a groups of “notaries” to verify the authenticity of a self-signed ssl certificate. Interesting stuff.
3. extern blog SensePost;
   The OWASP NYC talks have been posted.
4. spylogic.net – Information Gathering with Maltego
   Tom has posted his slide deck for the presentation he gave at the Northeast Ohio Information Security Forum last week.
5. Carnal0wnage Blog: Webapp Asssessments Rule or ‘why running as ‘dbo’ is bad!
   Another fun, as in oh my goodness, read about a pentest. This time an appsec test.
6. Carnal0wnage Blog: A Successful Pentest with some Failures.
   A nice description of a pen test.

That’s it for today. Have fun!

Subscribe to my RSS Feed if you enjoy these daily Interesting Bits posts.

Kevin

Interesting Information Security Bits for 10/18/2008

Good afternoon everybody! I hope your day is going well.

Here are today’s Interesting Information Security Bits from around the web.

1. The Art of Software Security Assessment >> Bugs vs. Flaws
   A really interesting post about definitions and approaches to application security issues and testing. Read the comments too. Really good stuff.
2. HiR Information Report: Response: “Is Twitter the newest data security threat?”
   Ax0n answer’s the question that Lori presented the other day.
3. Telecom Immunity Law Challenged In Court — Telecom Amendments Act — InformationWeek
   The Electronic Frontier Foundation is challenging the Telecom Amendments Act that gave telecom providers retroactive immunity from prosecution for domestic wiretapping they did at the behest of the government. This is a very good thing.
4. Two new IRS systems have major security weaknesses, federal report says
   Wow. The apparent delinquency in the systems discussed here is atrocious, particularly for the type of system being discussed, i.e. the one that keeps and manages our tax returns.
5. Altor Networks Introduces Virtual Firewall – Application and Perimeter Security News Wire – Dark Reading
   I can’t comment on the effectiveness of the product, but it is nice to see this type of product starting to appear.
6. BeCrypt Cryptographic Library Gets Cert – Host security News Wire – Dark Reading
   I’ve use BeCrypt products for quite some time and have found them to be excellent. They now have a library that is FIPS 140-2 certified.

That’s it for today. Have fun!

Subscribe to my RSS Feed if you enjoy these daily Interesting Bits posts.

Kevin