I meant to mention this again earlier this week, but forgot to. ShmooCon will be live streaming the entire event this year. The conference starts today at 3:00 EDT.

If you are not familiar with ShmooCon, here is a tidbit from the conference website:

Different • ShmooCon is an annual East coast hacker convention hell-bent on offering three days of an interesting atmosphere for demonstrating technology exploitation, inventive software & hardware solutions, and open discussions of critical infosec issues. The first day is a single track of speed talks, One Track Mind. The next two days, there are three tracks: Break It!, Build It!, and Bring It On!.

Affordable • ShmooCon is about high-quality without the high price. Space is limited! ShmooCon has sold out every year, so unless taking a chance on an eBay auction to get your ticket sounds like fun, register early!

Accessible • ShmooCon is in Washington, D.C., at the Marriott Wardman Park Hotel, just a few steps from the D.C. Metro. Fly into DCA, IAD, or BWI, or take a train to Union Station, and you are just a quick cab ride away from the con

Entertaining • Brain melting from all the cool tech you are learning? Check out some of the contests running at ShmooCon, including the Hacker Arcade and Hack-Or-Halo. In years past, we have also thrown massive parties at a local area hot-spot, so expect that to happen again too!

Here are the links to the different streams. The source page is here.

Friday Feb 5th, 2010

One Track Mind

Saturday Feb 6th, 2010

Build It
Break It
Bring It On

Sunday Feb 7th, 2010

Build It
Break It
Bring It On

I’ll be watching as much as I can. You should too!

-Kevin

Good afternoon everybody! I hope your day is going well.

Here are today’s Interesting Information Security Bits from around the web.

1. Robert has a nice exploration of Intel’s new processor named Nehalem.
   Errata Security: Nehalem vs. IDS
   Tags: ( hardware intel cpu )
2. Andy speaks some truth about the user’s responsibility in the security equation.
   Are we being irresponsible? >> Andy ITGuy
   Tags: ( awareness )
3. The start of what looks to be a neat series. lsof is an awesome tool.
   Black Fist Security: *nix command of the day
   Tags: ( tools unix )
4. Here is an interesting story about a different cyber-crime target. Still very lucrative.
   Hackers Steal Millions in Carbon Credits | Threat Level | Wired.com
   Tags: ( crime )
5. This is a really good read.
   Jeremiah Grossman: The Web won’t be safe, let alone secure, unless we break it
   Tags: ( wepabbsec )
6. Securosis is looking for participants for some closed surveys. Check this out if you want to help.
   Securosis Blog | Need Brains. User Brains
   Tags: ( surveys )
7. Want to setup and virtual network security testing lab? Check this out.
   In Lieu of… << Laz3rNet
   Tags: ( lab how-to )
8. Windows 2008/7 offers new functionality that may help ease the pain of service accounts. (Hat tip: @grey_area)
   Service Accounts Step-by-Step Guide
   Tags: ( windows )

That’s it for today. Have fun!

Subscribe to my RSS Feed if you enjoy these daily Interesting Bits posts.

Kevin

Good afternoon everybody! I hope your day is going well.

Here are today’s Interesting Information Security Bits from around the web.

1. Andrew has a talk up for consideration for BSidesSF.
   Andrew Hay >> Blog Archive >> Vote For My #BSidesSF Talk “My Life on the Infosec D-List”
   Tags: ( bsidessf )
2. Apache hit end-of-life today. The last update has been released.
   Apache HTTP Server 1.3’s final update released – The H Security: News and Features
   Tags: ( apache )
3. Ouch. That’s a lot of infected machines.
   48% of 22,000,000 Scanned Systems Malware Laden
   Tags: ( malware )
4. Ben has tossed his hat into the BSidesSF ring too.
   BSides or Be Square: San Francisco and Austin (The Falcon’s View)
   Tags: ( conferences bsidessf )
5. Andrew’s next interview is with Rob Fuller. I met Rob last year at RSA. Good guy.
   Andrew Hay >> Blog Archive >> Information Security D-List Interview: Rob Fuller
   Tags: ( interview )

That’s it for today. Have fun!

Subscribe to my RSS Feed if you enjoy these daily Interesting Bits posts.

Kevin

DOWNLOAD ISSUE 24 HERE (February 2010)

• Writing a secure SOAP client with PHP: Field report from a real-world project
• How virtualized browsing shields against web-based attacks
• Review: 1Password 3
• Preparing a strategy for application vulnerability detection
• Threats 2.0: A glimpse into the near future
• Preventing malicious documents from compromising Windows machines
• Balancing productivity and security in a mixed environment
• AES and 3DES comparison analysis
• OSSEC: An introduction to open source log and event management
• Secure and differentiated access in enterprise wireless networks
• AND MORE!

I am installing a new theme over the next few days so I expect some hicups and snags around here. I apologize for any issues you may have, but things should be back to normal in a couple days.

-Kevin

I have submitted a topic for consideration for Security BSides San Francisco 2010 which happens concurrently with RSA.

For those not familiar with Security BSides, the following is from the website:

What is BSides?

BSides is an ad-hoc gathering of information security types born from the desire for people to share and learn in an open environment. It is an intense event with discussions, demos and interaction from participants. It is entirely community driven.  It is where conversations for the next-big-thing may be happening.  We’ve followed the BarCamp format… because it works.

My topic:

• Title: Discussion: What Makes a Good Risk Management Practice?
• Abstract: All of our organizations have to manage risk, specifically information security risk. What does it mean to do that well? What are the moving parts that make up a good risk management practice? This discussion/panel/talk will not focus on assessment methodologies or frameworks. It will also not focus on the “information security program.” We will spend some time focusing on the other moving parts of a risk management practice. Engagement with our business partners, how we bring it all together, how we can manage the inputs and outputs of the risk management process, etc. It will be an opportunity for those interested to share and learn from each other.

This topic is modeled after the RSA Peer-2-Peer sessions in that it is not a presentation. I anticipate a discussion where we can all contribute to the conversation and try to define what we it means to build a good risk management practice in our organizations.

Please vote for my topic by tweeting the following if this sounds like a conversation you’d like to be a part of:

@SecurityBSides I vote for “What Makes a Good Risk Management Practice?” by @kriggins #BSidesSF http://bit.ly/BSidesSFtalks

-Kevin

Good afternoon everybody! I hope your day is going well.

Here are today’s Interesting Information Security Bits from around the web.

1. Hoff points to an interesting project that addresses the distributed authentication issue in web based systems.
   MashSSL – An Excellent Idea You’ve Probably Never Heard Of… | Rational Survivability
   Tags: ( authentication ssl web )
2. Get your Security Threat Report 2010 while it’s hot!
   Sophos Security Threat Report 2010 | Graham Cluley’s blog
   Tags: ( threats reports )
3. Jennifer is involved in a few talks at Security BSides San Fran. Vote for her!
   Security Uncorked >> The Skinny on Security BSides San Francisco
   Tags: ( conferences bsides )
4. The finalists for the Social Security Blogger Awards 2010 have been selected.
   The Ashimmy Blog: Envelope please, and the winners are . . .
   Tags: ( awards )
5. Very cool. Encrypt your logs before sending them across the wire.
   Immutable Security >> Using OSSEC for Encrypted Log Transport
   Tags: ( logging encryption ossec )
6. Similar to the Amazon EC2 experiment last year, this time it is done with Microsoft’s Azure.
   Breaking Password Based Encryption with Azure – Gotham Digital Science
   Tags: ( passwords cracking cloud )
7. Looks like status quo for the PCI DSS this year.
   Security.exe – Powered by The CISO Group >> Blog Archive >> No major changes to PCI DSS in 2010, but watch for chip and pin in the future
   Tags: ( pci )
8. Graham points out something those who use twitter should be aware of. Lists as spamming tools.
   Twitter list spam
   Tags: ( lists )

That’s it for today. Have fun!

Subscribe to my RSS Feed if you enjoy these daily Interesting Bits posts.

Kevin

Good afternoon everybody! I hope your day is going well.

Here are today’s Interesting Information Security Bits from around the web.

1. This is a good article to look at if you are thinking about the cloud and your business. (Hat Tip: @infosecstuff)
   Cloud Security: Ten Questions to Ask Before You Jump In
   Tags: ( cloud )
2. Another interesting tool today. Use Bing to find associated IP address and DNS hostnames. (Hat Tip: @lbhuston)
   Bing Web Server Probe
   Tags: ( tools webappsec )
3. This looks like an interesting tool to add to your web app sec Firefox toolkit.
   Groundspeed 1.1 – Web Application Security Add-on For Firefox | Darknet – The Darkside
   Tags: ( webappsec tools firefox )
4. Jarrod shares how he got into information security and offers some thoughts on making your own move.
   /dev/null – ramblings of an infosec professional: How to Get A Start in Information Security
   Tags: ( career )
5. Ben is up next on the D-list interviews. I know Ben from Twitter and hope we can meet IRL someday.
   Andrew Hay >> Blog Archive >> Information Security D-List Interview: Ben Jackson
   Tags: ( interview )

That’s it for today. Have fun!

Subscribe to my RSS Feed if you enjoy these daily Interesting Bits posts.

Kevin

Good afternoon everybody! I hope your day is going well.

Here are today’s Interesting Information Security Bits from around the web.

1. Some thoughts about the security job market and how to get into it. (Thanks Ron)
   E-Commerce News: Trends: Breaking Into the Security Job Market
   Tags: ( career )
2. Anton has some comments about log context. Very important stuff.
   Anton Chuvakin Blog – “Security Warrior”: On Log Context
   Tags: ( log-monitoring )
3. This paper (pdf) takes a look at replacing session cookies with digest authentication.
   WeaningTheWebOffOfSessionCookies.pdf (application/pdf Object)
   Tags: ( session webappsec )
4. Another really good reason for egress controls.
   Sunbelt Blog: Botnet C&C switching to http; away from IRC
   Tags: ( botnet )
5. That’s a lot of malware.
   Report: 48% of 22 million scanned computers infected with malware | Zero Day | ZDNet.com
   Tags: ( malware )

That’s it for today. Have fun!

Subscribe to my RSS Feed if you enjoy these daily Interesting Bits posts.

Kevin

Good afternoon everybody! I hope your day is going well.

Here are today’s Interesting Information Security Bits from around the web.

1. Gunnar says what I have been thinking about the whole APT argument, only much better than I could.
   1 Raindrop: I Can See APT From Here
   Tags: ( apt )
2. Anyone who does forensics or needs to deal with Linux machines should be aware of how the /etc/fstab file works. Sometimes to can find interesting things by peaking in there.
   How to edit and understand /etc/fstab
   Tags: ( linux filesystem fstab )
3. This is just very cool. A very neat visualization of historical browser use statistics.
   http://www.michaelvandaniker.com/labs/browserVisualization/
   Tags: ( visualization )
4. This is an interesting treatment of what cloud computing is.
   Elemental Cloud-o-gram : elemental cloud computing
   Tags: ( cloud )
5. This is the one of the big questions you have to answer when you consider moving your sensitive corporate and customer data to externally hosted cloud services.
   Thoughts on Secure Multi-Tenancy – Chuck’s Blog
   Tags: ( cloud multi-tenancy )
6. Hmm, doesn’t look like the basis for Google claiming the Chinese are behind the Aurora attacks is quite as cut and dried as presented.
   ‘Aurora’ code circulated for years on English sites * The Register
   Tags: ( google aurora )

That’s it for today. Have fun!

Subscribe to my RSS Feed if you enjoy these daily Interesting Bits posts.

Kevin