Grec’s Weekly Infosec Ramblings for 2009-05-03

So, what was on everyone’s minds this week? Spam… and the Swine Flu, apparently. Leave it to the spammers to take advantage of a horrible situation.

  • Spammers will def b doing. RT @mckeay srt planning 4 the impact of the swine flu, as well as the spam that will inevitably srt circulating #
  • Here comes the spam. RT @mckeay Just found the first swine flu spam in my own mailbox. What a surprise. Not. #
  • Here’s the official US CERT warning. RT: @uscert_gov: Swine Flu Phishing Attacks and Email Scams http://tinyurl.com/cnjgne #
  • SWINE FLU SPAM: @mckeay called it first about the forthcoming barrage of spam. http://tinyurl.com/d2cknl #
  • MORE SWINE FLU: Then it started happening. Others tweeted it & several articles were written about it. Here’s one. http://tinyurl.com/dj6l88 #
  • SWINE … FINAL: Ok, just one more comment. Spammers are very smart for doing this but it’s wrong! #commentary #
  • SWINE SPAM: Not to much news today except a few articles on an increase in swine-related spam as expected. http://tinyurl.com/cw5kao #
  • LOL RT @BrickandClick Want To Avoid Swine Flu? There’s An App For That Too -> http://bit.ly/t4Q9n #

As if the Swine Flu spam wasn’t bad enough, it turns out that the vulnerabilities in Adobe Reader are bigger than we thought.

When you pair both problems with the biggest security vulnerability of all time, it’s not pretty.

  • CORE INFOSEC PROBLEM: Once again here is another story that shows people are the primary problem. http://tinyurl.com/d4p7uc #
  • PEOPLE PROBLEMS: It all comes back 2 awareness training – and making it exciting and interesting. I know … this is hard to do. #commentary

But, on a more positive note, SANS held its AppSec Summit this week…

  • RT: @IBMFedCyber: Anyone else going to the SANS AppSec Summit on Wednesday? I will be there.. would love to tweetup. #SANS #infosec #

And OWASP has officially announced AppSecDc 2009!

But depending on what happens with some of the major cybersecurity acts in the next few months, AppSecDc might offer some different topics than normal.

It will be an interesting time for people who are just getting into security. (Or, security internships.)

But if we all follow some of Marcus’s excellent advice, things should be just fine.

Plus, we always have CharmSec

  • RT @mubix RT @charmsec: CharmSec 12 is this Wednesday at Slainte. #
  • RT @mubix RT @charmsec: CharmSec Challenge: http://is.gd/u522 bring yr solution 4/29 & get free round (or something). Don’t leak yr answer! #

And, new Twitter tools to cheer us up.

  • Cool new tool. Kind of like Twitpic but with voicemail. RT: @RodBeckstrom: Voice_Message_Tuesday_28_Apr_09_59PM http://tinyurl.com/db7gqz #

###

Have something to say? Then why not write about it for NovaInfosecPortal? We’re currently looking for some great guest bloggers to feature on the site. If you’re interested, drop us a line, or send us a tweet @grecs.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.