With all of the information available on the internet, it’s sometimes hard to decide what you should spend your time reading. That’s why we started our handy “Top 3 NoVA Infosec Blog Posts of the Week” feature; we tell you about the best blog posts written by local security bloggers each week, and you spend less time wading through the internet trying to find something good to read.
So, without further adieu, let’s get on to the posts.
#3 – Messy Malware: For those of you who become gleeful at the thought of learning about new malware (you know who you are) you will definitely want to check out the post “Microsoft DirectShow MPEG2TuneRequest Stack Overflow P0C” on the @carnal0wnage blog. While the malware may no longer be ‘brand new’ per say (as pointed out in the post, this malware has been floating around on some Chinese forums for awhile), it’s still interesting to read about. You can check out the full post here.
#2 – The Meaning of APT: Can you imagine a topic that only retrieves 34 results from Google? According to Richard Bejtlich of TaoSecurity, Advanced Persistent Threat (APT) is one of those things. Says Bejtlich in his post “You Down with APT?,” “APT is one of those subjects that is very important but not well understood outside the defense industry.” He ends the post by saying “[i]f you’re not down with APT, you need to be.” To ‘get down with APT’ and learn more about it, check out Bejtlich’s full post on APT here.
#1 – Destroy That Data: In their post “Darik’s Boot and Nuke (DBAN),” @geminisecurity tackles a topic that you don’t hear about often enough: Destroying data before retiring, selling, or destroying computer systems. While @geminisecurity says that you can use DBAN for newer systems, what do you do with the older systems? Other than using “a chainsaw and a hammer” to get rid of the data, @geminisecurity suggests the words that make all of the do-it-yourselfer’s cringe: “pay someone else to do it.” While it’s tempting to think that you can handle the complete destruction or removal of data from an older system, sometimes it ‘pays’ to pay a specialist to do it. But for those of you who have the newer systems and would like to know more about DBAN, check out the full post by @geminisecurity here.
Well, that’s all for this week. Be sure to follow me @grecs during the week for more great posts from local bloggers.
o o o o o