If you’re not already following some of our excellent NovaInfosec Twits and are wondering where to get the best NoVA-, DC-, and MD-related security tweets, look no further than this post. Published every Friday, our “Infosec Ramblings” post takes many of my security tweets/RTs from the past week and puts them into one easy to digest post. And if you don’t want to wait an entire week, just stop on by my @grecs Twitter account.
[Being a lazy blogger once again… At least your getting podcasts now. -Grecs]
- #EDU New blogpost “Malicious PDF Analysis Workshop Screencasts” http://j.mp/jQ6Xni (via @DidierStevens @kpyke) #
- New ‘MACDefender’ Variant Installs Without Admin Password Requirement http://j.mp/jS0oVG (via @jasonmoliver) #
- NIST Sec Bulletin 2011-05 Using Security Config Checklists & National Checklist Prog http://j.mp/kJprXa [PDF] (via @danphilpott) #
- Is FISMA-compliance required 4 any cloud computing company doing biz with gov? http://j.mp/iTDHJ9 (via @danphilpott) #
- #MEETUP 3 people showed up to the DC2600 meeting on 05/06/2011 #meetup #2600 #dc2600 (via @DC2600) #
- iOS 4 hardware encryption cracked http://j.mp/mljrxG (via @regsecurity) [In case U missed.] #
- Apple has a real security opportunity, but will it seize moment? http://j.mp/lkRut4 (via @CSOonline) [I only hope.] #
- More Sony woes, and the company brings in identity theft service http://j.mp/mqgg33 (via @DarkReading) [Bout time!] #
- DHS Hears Gov Infosec Pros’ Concerns http://j.mp/ihZpcs [US govt still planning 2 hire more cybersec folks] (via @DrInfoSec) #
- 3 Simple Security Principles http://j.mp/kkXu3t [good points; like infosec version of Asimov’s 3 laws of robotics] (via @DrInfoSec) #
- Wow, @hak5darren & @snubs on Yahoo front page re story on mking some $ blogging. http://www.yahoo.com/ #
- #NOVABLOGGER Revisiting Android TapJacking (PoC app included) http://j.mp/iHD9NP (via @jack_mannino) #
- BLOGGED: Top 3 NoVA Infosec Blog Posts of the Week http://bit.ly/j3lBq2 #
- iPhone crypto issue isn’t all it’s cracked up to be http://j.mp/ip2qjY (via @Nathiet) [Was thinking this too.] #
- Linguists use sounds to bypass Skype crypto http://j.mp/jTbEZG (via @regsecurity) #
- Holly molly is it raining out… #
- Nice piece on Mac Defender/scareware scams fr @briankrebs http://j.mp/kLChLV #
- Managing CVE-0: Vuln Advisory: User clicks on something that they sho… http://j.mp/lyUND0 (via @sans_isc) [Lol.] #
- Google Chrome OS: Too secure to need security? http://j.mp/ijKMQc (via @Nathiet) [Unbreakable, right?] #
- Evidence RSA tokens are compromised. http://bit.ly/jtCbSm The opposition. http://j.mp/jONDTb (via @dmz006 @manicode) #
- If U’d like to nominate someone to be a local D-lister, Contact Us http://bit.ly/nispcontact & let us know why they should be featured. #
- BTW, here were our previous D-list posts: http://bit.ly/ieVrm1 http://bit.ly/e3caB #
- Very interesting piece by @lennyzeltser on importance of rituals in society & their role in infosec. http://j.mp/iCSTR5 #
- DHS Advances Einstein Cybersecurity Deployment — InformationWeek http://j.mp/kFVtLo (via @mschafer) #
- Obama admin proposes exchange of cyberskills experts w/ private industry http://j.mp/mIH8YM (via @mschafer) #
- Charmsec is experimenting with a wiki. feel free to look around and add stuff. http://charmsec.org/wiki/ (via @charmsec) #
- Good evening last night talking shop with @cktricky. #
- What is Memorial Day? http://j.mp/liUgp5 <- Thanks to all those who have served! (via @ziplock581 @DaKahuna2007) [+10000…] #
- Good security assessment of Google Chrome Netbooks http://j.mp/kNqRDS (via @jeffreycarr @briankrebs) #
- “@jjx: We’re married!!! @daveminella :)”—> congrats!!! Enjoy your special day!!! (via @mschafer) [+1] #
- 10 simple privacy tricks http://j.mp/lYWbGq (via @eduinfosec @derekcslater) [Excellent write-up fr LifeHacker.] #
- Chinese hackers use same backdoor required by US law 2 eavesdrop on Gmail accts. http://j.mp/mAP3LP (via.. @carnal0wnage) #
- Updating calendar. Looks to be pretty slow week.. Just 2600 Arlington on Friday.. http://bit.ly/nispfullcal #
- #MEETUP NoVA Forensic Meetup: NoVA Forensic Meetup, Wed, 6/1 at ReverseSpace http://j.mp/muZuaI (via @keydet89 @charmsec) #
- Just found out about NoVA Forensics Meetup this Wed.. Might be of interest to some of you. http://bit.ly/nispfullcal #
- Week 21 in Review http://bit.ly/is90eJ [Good summary as usual.] #
- Woot! NoVA Hackers the 6th (bar version at GB) & 13th (regular meeting). http://bit.ly/nispfullcal #
- Holy cheatsheets! Here’s a treasure trove. http://j.mp/izgHE7 #
- More updates to CSOonline’s security data and survey directory http://j.mp/hN20OV (via @derekcslater) #
- #CON EH-Net Global Calendar of Sec Events June http://j.mp/mTXSuv (via @ethicalhacker) #
- New Data Proves ‘Please ReTweet’ Generates 4x More ReTweets http://j.mp/mNVFsJ (via @angelinaward) [Lol, plz RT. :)] #
- Konboot from a USB flash drive files and instructions updated http://j.mp/mdrsFG (via @irongeek_adc) #
- #JOB RT @j0emccray: I have 2 clients needing to hire security people. 1 in .., 1 in MD – Information Assurance Manager. (via @jaysonstreet) #
- Pentagon: Hack attacks can be act of war http://j.mp/iCOVGe (via @regsecurity) #
- NOVAINFOSEC TWITS: .. list is opt-in. List & instructs 2 join at http://bit.ly/nisptwit. (via @novainfosec) cc @securitytwits #
- Apple built in an automatic Malware Updater http://j.mp/kxCvPc (via @JoelEsler @sans_isc) [Just the start..] #
- Apple Improving OS X Anti-Malware Feature http://j.mp/l4q8ar (via @sans_isc) #
- Social Media at Work: Viral Shift towards Information Age http://j.mp/kG6VSn (via @bobgourley) [Interesting.] #
- Apple security update targets MacDefender malware http://j.mp/lhC87D (via @briankrebs) #
- #CON Announcing the FedCyber.com Government-Industry Computer Security Summit http://j.mp/mx8Aen (via @bobgourley) #
- Wave of Trojans breaks over Android http://j.mp/mfmwjw (via @regsecurity) #
- BLOGGED: Meetup Reminder http://bit.ly/j73Nhs #
- Mac trojan evades Apple’s brand new security fix http://j.mp/ipOwuu (via @regsecurity) [And so cat/mouse game begins.] #
- ‘Significant’ Facebook attack doesn’t care if you’re a PC or a Mac http://j.mp/jkTRHb [Wonder if Apple has sig 4 this?] #
- Eric Schmidt: Want Security? Get a Mac http://j.mp/krfUZD (via @Nathiet) [What, not ChromeOS?] #
- #MEETUP One more reminder: Please RSVP for June 9th mtg – http://j.mp/iXqlZd (via @falconsview @OWASPNoVA) #
- Google: Hacker in China has obtained access to hundreds of email accounts http://j.mp/jUQKmT (via @jasonmoliver) #
- BLOGGED: NISPod 001 Epic Remix http://bit.ly/iU4GAw #
- Fed Agencies Embrace iPhones, iPads http://j.mp/mvkaCR (via @mschafer) [Nice. Device mgmt tech finally catching up.] #
- BLOGGED: NISPod 001 Epic Remix http://bit.ly/iU4GAw #
- #EDU 2011-06-10 Crypto Challenge Posted http://j.mp/gE5HrC Expires June 10th 5:00PM WIN 100$USD! (via @DaKahuna2007) #
- FaceNiff is firesheep for mobile: http://j.mp/kPunWF – how cute. (via @EnzOnInfoSec) #
Well, that’s all for this week. Be sure to follow me on Twitter at @grecs for more great tweets during the week! See ya…