Welcome to another edition of our Weekly Rewind – where we summarize all our posts from the last week. The top stories this week were 3) “BitLocker, PGP & TrueCrypt Forensics for Script Kiddies”, 2) “DoD 8570 Security & Deadline Looming”, and 1) “Top Ten Government IT Security Leaders of 2012”. If you missed anything or happened to be offline, we hope you find this summary post useful as a quick reference.
A la Schneier … you can also use this rewind post to talk about the security stories in the news that we haven’t covered.
Follow-Up to 3 Million Verizon Records Leak: It’s been a long holiday week for Verizon PR and Cyber War News regarding the massive leak we mentioned a few days ago. Verizon has been busy spreading the word of what really happened and Cyber War News has been sifting through the data to figure out some of the details. In the end both appeared to have come to the same conclusion – the leak is old. Verizon already knew about it way back in August and they are continuing to investigate the incident. (continued here)
BitLocker, PGP & TrueCrypt Forensics for Script Kiddies: Last week ElcomSoft released a new $300 tool called Forensic Disk Decryptor (EFDD). The traditional attack vectors for bypassing full disk or volume encryption were and still are accessing keys stored in memory and/or in hibernate/sleep files. And this new software does nothing more than make that process point-and-click. Additionally, EFDD eases the use of those keys to view the encrypted contents. Know any products that protect against these types of attacks? Let us know in the comments below. (continued here)
DoD 8570 Security+ Deadline Looming: For all those using Security+ to meet the DoD 8570 requirements, it looks like the”lifetime” designation is no longer valid going forward. CompTIA is taking a page from (ISC)2 and moving toward a Continuing Eduction (CE) program and yearly maintenance fees ($49). And those with the current lifetime designation have until tomorrow night (12/31/12) at midnight to enroll. (continued here)
Annual ShmooCon New Years Day Ticket Reminder & Follow-Up Comment Rants: Just in case anyone forget … today is the day … the final chance to snag your ShmooCon ticket … but don’t worry it will be fast and painless … which could motivate you to deal with those douchebags trying to make a profit from a non-profit event … geez they can’t event get the time right. Well … that’s all for now… Good luck to everyone trying to get tickets! And if you have any war stories on getting tickets … or just frustrations about the whole process, let us known in the comments below. (continued here)
Top Ten Government IT Security Leaders of 2012: GovInfoSecurity.com announced their 4th annual top ten leaders in government IT security for 2012. These leaders were chosen for their influence over the past year, as well as their continued influence into 2013 and beyond. Unfortunately, none of our contributors (@grecs and @nathiet) made the cut. Anyway, congratulations to the following leaders! (continued here)
Hope everyone had a wonderful week. Have a great weekend!