Infosec Blogs/Podcasts

How’d You Like to Give a Hand?

August 26, 2014
By
hopkinsday1-7

Some days the business of information security just makes me tired. The drudgery of compliance, the constant losing battle against malware, navigating the politics of organizations; I begin to wonder what it’s all for. Then I find something that makes me remember why I got into technology. I help a friend secure his home...
Read more »

Tags: , ,
Posted in Announcements, Infosec Blogs/Podcasts | 5 Comments »

Fukushima: Incident Response Done Right

August 25, 2014
By
Fukushima

One of my favorite podcasts isn’t on the topic of information security. It’s Harvard Business Review’s IdeaCast. I love the discussions with business leaders and creative thinkers, because it often provides me with a better understanding of the organizations I work for. So color me surprised when the weekly show covered the Fukushima meltdown...
Read more »

Tags: , , ,
Posted in Infosec Blogs/Podcasts | 4 Comments »

Video of the Week – How Forced Expiration Affects Password Choice

August 24, 2014
By
Data Security Hacker Password Security Breach Mobile Patch Theft

Bruce K. Marshall delivered this great presentation discussing the history, research, and his thoughts on the “best practices” for password expiration at the Passwords 14 conference earlier this month in Las Vegas, NV. From the abstract – “Forcing users to regularly change passwords has become a standard practice for corporate networks and some web...
Read more »

Tags: , , , , ,
Posted in Infosec Blogs/Podcasts | 1 Comment »

The Logic of Purposely Using Poor English in Scam Emails

August 12, 2014
By
Gullibility Filter

I am not sure of the original source of this graphic but it illustrates an interesting analysis of why scam emailers actually use bad English on purpose. The off kilter language serves as a simple method of filtering out the more highly desirable “gullible” marks from the rest of the crowd. As in the...
Read more »

Tags: ,
Posted in Infosec Blogs/Podcasts | 8 Comments »

Malware Analysis Slides from BSidesLV 2014

August 5, 2014
By
Sciatic Nerd BSidesLV2014 Winning Submission

This afternoon I had the honor of presenting an introduction to malware analysis talk at the BSidesLV. The goal of the presentation was to give newcomers an idea of where to start in this very interesting field. Here’s the title, abstract, and the slides. “Malware Analysis 101 – N00b to Ninja in 60 Minutes”...
Read more »

Posted in Infosec Blogs/Podcasts, Infosec Conferences | 10 Comments »

Where’s Grecs? At BSidesLV & Defcon of Course.

July 30, 2014
By
Where’s Grecs? At BSidesLV & Defcon of Course.

Just a quick note for anyone that wants to catch up next week at hacker summer camp. Instead of BlackHat I’ve opted for BSidesLV again this year at the Tuscany. This will be my third time attending and I continue to enjoy the smaller and more intimate environment. There I’ll also be giving a...
Read more »

Tags: , , , ,
Posted in Infosec Blogs/Podcasts | 8 Comments »

The Fixie Infosec Paradigm

July 25, 2014
By
WMN_1157

I came across this article  comparing federal IT spending to “fixie” bikes. The author suggests you can accomplish about 85% of what is really needed for around 10% of a project’s cost. Of course Pareto’s Principle comes to mind here where “roughly 80% of the effects come from 20% of the causes.” Relating to...
Read more »

Tags: , ,
Posted in Infosec Blogs/Podcasts | 2 Comments »

Norse Cyberwarefare Map

July 10, 2014
By
dynamic-internet-services

Following up our dashboard post with another excellent map from Norse based on their network of honeypots. The stats build up live as you watch them so you can see the top attack origins, targets, and types (ports). What would be nice though is to have a link to see stats from a particular date...
Read more »

Tags: , , , ,
Posted in Infosec Blogs/Podcasts | 3 Comments »

Top 7 Incident Responder Skills

July 10, 2014
By
21603e9d5a081791f6a0c71b2a09df233b84df41_small

Here’s another take on the skills necessary to become an analyst in today’s world. Due to a different role focus (incident responder versus security analyst), the ones mentioned in this article are a little more concrete than in a previous one we covered. File System Forensics Memory Forensics Network Forensics Malware Analysis General Information Security...
Read more »

Tags: , , ,
Posted in Infosec Blogs/Podcasts | 2 Comments »

Plain Text Offenders FAQ

July 2, 2014
By
Help

We wrote about PlainTextOffenders.com years ago but still continue to tweet it every so often just as a reminder. Someone on Twitter recently pointed out their hilarious Developer FAQ. Below are the first three but click the link at the bottom to see the entire list. via Plain Text Offenders We’ve rounded up a...
Read more »

Tags: ,
Posted in Infosec Blogs/Podcasts | 3 Comments »


About Us

Founded in 2008, NoVA Infosec is dedicated to the community of Metro DC-based security professionals and whitehat hackers involved in the government and other regulated verticals. Find out more on our About Us page.