Good afternoon everybody! I hope your day is going well.
Here are today’s Interesting Information Security Bits from around the web.

1. Business of Security
   Some interesting stuff on risk management and assessment and analysis.
2. LoJack for Laptops (the Free Version) - Freakonomics - Opinion - New York Times Blog
   Title kinda says it all.

   Hat tip: @catalyst

That’s it for today. Have fun!
Kevin

Once more unto the breach, dear friends, once more,
Or close the wall up with our English dead!
In peace there’s nothing so becomes a man
As modest stillness and humility;
But when the blast of war blows in our ears,
Then imitate the action of the tiger:
Stiffen the sinews, summon up the blood.

“Henry V” (5.3.44-51)

Michael J. Santarcangelo, II has written a little book titled Into the Breach. The preview copy I have has 91 pages of content, but I want to make something very clear, the ideas in this little book are big, very big.

The subtitle of the book is “Protect Your Business by Managing People, Information, and Risk.”  Seems pretty straight forward, doesn’t it? However, those of us in the information security profession are painfully aware that actually doing what that simple statement says is often far from straight forward.

Michael wants to help us with the issue and puts forth a process that can greatly increase our ability to satisfy that statement in a manner that brings engagement from all parts of the organization. At its root, Micahel’s strategy makes protecting the data of our organizations everybody’s job, not just information technologies job, but it does so in a way that re-energized everybody by giving them a voice in what is important and what is not.

He starts out the book by introducing and addressing three common myths that crop up when we start talking about protecting our organization’s data from unauthorized access or “breach”:

1. “Outsiders pose the biggest threat to information.”
2. “Information protection needs a technology solution.”
3. “Protecting information costs too much.”

Throughout the rest of the book, he walks us through a process that is simple in its execution, but profound in what it provides to those who participate in it. I’m not going to steal Michael’s thunder. I am going to suggest that you pick up a copy of his book and read it…twice…at least. If you do and implement the strategies contained in it, you will be much better equipped to “Protect Your Business by Managing People, Information, and Risk” and reducing the chances that your data will go “Into the Breach.”

Kevin

Good afternoon everybody! I hope your day is going well.
Here are today’s Interesting Information Security Bits from around the web.

1. PaulDotCom: Archives
   Paul talkes about wrangling attackers in the ICE II challenge.
2. :wq - blog >> Blog Archive >> HeX 2.0, codename “Bonobo”, released!
   Lee let’s us know that HeX 2.0 has been released. Go check it out.
3. Nmap DEFCON 16 Video / 4.75 Released | Infosec Events
   Fyodor’s DEFCON 16 video is up.
4. Emergent Chaos: Quantum Crypto Broken Again
   Mordaxus points us to a paper where three researchers claim to have broken quantum key distribution. As Mordaxus says, “This is a serious flaw.”
5. IT Security: The view from here: Rewriting the Code
   Policy, standards and procedures are all three very different animals. Read what happens when that distinction is not clearly made.
6. Crypto attack unveils hidden backups * The Register
   A researcher has discovered a way to determine if there is a hidden encrypted volume in a disc backup. Interesting stuff.
7. Cheat sheet: IP access lists - PacketLife.net
   via @mubix via @packetlife

That’s it for today. Have fun!
Kevin

Good afternoon everybody! I hope your day is going well.
Here are today’s Interesting Information Security Bits from around the web.

1. PaulDotCom Community Blog: Securing Cisco Routers the Easy Way
   Good post on securing Cisco routers.
2. Matasano Chargen >> Blog Archive >> VoIP Demystified: SIP
   The guys over at Matasano are doing a series of posts covering VoIP. The first is up.
3. Hack and tell: Teen hacker Mafiaboy writes memoir | News - Security - CNET News
   Cause significant disruption to web properties, get caught, get convicted, write book, profit.
4. Consensus Controls project aims to set benchmarks for compliance
   An interesting thought, peer review of controls. It’s an interesting thought and could be very useful. I’ve sent a request for a beta invite. I’ll let you know what I think if I get one.
5. Vendors rush to fix bug that could crash Internet systems
   There has been a lot of talk around the internets over the last couple of weeks about a significant vulnerability that is platform agnostic. In the last few days, many have indicated that they think it is nothing new. I get the impression from this article that that may not be the case. Only time will tell, but let’s not be too quick to dismiss it as a rehashing of an old issue.

That’s it for today. Have fun!
Kevin

Good afternoon everybody! I hope your day is going well.
Here are today’s Interesting Information Security Bits from around the web.

1. OSfuscate: Change your Windows OS TCP/IP Fingerprint to confuse P0f, NetworkMiner, Ettercap, Nmap and other OS detection tools
   Nifty tool that changes the TCP/IP fingerprint of you windows boxen. Haven’t tried it, but looks pretty neat.
2. Many computer users lack basic security precautions, survey says
   Looks we have more work to do in the consumer awareness area.
3. California Bans RFID Skimming — InformationWeek
   Well, I feel better know. It is illegal to read an RFID tag in California without the owner’s knowledge or permission. Um, it’s illegal to exceed the speed limit too and we all know how well that reduces speeding.

That’s it for today. Have fun!
Kevin

Good afternoon everybody! I hope your day is going well.
Here are today’s Interesting Information Security Bits from around the web.

1. Outpost24’s TCP DOS Attack Explained
   Fyodor has posted his opinion of what the new TCP based DOS attack we have been hearing so much about recently. Regardless of whether he is bang on in his guess, you really ought to go read hi note.Hat tip: @dryden1
2. The Concise Guide to Proxies
   Lori gives a real straight forward and complete description of the different types of proxies. Good one to keep in the “when someone asks a questions” folder.
3. 2008 Data Breach Investigations Supplemental Report
   Verizon has released its 2008 Data Breach Investigations Report that focuses on four major industy groups. Check it out. I still have to read it so can’t offer first hand opinion yet.
4. A Peek Inside A Simple ATM Machine
   Ax0n shares some interesting inforomation with us about an ATM machine’s physical and mechanical feathers.
5. All About Windows Update - Security Watch
   A pointer to a document published by Microsoft that explains how Windows Update works. Very concise and well put together. It is written in Word 2007, so you will need the comptability pack if you aren’t there yet.
6. Surveillance of Skype messages found in China - International Herald Tribune
   If you are using skype while in China, you may be talking to more people than you anticipate.
7. Cisco survey: Cultural differences can complicate IT security when work goes offshore
   Different cultures with different levels of information security awareness and maturity can significantly impact you company. You must make sure your plans take that into account when you start globalizing your company.

That’s it for today. Have fun!
Kevin

Now that I have made such a bold statement, let me back off a little and admit that I don’t know what anti-malware software is the best.  What I do know is that we can actually leverage a behavior that a lot of malware exhibits. “What behavior is that?” you ask.  Well, I’ll tell you.

My primary machine at home, the one that has “important stuff” on it, is a virtual machine that runs on my main server.  What type of environment does more and more malware not run in? Yup, a virtual one.

So, there you go, install a lightweight Linux OS with a virtualization platform or something thing VMWare ESXi and then load your daily OS on top of that.  Wah la! Best anti-malware software == malware itself.

Of course, I am not saying you have nothing to worry about with type of configuration. There is a whole host (pun intended) of issues that need to be dealt with and, of course, not all malware is quite this accomodating.  But it did make me stop and go hmmm.

What do you think?

Kevin

Good afternoon everybody! I hope your day is going well.
Here are today’s Interesting Information Security Bits from around the web.

1. PCI DSS version 1.2 differences and updates
   Michael Dahn gives a break down of the differences between PCI DSS 1.1 and 1.2
2. Massive TCP Flaw Looming
   Nire on the new TCP based DOS found by some researchers in Sweden.
3. Three hard drive imaging tools
   Quinn gives a comparison of three drive imaging tools.
4. Secure Life Ep 2
5. Weak Hashing Algorithms: Outlook PST file CRC32 password cracking example
   If you use password protected Outlook PST files, you might want to go take a look at this video. Actually, you should go take a look regardless.
6. Software Lets Users Manipulate Passport Data - Security Fix
   Report by Brian Krebs about a new tool that allows one to change the chip data in your or anyone else’s passport. That’s not good.
7. The Pen Testing Perfect Storm Webcast Series with Skoudis, Wright, Johnson
   Nifty series starting up on pen testing over on the Ethical Hacker Network.
8. Electronic Data Records Law | How to Win E-Discovery: Retained Electronic Mail Supports Intellectual Property Claim
   Legal Beagle has an interesting post up about how you can use your own robust document retention policies to bolster your case in the event of litigation. Of course, that assumes you have robust document retention processes and procedures. Might want to look into that.

That’s it for today. Have fun!
Kevin

I am a huge fan of Masterpiece Theater’s productions.  Almost without exception, they are well written, directed and acted. The shows they produce are separated into three themes:

1. Classic - Shows based on classic literature and/or set in historic contexts.
2. Mystery! - Mystery based shows. These may be set in historic contexts or reflect current times.
3. Contemporary - This is a new theme this year. These are dramas set in more contemporary times, although not necessarily current times.

Now I am sure you are asking yourself “what has this got to do with information security?” Well, the first program in the Masterpiece Contemporary schedule is called “The Last Enemy.” It starts airing October 5th, here in the United States on your local PBS station. It’s a fictional story set in London about a man who finds out just how much the government knows about him, and everyone else, as he delves into the life of his brother who recently passed away.

I am looking forward to this show in hopes that it will help people realize that we need to be very careful when we start hearing that we need to surrender more and more of our civil rights in order to ensure the “safety” of everyone. Don’t get me wrong, I am not saying there is a huge conspiracy to track each and every move we make.  However, we could end up there very easily if we are not careful and as the saying goes.

“Absolute power corrupts absolutely.”
John Emerich Edward Dalberg Acton

Kevin

Good afternoon everybody! I hope your day is going well.
Here are today’s Interesting Information Security Bits from around the web.

1. *nux Live Acquisition Techniques
   Cutaway gives us a nice walk-through of how he dealt with some issues when trying to acquire drive images during a recent incident response.
2. Fiction Versus Function: Three Unspoken Annoynaces of Cisco & VMware’s Virtualization “Partnership”
   Beaker pens another interesting missive about VMWare and Cisco getting together and what that might mean for both server admins and network admins.
3. Impact of the Economic Crisis on Security
   Rich has a great post up with some insightful observations about what effect the current financial situation may have on our industry and our jobs. You should go read it.
4. FAQ: Clickjacking — should you be worried?
   A very good explanation for what Clickjacking is.
   Hat tip: @jeremiahg
5. Dark Reading - New DOS Attack Is a Killer - Snake Bytes
   Some interesting stuff coming out of Sweden, interesting as in the sky is falling.
6. Sex, death and Gartner IT security summits
   David give’s us an overview of the opening day of the Gartner IT Security Summit in London. Interesting stuff being talked about there.
7. FOXNews.com - For Sale: Used Spy Camera With Top Secret Terror Records - Science News | Science & Technology | Technology News
   When things like this happen, you just want smack yourself in the forehead and ask how can people not get it to this degree?

   Hat tip: @cre8tn

8. Andrew Hay >> Blog Archive >> Secure Life Ep 1
   Neat cartoon that really gets to the point.

That’s it for today. Have fun!
Kevin