While we’re all rather fond of our computers and iPhones, it doesn’t hurt to read some books from time to time.

• RT @mubix Check out @carnal0wnage ’s Amazon store of list of gd books 2 read: http://bit.ly/MP0oD (needs updating #
• #toread RT @mubix To get your copy of “Into the Breach” audio or otherwise by our very own @catalyst: http://is.gd/1oTzp #
• #toread RT @pauldotcom Outstanding book, fun to read, lots of hacking/security http://thedaemon.com/ A Must read! (review coming soon) #
• #toread RT @marcusjcarey RT @mitchjoel: Walking the talk. Chris Anderson’s (@chr1sa) new book, Free, for free: http://tr.im/r9wq #
• Mmmm. Lots of book recommendations today… #
• Here’s where to get that 1 book. #toread RT @marcusjcarey Download FREE by Chris Anderson Audio book 4 FREE http://hyperionbooks.com/free/ #
• #toread RT @dustinlfritz “‘Dissecting the Hack: the F0rb1dd3n Network’ is an educational thriller…” - Stephen Northcutt (cont… #

But as cool as those books are, Twitter definitely captured all the attention this past week. Kinda makes you wonder if Twitter is slowly taking over the world…

• This is insane. RT @mbernet Not sure how secure it is but if you want to control your PC via Twitter. http://digg.com/d1vj5X #

Twitter: The new way to report fake deaths.

• MONTH OF TWITTER BUGS # 6: RT @avivra Britney Spears is NOT dead. #MoTB 06: Multiple vulnerabilities in TwitPic. http://is.gd/1p4ah #

Twitter suspends accounts for Koobface.

• TWITTER SUSPENDING ACCTS: Well temporarily .. if your acct is caught spreading Koobface according to @DarkReading. http://bit.ly/hZBBf #

Don’t fall for Twitterfalls.

• RT @avivra Don’t go chasing twitterfalls.. #MoTB 08: DOM Based XSS in Twitterfall http://is.gd/1rhYw #

Speaking of Twitter… in case you didn’t see the tweets when they came out, here are some cool events from last week.

• Reminder: HacDC Meetup “Making Tubular Bells” is 2morrow http://tiny.cc/pxSSJ. C ths nova #mtg & othrs http://bit.ly/nipmtg. #
• RT @jaysonstreet RT @syngress Stop by Syngress table at SANS Digital Forensic Summit 2day. Authors will b signing books, 30% off! #
• Wow, this con came up quickly. RT @iamnowonmai RT @bpadres: #forensicsummit Did Rob get a haircutt today? < which one I wonder? #
• Reminder: OWASP - VA “What is O2?” event is 2morrow http://tiny.cc/UDJjN. C ths nova #mtg & othrs http://bit.ly/nipmtg. #
• Reminder: Baltimore Node “Ambient Orb Workshop” event is 2morrow http://tiny.cc/tzwSU. C ths nova #mtg & othrs http://bit.ly/nipmtg. #

Baltimore Node is especially taking the initiative to get things going!

• RT @baltimorenode Jon Lesser whipped up a sketch of the space @baltimorenode is considering: http://flic.kr/p/6DyV5R . wht do U think? #mtg #
• RT @baltimorenode If U have, acquire, or wnt 2 C pics from or related 2 @baltimorenode, check out the flickr group at http://is.gd/1p8K8 #
• RT @baltimorenode Photos from our July 9th workshop at MICA http://bit.ly/KmexP Tweetable Ambient Orbs! (via @jreinsel) #mtg #

Tweets from the big time.

• You know it must b big when this guy tweets a/b it. RT @briankrebs Microsoft: Attacks on Unpatched Windows Flaw http://tr.im/r7sv #

A new way to guess SSNs?

• Interesting. RT @securitytwits RT @snyakhar: “@securitytwits New algorithm guesses SSNs using date & place of birth - http://bit.ly/2Z8nm6” #
• Identifiers maybe? RT @securitytwits “[SSNs] are Worthless as Authenticators” via Emergent Chaos — http://tinyurl.com/nc2u8m #
• Follow up on yest’s tweet. RT RT @adamely: “@securitytwits Why SSN guessing doesn’t work prior to ‘88, but could. http://bit.ly/ekUt” #
• Here’s the WaPo writeup. RT @briankrebs Predicting Social Security Numbers http://tr.im/rfab #

And in Microsoft news this week:

• Time 4 emerg patch? RT @CSOonline NEW: Microsoft Confirms Attacks Against IE6, IE7: ‘Browse-and-own’ bug lets.. http://tinyurl.com/lf7vov #

While there’s a lot of talk about cyber attacks, are the attacks being overrated?

• I’ve been asking myself this too. Could go either way. RT @GovInfoSecurity Is hubbub ovr cyber attacks overblown? http://bit.ly/FspMH #

One thing that’s not overrated is the upcoming events in the NoVA, DC, and MD area.

• RT @charmsec CharmSec 15 will b Wed 7/29. U still have time 2 cancel beach trip or BlackHat booking, find sitter, & save beer money #mtg #

Wireless networks outside the home seem to be FTL if you don’t know what you’re doing.

• Security Awareness Training 4 Lay ppl: RT @ev3 I think I’d tell layperson, just dont check ur email, buy stock, .. on any wireless (cont… #
• …cont) netwk outside ur home netwk if u care abt ur info. #

Mobile worms seem to be worming their way past security…

• MOBILE WORMS: RT @FSLabs #Blog “Sexy Space” Symbian Worm http://bit.ly/PakZN #
• Looks interesting. RT @mubix RT @niccay: “From 0 to #0Day on #Symbian” aka How To #Exploit Symbian Phones http://bit.ly/SGD4Q #toread #

In case you were under the impression that privacy on the internet was still alive and kicking…

• Wasn’t privacy dead awhile back? Well, if it wasn’t. RT @CSOonline Tools 2 Identify Anonymous Users Online http://tinyurl.com/nddzj8 #

Best of luck to those of you who submitted a paper/presentation!

• RT @AppSecDC09 #AppSecDC 1st rnd of speakers will b notified by 7/15 Check yr inboxes!!! Speaker announcements, training, & reg coming soon #

So, without further adieu, let’s get on to the posts.

#3 - Messy Malware: For those of you who become gleeful at the thought of learning about new malware (you know who you are) you will definitely want to check out the post “Microsoft DirectShow MPEG2TuneRequest Stack Overflow P0C” on the @carnal0wnage blog. While the malware may no longer be ‘brand new’ per say (as pointed out in the post, this malware has been floating around on some Chinese forums for awhile), it’s still interesting to read about. You can check out the full post here.

#2 - The Meaning of APT: Can you imagine a topic that only retrieves 34 results from Google? According to Richard Bejtlich of TaoSecurity, Advanced Persistent Threat (APT) is one of those things. Says Bejtlich in his post “You Down with APT?,” “APT is one of those subjects that is very important but not well understood outside the defense industry.” He ends the post by saying “[i]f you’re not down with APT, you need to be.” To ‘get down with APT’ and learn more about it, check out Bejtlich’s full post on APT here.

#1 - Destroy That Data: In their post “Darik’s Boot and Nuke (DBAN),” @geminisecurity tackles a topic that you don’t hear about often enough: Destroying data before retiring, selling, or destroying computer systems. While @geminisecurity says that you can use DBAN for newer systems, what do you do with the older systems? Other than using “a chainsaw and a hammer” to get rid of the data, @geminisecurity suggests the words that make all of the do-it-yourselfer’s cringe: “pay someone else to do it.” While it’s tempting to think that you can handle the complete destruction or removal of data from an older system, sometimes it ‘pays’ to pay a specialist to do it. But for those of you who have the newer systems and would like to know more about DBAN, check out the full post by @geminisecurity here.

Well, that’s all for this week. Be sure to follow me @grecs during the week for more great posts from local bloggers.

o o o o o

Speaking of great local bloggers… we’re looking for some great guest bloggers to feature on NovaInfosecPortal. If you’re interested, feel free to contact us or send us a tweet.

According to the abstract of the meetup, “[n]etwork security concerns are highly interdependent; each machine’s susceptibility to attack depends critically on vulnerabilities and connectivity across the network. To protect critical networks, management must understand not only individual system vulnerabilities, but also their interdependencies.”

If you’d like additional information about this meetup, look no further than below.

• Who: John Williams of ProInfo
• What: “Topological Vulnerability Analysis”
• When: 07-16, 5:30 (doors open) & 6:30 (meeting starts) PM EST
• Where: Nortel Government Solutions (12730 Fair Lakes Circle, Fairfax, VA 22033)

For more information on the ISSA - NoVA Chapter, see its description in our NoVA Meetups section. View our Calendar for a complete list of infosec events in and around the NoVA area. Here is a link to the page with information on this meetup.

o o o o o

If you attend this event, why not write about it for NovaInfosecPortal? Contact us to learn how.

Focusing on threats to US communications, water, and energy infrastructures from natural disasters and otherwise, the InfraGard IMMA “Protecting Our Nation’s Core infrastructures–Communications, Water and Energy” meetup on July 15th will present “some innovative ways to keep these infrastructures operational in the face of potential natural disasters,” according to the event meetup page.

With four main presentations—“The Comprehensive National Cyber (Security) Initiative (CNCI): Impact to the Private Sector,” “Public-Private Collaboration for Secure Infrastructures of the Future,” “Are You Ready for a Year-Long Power Outage?” and “Update on the Human Dimension to Technical Cyber Threats”—the meetup will also have a Q&A session for questions that were not addressed during the presentations.

If this sounds like something you’d be interested in attending, look no further than below.

• Who: Ken Watson of Cisco Systems, author Bill Forstchen, Chuck Manto of Instant Access Networks, and John Kimmins of Telcordia.
• What: “The Comprehensive National Cyber (Security) Initiative (CNCI): Impact to the Private Sector,” by Shawn Henry, FBI Cyber Division,” “Public-Private Collaboration for Secure Infrastructures of the Future,” by Ken Watson of Critical Infrastructure Assurance Group, Cisco Systems, “Are You Ready for a Year-Long Power Outage?,” by Bill Forstchen, Author, and Chuck Manto of Instant Access Networks, and “Update on the Human Dimension to Technical Cyber Threats,” by John Kimmins of Telcordia.
• When: 07-15, 8:00 AM - 12:30 PM EST
• Where: Maryland Emergency Management Agency (MEMA) (5401 Rue Saint Lo Drive, Reisterstown, MD 21136)

For more information on the InfraGard - IMMA Chapter, see its description in our NoVA Meetups section. View our Calendar for a complete list of infosec events in and around the NoVA area. Here is a link to the InfraGard Website.

o o o o o

If you attend this event, why not write about it for NovaInfosecPortal? Contact us to learn how.

HacDC ecourages people to stop by with their microcontroller project to either “learn, teach or just hang out with other microcontroller enthusiasts.”

If this sounds like a meetup you’d be interested in attending, continue reading below.

• Who: HacDC
• What: “Microcontroller Mondays”
• When: 07-13, 7:00 - 8:00 PM EST
• Where: HacDC (1525 Newton St NW, Washington DC 20010; near the corner of 16th and Newton NW)

For more information about HacDC, see its description in our NoVA Meetups section. View our Calendar for a complete list of infosec events in and around the NoVA area.

o o o o o

Get your own Microcontroller Kit if you don’t have one already.

Presented by Dinis Cruz of Ounce Labs, “So what is O2?” promises to be an interesting talk. According to Cruz, “in my mind O2 is a combination of advanced tools (Technology) which are designed to be used on a particular way (Process) by knowledgeable Individuals (People).” He compares it to the idea of a fighter jet that is able to go really fast, has a ton of controls, and needs to be piloted by someone who not only knows what they’re doing, but has a purpose/mission.

Cruz used O2 to automate the workflow that he has when he’s working on a source-code security review.

While that sounds like something we could all get on the bandwagon for, Cruz warns that this meetup is not for the faint of heart: “I designed this to suit my needs, which although are the same as most other security consultants, have its own particularities.”

If you’d like to attend this meetup and learn more about O2, be sure to check out the information below.

• Who: Dinis Cruz, Ounce Labs
• What: “So what is O2?”
• When: 07-09, 6:00 - 9:00 PM EST
• Where: Booz Allen, One Dulles Facility (13200 Woodland Park Road; Herndon, VA 20171)

For more information on the OWASP - VA Local Chapter, see its description in our NoVA Meetups section. View our Calendar for a complete list of infosec events in and around the NoVA area. Here is a link to the page with information on this meetup.

o o o o o

Learn more about Open Source modules.

To follow us on Twitter, look no further than @grecs.

While you may have already seen our “Top 3 NoVA Infosec Blog Posts of the Week,” post, here’s a few more blog posts you might want to check out.

• Now it’s time for some Bejtlich posts… Man, this guy blogs like crazy. And they’re good too. #
• MOBIUS DEFENSE: In this post Bejtlich responds to Pete Herzog’s discussion of this topic. http://tinyurl.com/mryfyo #novablogger #
• OFFENSE/DEFENSE HELP EACH OTHER: Bejtlich seems to like this idea that had origins in CAG. http://tinyurl.com/mj4kyo #novablogger #
• MORE ON RED TEAMING: Bejtlich expands on the red teaming idea from his last post. http://tinyurl.com/nv7mu9 #novablogger #
• AUTOMATED DEFENSE PROBS: Many turn 2 auto 2 save $. Unfort still need ppl according 2 Bejtlich. http://tinyurl.com/mljtde #novablogger #
• BEAUTIFUL SECURITY: Bejtlich seems to not like Curphey’s chapter in this book. http://tinyurl.com/kpgs3q #novablogger #
• WHAT WOULD BEJTLICH DO?: Well since he didn’t like Curphey’s suggestions, here’s what he would do. http://tinyurl.com/mfvago #novablogger #
• $1 MIL BUDGET: Instead of spending $1mil on defense, Bejtlich looks at what attack org could do. http://tinyurl.com/mez2cz #novablogger #
• LONG-TERM COMPETITIVENESS: Nother Bejtlich post. Looks good but too lazy to read. http://tinyurl.com/m9hpve #novablogger #
• SIMPLER IP RANGE MATCHING: In response to @sans_isc entry, Bejtlich proposes a simpler solution. http://tinyurl.com/lxfbng #novablogger #
• I’m all bejtliched out now… Hopefully he’ll slow down this week. #
• DEVELOPER DAYS FOLLOW-UP: @rybolov provides summary & links to slides fr #con a/b SCAP schemas. http://tinyurl.com/rbn5ws #novablogger #
• NSA SLIPPERY SLOPE: Bejtlich predicts NSA going from monitoring .gov to .com. http://tinyurl.com/l3wfbc #novablogger #
• WINDOWS HACKING EXPOSED REVIEW: Bejtlich links to his review of this book on Amazon.com. http://tinyurl.com/q4×9vo #novablogger #
• 3/8?: Guess what this means on Bejtlich’s blog and get props. http://bit.ly/7rlJv
  #novablooger #
• TRAFFIC TALK: Bejtlich posts his 6th edition focusing on new features in Wireshark. http://tinyurl.com/kjwz9s #novablogger #
• NoVAInfosecPortal.com mentiond! Thnks 4 blog love @mubix. RT @room362 [Blog] Local Security - DC-NoVA-MD: http://ping.fm/vmSby #novablogger #
• RT @geminisecurity New blog post: Content Security Policy http://bit.ly/16Y89E #novablogger #
• Something I oftn wondered. RT @mubix Why Room362? http://bit.ly/d5wrg #novablogger #
• CTRLS AREN’T REQUIREMENTS: Nice analysis. RT @rybolov New blog “Your Security Reqs R Teh Suxxorz”: http://bit.ly/19J3hy #novablogger #
• FIX FISMA COMMENTARY: RT @rybolov New blog thingy, GAO’s 5 Steps to “Fix” FISMA: http://bit.ly/11QB4S #novablogger #

In addition to the landslide of blog posts by local infosec bloggers this week, there was also quite a buzz surrounding the NoVASec Luncheon hosted by @mubix.

• IPHONE TETHERING: 1 of topics at #novasecluncheon was iPhone tethering. All seems 2 b point 2 help.benm.at. @mubix was going 2 post 1 too. #
• RT @mubix Alright time for scheduling the next #NoVASecLunheon - July 2nd - Location TBD - Regulars, I’ll send out an email shortly #mtg #
• Quick fix. RT @mubix hahah spelling hashtag fail… #NoVASecLuncheon #mtg #
• RT @mubix thx 2 everyone who came out 4 #NoVASecLuncheon! B sure 2 put 7/25 on yr calendars & also follow @AppSecDC09 4 Con updates #mtg #

If you weren’t about to attend the NoVASec Luncheon, no worries—there’s some great events that will be happening this week. Be sure to check them out!

• RT @OWASPNoVA 7/9 Chapter #Mtg: D Cruz on O2 http://tinyurl.com/mj8n95 | Add ths & other events via iCal http://bitly.com/nipcal #
• RT @baltimorenode 2 days left 2 RSVP, make arduino twttr ctrl lamp http://bit.ly/SXV3a Add ths #mtg & othrs via iCal http://bit.ly/nipcal #
• Reminder: HacDC Microcontroller Mondays Meetup is 2morrow http://tiny.cc/wpfIU. C ths nova #mtg & othrs http://bit.ly/nipmtg. #
• RT @jaysonstreet RT @Niki7a Official Hash tag 4 Defcon 17 will B #Defcon Please feel free 2 RT. We will B posting & searching based on that. #

While all seemed to be going well in the local NoVA/DC Security community, things weren’t going so well for Twitter.

• MONTH OF TWITTER BUGS #4: RT @avivra No Biggie.. #MoTB 04: CSRF in BigTweet. http://is.gd/1nsOx #
• MONTH OF TWITTER BUGS DAY 2: RT @avivra H00t W00t! 2nd day of Month of twttr Bugs. #MoTB 02: Reflected XSS in HootSuite. http://is.gd/1lD5X #
• MONTH OF TWITTER BUGS Day 3: RT @avivra Waaalll-e.. #MoTB 03: TwitWall Persistent XSS http://bit.ly/119DzV #
• MOTB DAY 1: Good summary. RT @DarkReading Month Of Twitter Bugs Goes Live With Mini-URL Flaws http://tinyurl.com/mx9d8q #
• Glad I dont use tweetdeck. RT @haxorthematrix Tweetdeck update 0.26.3 STILL uses basic auth 4 integrated profile viewing. Vote 2 (cont… #
• …cont) fix hre: http://tinyurl.com/m87sab #

It might also be a bad week for forums…

• GOODBYE FORUMS?: RT @mubix Requesting invite 4 Tweetboard Alpha (http://tweetboard.com) by @140ware, 4 my site: http://www.room362.com #

…as well as the security coordinator position. Can’t say I blame them.

• RT @moranned apparently no one wants the cybersecurity coordinator job - http://bit.ly/18eSQb #

All that aside, this certainly made our week a little brighter. Thanks, @mubix!

• NoVAInfosecPortal.com mentioned! Thanks for the blog love @mubix. RT @room362 [Blog] Local Security - DC-NoVA-MD: http://ping.fm/vmSby #

These tweets certainly looked interesting…

• Nice! RT @ev3 via @eEyeComputerworld: “7 Deadly Sins of Social Networking Security” http://tinyurl.com/n6p3lw #
• RT @mubix RT @lennyzeltser: Scan web pages 4 malware via: http://bit.ly/z9DVW, http://bit.ly/jba1F, http://dasient.com #
• RT @moranned currently reading the New School of Information Security - http://bit.ly/xWwc6 #toread #
• These tweetsRT @jaysonstreet @LawyerLiz ths msg not self-evident … until now. Jefferson cipher ovr 200 yrs old - cracked. http://tinyurl.com/lx8zuy #And spe
  

And speaking of interesting, we couldn’t go a week without mentioning the iPhone.

• IPHONE REMOTE EXPLOIT: RT @securitytwits RT @dinodaizovi: “Charlie Miller cn own yr iPhone via SMS msg: http://bit.ly/9jgds.” #
• IPHONE HEADPHONES U DONT HAVE 2 PAY $80 FOR RT @pacohope I love my iPhone headphones http://bit.ly/JP6UB. #

While it might not be quite as cool as the iPhone, we were pretty excited about this.

• RT @TruSecure RT @flyinghamster: “Firefox 3.5 set for release tomorrow” http://tinyurl.com/kv8fby #

We were also pretty happy about this, since it means more jobs for everyone.

• MORE CAREER OPTIONS: RT @GovInfoSecurity Obama’s Cybersecurity Plan Means New IT Security Jobs - http://bit.ly/14FU9Z #

And now, some food for thought… what would you do/how would you react if this was true?

• One can only hope. RT @bearo80 Windows 7 could arrive with security settings ready http://ff.im/-4A7hz #

Since we couldn’t be shamelessly partial and put this in our top three, we wanted to take a moment to thank @mubix for mentioning us in his post “Local Security – DC-NoVA-MD.” It’s a great post that talks about how you can get involved in the local infosec community, and @mubix gave us an honorable mention. It’s nice to be a part of the community!

#3 - The Mystery of Room 362: If you’re anything like us, you’ve probably wondered why local blogger @mubix chose the name “Room362″ for his blog. Consider the mystery officially solved. While we don’t want to give too much away, @mubix opens his story with the following sentence: “It all started with a desk of multiplying pizzas…” How can a story that starts like that not be interesting? Read the full story behind Room 362 here.

#2 - A Slippery Slope: Imagine a world where the NSA monitored our internet usage. Scary, right? While it sounds like something out of George Orwell’s 1984, according to author and local blogger Richard Bejtlich, that possibility might not be far off. “The bottom line is that first the military protected itself, and now the military is going to help protect civilian government agencies. Critical private infrastructure will be next, followed by economically important companies,” says Bejtlich in his recent post “NSA to “Screen” .gov Now, I Predict .com Later.” Reacting to a recent Washington Post article, Bejtlich has some interesting thoughts on the future of private networks. You can read all about them here.

#1 - Security Requirements = FAIL: Local blogger @rybolov had some interesting things to say about security controls and requirements this past week in his post “Your Security ‘Requirements’ are Teh Suxxorz.” According to @rybolov, most standard security controls that are created to protect systems are eventually turned into requirements. The result? Spectacular failure, in most cases. According to @rybolov, “[t]he problem with quoting back the ‘requirements’ from a catalog of controls is that they’re not really requirements, they’re control objectives–abstract representations of what you need in order to protect your data, IT system, or business.” So why is this bad? “It’s a bit like brain surgery using a hammer and chisel–yes, it might work out for you, but I don’t really feel comfortable doing it or being on the receiving end,” says @rybolov. Check out the full post here.

Well, that’s all for this week. Be sure to follow me @grecs during the week for more great posts from local bloggers.

o o o o o

Speaking of great local bloggers… we’re looking for some great guest bloggers to feature on NovaInfosecPortal. If you’re interested, feel free to contact us or send us a tweet.

Their “Ambient Orb Workshop” this coming Thursday, July 9th promises to be interesting and fun, with attendees learning how to build an ambient orb clone using a high-powered LED to display data passed to an Arduino.

Slots are filling up, so be sure to register now if you’re interested. To get more information about this workshop, continue reading below.

• Who: Baltimore Node
• What: “Ambient Orb Workshop”
• When: 07-09, 7:00PM - 10:00PM EST
• Where: Mica (113 W North Ave. Baltimore, MD 21201)

If you attend this workshop, we’d love to hear how it went. Please leave a comment about it below, or feel free to drop us a line.

For more information about Baltimore Node, see its description in our NoVA Meetups section. View our Calendar for a complete list of infosec events in and around the NoVA area.

o o o o o

What exactly is an ambient orb, anyways?

Marcus said that the August DojoSec will be happening as planned, so be sure to mark your calendars accordingly!