Good evening ladies and gents to a belated round of digs. Apologies for the lack of a weekend and Monday post, but travels and an unexpected difficulty made posting rather hard. We're back to our weekly schedule with the exception that the screencast is being pushed back to next week and there may not be a weekend redux. We'll see how things pan out, but stay tuned regardless!
So what do you get when you cross rookie "cyber crime" law enforcement and some stolen passwords? Well, everyone seems to have had something to say about it today as law enforcement blew any chance of using underground leads they already had access to. Check out the nice write up over at the SpywareGuide blog.
[Law Enforcement Altered r00t-y0u]
The Windows Incident Response site has some got a write up around all sorts of tools you should have in your box with regards to forensically collecting information on images. NetworkMiner is mentioned at the very end and is something that I had, at one time, meant to check out but never got around to.
[Windows Incident Response - Tools and Links]
Only 130 million card numbers? Really, that's all Sevgec and crew came up with? Sure you caught the sarcasm but if not, and this trend continues, we're in for the fire storm sure to follow as consumers start to demand better protection in the cardholder space.
[Three Men Charged in 130 Million Credit Card Theft]
Need a good definition to describe insecure cookie handling to, possibly, misguided web devs? Cenzic has your answer over on their blog.
[Insecure Cookie Handling]
The US-CERT has some useful resources and the weekly security bulletin is definitely one of them. If you've never checked it out I'd recommend starting now. Although this of specific interest this is just one of the large volume of feeds we scour for daily insights.
[US-CERT Weekly Bulletins]
Windows 7 -- can it be the saving grace to the flop better known as Vista? I think surely Microsoft has a decent chance with this revision of their, once, flagship product. Problem is that the OS is still too big for it's britches and legacy support will be the bane of it's security problems well into the next 5 years. XP mode is definitely going to be one of the most difficult areas of 7 to swallow because, in essence, one will now have to maintain security patches of two operating systems moving forward and as we all know most people have problems just dealing with one.
[Windows 7's Achilles' Heel]
SANS has an interesting article up entitled "Surviving a Third Party Onsite Audit". I'm sorry but this is just wrong coming from SANS. Generally they have their head on straight and are a good resource for information but "surviving" an audit is not something people should be focused on. The real focus should be doing security the right way every day, not just when one knows the auditor will be knocking on the front door. I see it time and time again in clients wherein everyone is always in scramble mode and then, if all goes well, it's a celebratory "win". That is, until next time when you scramble to put in that extra new box with blinky lights that's the saving-grace for today. Do it right and do it right everyday and if you can't do that then fall back to "the audit survival guide". At that point, however, you really need to question the abilities and resources you have to do due diligence.
[Surviving a Third Party Audit]
Can you pick a 5-pin in 87 seconds? I'm guessing not - unless your name is Jos Weyers. Check this video out of him at LockCon.
[87 Seconds... Jos Weyers!]
Oh Facebook -- you're the favored platform of phishers and skiddies alike! One more reason to avoid social network platforms, especially those that all of your super security conscious friends from high-school running Windows ME are on.
[Facebook Phishers Cast Multiple Lines]
Today must be a day of definitions because if you've ever really wanted to know what ESAPI was, without digging into it, you've just hit the jackpot. Although this one's been out for a few weeks it just made its way across my feeds and is definitely a worthy read if you're interested in what it is and some show and tell of how you can help justify implementing it.
[What is ESAPI?]
That's all for tonight's digs folks! Although I have a ton left in the queue it's about that time to post. Check out some of the left overs in the grab bag below.
-windexh8er
Tonights grab bag lineup as follows:
[IEEE Connections Program]
[Visualizing IDS Output]
[Routing Redundancy: How much is enough?]
[Personal Responsibility in PCI]
[Useful Security]
[Federated ID, OpenID and OAuth Primer]
[FTC Issues Health Breach Notification Rule]
[Hyperjacking]
[DNS Blacklist Unveiled]
