Suggested Blog Reading – Wednesday April 18th, 2007

ReadHalf way to the weekend…’s the list for today:

Digital forensics lack standards

Court cases involving digital evidence are at risk of collapsing because some police forces fail to check the security of computer forensics suppliers.

At long last, IPv6

Tim Winters, software managing engineer with the University of New Hampshire Interoperability Lab, predicts that the move to secure granular bits of data will finally mean the emergence of IPv6.

Corporate data slips out via Google calendar

It’s not clear what gets discussed during McKinsey & Co.’s weekly internal communication meeting, but the dial-in number and passcode for the event can be easily found by searching with Google.

Blackberry / RIM Outage?

We are experiencing technical difficulties with BlackBerry services affecting sending and receiving of emails. You will also experience issues using the BlackBerry Browser and sending and receiving of PIN to PIN messages. We are taking all necessary actions to restore regular service levels.

Where Do You Get Your Security Policies From?

Is there a good outline for a security policy out on the web or that you have?

I am the Sys Admin for a company that designs communications solutions for government agencies. I started here 6 months ago and I have not found any security practices! There are no computer policies at all!

I have been trying to get some put in place but have been over ruled until recently so I am looking for a good baseline to start.

Microsoft Urges Workaround as Worm Hits Unpatched DNS Flaw

With a worm exploiting the unpatched zero-day vulnerability in Microsoft’s Domain Name System Service mere days after it was discovered, Microsoft on Monday urged customers to apply workarounds the company had provided in its earlier security advisory.

Free Information Security Training Workshops from FISSEA

I hope information security and privacy pros know about the U.S. Federal Information Systems Security Educators’ Association (FISSEA).

Readers’ Choice Awards

Information Security and recognize the best security technology with the Readers’ Choice awards. Security products in 15 categories, including emerging technologies, were voted on by more than 800 Information Security readers.

The Evolution of Peacomm to “all-in-one” Trojan

What we saw in the first Trojan.Peacomm outbreak during January was only the beginning of the “storm-worm” war. The initial outbreak seemed to be an experiment in setting up a peer-to-peer (P2P) bot network, and to test the potential of the Trojan. The bad guys who were behind those criminal activities used the first variant of Peacomm to distribute a set of single-module Trojans that were programmed to send spam, perform DDoS attacks, gather mail addresses, and distribute new versions of the Trojan.

Jim Rapoza’s 12 Ways to Be A Security Idiot

Are you a security idiot? In a popular column from 2003, Jim Rapoza ranted about how most viruses and computer security problems are made possible by stupid people doing stupid things with their computers. Unfortunately, things haven’t changed much since then. So if you’re feeling left out, read Jim’s list of 12 ways to join the ranks of the attachment-opening, virus-downloading masses.

SSDL rides the unicycle so you don’t have to

Many ambitious moons ago, in a bygone life since relinquished, I was an analyst. On those days I reminisce and smile warmly with a pocket or three bulging with priceless war stories, an agenda of clearly expressed nuisances that “someone should fix else I wear my frowny face again,” and a clear reverence for the analyst in their daily adventures in the Wonderland of Surprises that is the Internet I’ve come to know… and begrudgingly adore. Resistance is futile, apparently.

103 Free Security Tools + a Few

Rich McIver sent over an article on entitled 103 Free Security Tools. It’s actually a pretty thorough list. Of course it’s not everything, but it actually covered quite a few programs that I personally have used.

Security Remains a Challenge for Browser Developers

The panelists, who were tasked with addressing the topic titled “The Arrival of Web 2.0: The State of the Union on Browser Technology,” hailed from the open-source community all the way to the most proprietary of companies, Microsoft, and those in between.

Scroll to top