infosec news | Popular

Summer Schools in Cryptography and Software Security at Penn State

Thu, 29 Mar 2012 16:26:04 EDT

Normally I just delete these as spam, but this summer program for graduate students 1) looks interesting, and 2) has some scholarship money available....

2 Vote(s)

Book Review: The Tangled Web

Thu, 29 Mar 2012 18:26:05 EDT

The Tangled Web: A Guide to Securing Modern Web Applications, (http://www.nostarch.com/tangledweb) an incredible and highly technical book published by No Starch Press. Since the browser is the portal of choice for so many users, its inherent security flaws leave the user at a significant risk. This book details the issues surrounding insecure web browsers and what developers can do to mitigate

2 Vote(s)

What EMR & EHR applications do?

Thu, 29 Mar 2012 19:30:44 EDT

EHR application development and EMR application development are conducted for the institutions such as hospitals, clinics, and at the offices of physicians, health care providers, medical employers, insurers who access to a patient's medical records.

2 Vote(s)

Karate Classes Children With Learning Disorders

Fri, 30 Mar 2012 06:56:21 EDT

Children looking to join karate classes with learning disabilities, please visit Elite Self Defense Academy for best karate lessons. For more info visit : http://www.bestfreekarate.com/classes/special-program-for-children-with-learning-disorders

3 Vote(s)

Mark Wuergler

Fri, 30 Mar 2012 17:26:04 EDT

Posted by Dave Aitel on Mar 30When I watch Mark Wuergler's INFILTRATE 2012 talk on wireless attacks it
makes me think of the tiny Fear Demon from Buffy
. We had to
squeeze him down into a tiny window at the top right. All you can really
see about him is that he's vaguely humanoid. And the Silverlight

2 Vote(s)

Friday Squid Blogging: How Squid Hear

Fri, 30 Mar 2012 18:26:04 EDT

Interesting research: The squid use two closely spaced organs called statocysts to sense sound. "I think of a statocyst as an inside-out tennis ball," explains Dr Mooney. "It's got hairs on the inside and this little dense calcium stone that sits on those hair cells. "What happens is that the sound wave actually moves the squid back and forth, and...

2 Vote(s)

RevitaDerm Review

Mon, 28 Nov 2011 01:33:30 EST

Most the masses have seen Revitaderm before although I was prepared to discover that relative to Revitaderm Review at the time. Make sure that you take advantage of Revitaderm. If you are really satisfied with your Revitaderm, try to discover if they are providing Revitaderm too. Get over that and move on. Revitaderm is built like a Revitaderm. How can mobs reach luxurious Revitaderm reviews?
5 Vote(s)

Cafefit Review

Mon, 28 Nov 2011 00:44:28 EST

Cafefit is something that most buddies would contemplate trivial. How do mavens achieve top-notch Cafefit directories? What more do you need? I called her bluff. They're only human. I'm sharing this list of points on Cafefit with you. We would always do that with Cafefit when we could.

9 Vote(s)

British Phone Hacking Scandal

Mon, 18 Jul 2011 12:26:06 EDT

Ross Anderson discusses the technical and policy details....

2 Vote(s)

The BarCon Call For Paper is now open!

Mon, 18 Jul 2011 11:26:01 EDT

Posted by the grugq on Jul 18Fellow Daily Dave lurkers,

I'm happy to inform you that the BarCon Call For Papers is now open...
for approximately 48 hours. If you are not familiar with the guiding
principles of BarCon, check out our website: http://www.thebarcon.org

If you'd like to join us for hardcore uncensored security talks that
skip to the good

2 Vote(s)

H2HC Brazil (Hackers 2 Hackers Conference) 8th Edition - Call for Papers

Tue, 19 Jul 2011 21:26:06 EDT

Posted by Rodrigo Rubira Branco (BSDaemon) on Jul 19CALL FOR PAPERS - Hackers 2 Hackers Conference 8th edition

The call for papers for H2HC 8th edition is now open. H2HC is a hacker
conference taking place in Sao Paulo, Brazil, from 29 to 30 October 2011.

[ - Introduction - ]

For the eighth consecutive year and past success we have been having,
the annu

2 Vote(s)

Bejtlich Teaching in Abu Dhabi in December

Tue, 05 Jul 2011 20:26:04 EDT

I'm pleased to announce that on December 12-13 at Black Hat Abu Dhabi I will teach a special two-day edition of TCP/IP Weapons School 3.0. This class is designed for junior and intermediate security analysts. The "sweet spot" for the potential student is someone working in a security operations center (SOC) or computer incident response team (CIRT), or someone trying to establish one of those o

2 Vote(s)

Man Flies with Someone Else's Ticket and No Legal ID

Wed, 06 Jul 2011 08:26:06 EDT

Last week, I got a bunch of press calls about Olajide Oluwaseun Noibi, who flew from New York to Los Angeles using an expired ticket in someone else's name and a university ID. They all wanted to know what this says about airport security. It says that airport security isn't perfect, and that people make mistakes. But it's not something...

2 Vote(s)

Teach Don't Just Learn, to Build Your Security Career

Wed, 06 Jul 2011 09:59:09 EDT

There are many ways of learning, teaching others is the best way.

2 Vote(s)

FUD is out, ROSI is in

Wed, 06 Jul 2011 10:05:56 EDT

FUD (Fear, uncertainty, and doubt) use to be the crutch that security leaders leaned on to get the budgets they need. That has changed to ROSI (Return on Security Investment). This article explains some of the new Security Leadership Basics that everyone needs to know.

2 Vote(s)

What is a cyber-range?

Wed, 06 Jul 2011 12:26:04 EDT

Posted by Dave Aitel on Jul 06I promised @breakingpoint on the twitters that I'd start a thread to ask
them what this weird thing they are advertising actually does:
http://www.breakingpointsystems.com/company/news-and-events/news-releases/breakingpoint-cyber-range-device-launches/

So that's my question of the day (yesterday, really). What does it do?
My unders

2 Vote(s)

Re: What is a cyber-range?

Wed, 06 Jul 2011 20:26:02 EDT

Posted by Jason Lewis on Jul 06The RFI's I've seen suggest millions of virtual machines that can
simulate a global network. If that is even feasible is another story.
Example: http://www.scmagazineus.com/researchers-simulate-a-botnet-of-1-million-zombies/article/140988/
That botnet doesn't even address the routing topology, which seems
to be one of the goals

2 Vote(s)

Re: What is a cyber-range?

Wed, 06 Jul 2011 22:26:01 EDT

Posted by J.A. Terranson on Jul 06While I doubt that a single "commodity box" (as you put it) can simulate a
real internet with real botnets, platforms such as the old Springtide are
ideal for this (and I have used them for this exact purpose, albeit on a
much smaller scale).

These old virtual routing platforms are cheap, easy to find on ebay or
ebay-l

2 Vote(s)

Re: What is a cyber-range?

Thu, 07 Jul 2011 00:26:01 EDT

Posted by Dobbins, Roland on Jul 06What they don't allow one to do is to launch attacks and test their effects on actual, modern, hardware-based routers
and layer-3 switches.

The viability of software-based Internet edge routers ended 7-8 years ago; any organization still relying on
software-based edge routers can be taken down with a trivial DDoS attack, so no stres

2 Vote(s)

Security Conference Recommendations

Sat, 04 Jun 2011 17:26:03 EDT

After my post Bejtlich Teaching at USENIX Security in San Francisco 8-9 Aug a reader asked the following:Richard,I was curious if you could suggest other security conferences that either you have attended or have heard are better than average? It seems as though everyone and their brother sponsor some sort of security conference and it is difficult to tell how educational they will be just by rea

2 Vote(s)