Week 41 in Review – 2010

Events Related:




Vendor/Software Patches:

Other News:

  • Dead or Alive: Pen Testing – securosis.com
    The pen testers need to operate in a reasonable semblance of a real wold scenario. Obviously you don’t want them taking down your production network. But you can’t put them in a box either.
  • Pen-and-Paper SQL Injection Attack Against Swedish Election – schneier.com
    Some copycat imitated this xkcd cartoon in Sweden, hand writing an SQL injection attack onto a paper ballot.
  • Security services firm iSEC Partners acquired – techtarget.com
    ISEC Partners, a pen-testing and security services consultancy that has been at the forefront of innovative research in the past half-decade, was acquired today by NCC Group of Manchester, England.
  • Attack of the monster frames (a mini-retrospective) – lcamtuf.blogspot.com
    The next notable milestone: clickjacking – a seemingly obvious threat essentially ignored by the security community (perhaps in hope it disappears), until extravagantly publicized by Jeremiah Grossman and Robert ‘RSnake’ Hansen in 2008.
  • Java: A Gift to Exploit Pack Makers – krebsonsecurity.com
    Take one look at the newest kit on the block — “Blackhole” — and it is obvious that Java vulnerabilities continue to give attackers the most mileage and profit, and have surpassed Adobe flaws as the most successful exploit vehicles.
  • Guest Post: Michelle Klinger “Interview with a Mentor…Mentor R – infosecmentors.blogspot.com
    As previously mentioned, this is the continuation in a series of interviews with both mentees and mentors on their experience with InfoSec Mentors to date.
  • Mentor vs. Mentee – infosecmentors.blogspot.com
    We’ve been matching mentors and mentees at lightning speed in the past days and as one would come to expect, we have much more mentees than we have mentors.
  • Suggestions for getting started – infosecmentors.blogspot.com
    I thought I would create a small list of activities you should expect to do during the beginning phase of your mentoring relationship.

Leave A Comment