Discovering Myself

I think I will update this as well, someone already started it, I’ll just add to it.

SANS Internet Storm Center

The diaries the
handlers post here are very useful. There is also a threat-con meter
that shows their thoughts on the current state of threats.

Home Page
http://isc.sans.org/
Feeds
http://isc.sans.org/xml.html

Security Focus

This is a must place to visit. There are good security articles as well as vulnerability advisories and home of BugTraq.

Home Page
http://www.securityfocus.com/

Feeds
http://www.securityfocus.com/rss/news.xml
http://www.securityfocus.com/rss/vulnerabilities.xml

Secunia

Home of the Full Disclosure mailing list and a great place to research vulnerabilities.

Home Page
http://secunia.com/

Feeds
http://secunia.com/rss_feeds/

Black Hat

Organizer of one of the most infamous conferences in the security world. They also have an archive of presentations.

Home Page
http://www.blackhat.com/

Feeds
http://www.blackhat.com/BlackHatRSS.xml

Milw0rm

This
is one place you should check at least once a day. This site hosts
exploits for various methods of breaking into computers and is a place
where you will see many zero day exploits.

Home Page
http://www.milw0rm.com/

Feeds
http://www.milw0rm.com/rss.php

ha.ckers.org

This is a blog where you will see a lot of VERY useful information. This is another place you should really watch.

Home Page
http://ha.ckers.org/

Feeds
http://ha.ckers.org/blog/feed/

MojoKid writes “According to a release issued by Rocky Mountain Tracking, an 18-year old man, Shaun Malone, was able to successfully contest a speeding ticket in court using the data from a GPS device installed in his car. This wasn’t just any old make-a-left-turn-100-feet-ahead-onto-Maple-Street GPS; this was a vehicle-tracking GPS device — the kind used by trucking fleets — or in this case, overprotective parents. The device was installed in Malone’s car by his parents, and the press release makes no mention if the teenager knew that the device was installed in his vehicle at the time.”

Read more of this story

This is an interesting article that I saw on slashdot. I wonder what this will mean for the future of processor competition.

Barence writes to mention that after seeing almost $1.2 billion in second quarter losses, AMD’s CEO has resigned. Stepping up to fill his shoes will be Dirk Meyer, previous company president and COO. “Only two years ago, the company held a processor performance lead and was making serious inroads into Intel’s market. However, AMD failed to keep pace with Intel’s Core technology, and it once again surrendered its performance crown at the dawn of the multicore era. Those problems were exacerbated by the bungled launch of the Barcelona processors, which prompted Ruiz to make a frank public apology last December.”

Read more of this story at Slashdot.

Ok, I apparently forgot to put some stuff in my memo. So there are a few elements that MUST be in a memo. I know this after this incident.

1. What is going to occur?
2. Why is it going to occur?
3. When is it going to occur?
4. Who is implementing and responsible for this memo?
5. Who to contact with questions.

That should cover it. Hopefully I won’t forget to include those items. I usually forget the when part… haha

I’ve seen this all over!

In large organizations you can’t always “lock down” workstations due to productivity loss and irritating employees that could and will go elsewhere.  It’s surprising how hard it is to implement solutions that will protect corporate and personal data just because they can’t install their little widget that makes little pictures fly across their screen.

Well Symantec decided to reclassify My Web Search Bar as a Downloader which totally screwed my reporting the other day.  We showed like a bazillion infections.

I researched this and found the file to be innocuous.  Symantec’s solution?  To tell me the file was innocuous and to ignore it.

Well anyway, I have to deal with this and other malware in ASIA due to keygens and other shananigans that people don’t realize are on their USB storage or what not. Oh well, at least it keeps me in a job.

I’m currently working on getting the Symantec Endpoint Protection tested and implemented globally.  That’s a huge endeavor on 13,000+ workstations and servers.  I’m a little leary of installing on servers at this point because I don’t know the impact on applications yet.  It does some new funky things and i don’t want anyone yelling at me.

I personally like the product, they’ve fixed many things in the MR2 release.  We’ll see how this whole project pans out.