What’s the biggest problem in computer security, according to valsmith at carnal0wnage.attackresearch.com? Well, it’s…
Staffing.
As the author admits, the post leans toward self-promotion of the company, but it makes many good points and deserves a read and a good pondering.
In case you missed it, the Internet Storm Center had a great post the other day, asking readers:
Lenny Zeltser not only created some great security cheatsheets, he compiled a list of some good reference guides developed by others.
Why should you trust his FREE cheatsheets? Lenny leads a security consulting practice, teaches malware analysis, explores security topics at conferences and in articles, and volunteers as an incident handler at the Internet Storm Center.
So whether you want to learn more about specific security practices or just have a quick reference, you’ll want these cheatsheets.
I ran across Tom Olzak’s post where he quotes from an SANS article by Daniel Wesemann, Password rules: Change them every 25 years. I disagree with both of them on a few points.
First, Olzak notes in his introductory paragraph that
Filed under Security
The SANS Audit Advice and Resources* website has a free checklists section:
6 VMWare Settings Every IT Auditor Should Know About
5 Things Every IT Auditor Needs to Know About: SSH Configuration
When I joined LinkedIn, it was because it was BUSINESS-like and so un-Facebook. As much as I like LinkedIn, it is becoming too much like Twitter and Facebook. Or perhaps it is more accurate to say that LinkedIn features are being used in the same casual manner.
Filed under Security
Lenny Zeltser, of the SANS Internet Storm Center, posted his Three Laws of Behavior Dynamics for Information Security. These laws describe why people follow or don’t follow new security initiatives. Basically, it describes how people react to change overall, but Zeltser focuses on security change specifically.
Filed under Security
ITauditSecurity 