Stories For Discussion
SANS Updated Top 20 Vulnerabilities - This list has been updated to point out that attackers are targeting web browsers and OS X more than we have seen before. All web browsers we called out, not just IE (although IE is the worst).
Hacking LED Signboards in Canada - Twitchy, were you in Canada lately?
Bruce wants to know: Who owns your computer? - Fantastic article from Bruce Schneier.
Security Tools Integration Framework - "provide a unified environment and data exchange platform for automated security assessments in heterogeneous environments. In simple words it is a platform for “hacking” automation, where STIF emulates the “brain” of a security analyst to perform repetitive tasks."
Microsoft Bitlocker - Drive encryption in Vista. Hmmm, considering most users are completely stumped when it comes to simple things, like passwords, this could spell disaster.
MySQL Vulnerabilities - I heard some underground buzz about these a month or so ago. One requires that you have anonymous users enabled, and the other requires a valid account. However, a valid account could be taken with the tool we mentioned above :-)
Steal a BMW with a laptop - Gotta love keyless entry and starting. Can you say two-factor authentication?
Other Stories Of Interest
New Linux WiFi Drivers - Big question, will they support monitor mode?
RI State Wide WiFi - Not certain what I can comment on here, so, no comment :)
Legit Open WiFi? - "PERM is the Practical End-host collaborative Residential Multihoming framework. 802.11 networks have spread rapidly in the residential area, and it is common for neighbors to receive signals from each other's home wireless networks. PERM allows residents to leverage such an opportunity" [Thanks to my cow-worker "Dr. J" for passing this one along]
Dilbert funny - ahahahhahaha!!!
Add link for Security Forrest