LegRoom.net Kick back and relax

Okay, this is actually one of the coolest things I've seen in a while. According to the site:

SecurityDocs.com is a directory of information security articles, white papers, and other documents that information security professionals find useful.

I spent a little bit of time earlier browsing the site, and it looks like there's some REALLY good content on here, covering everything ranging from firewall rulesets to OS hardening to security awareness. Very cool.



http://www.securitydocs.com/

Microsoft yesterday released their latest collection of patches for vulnerabilities in Windows and Outlook Express. There are four patches total, but each covers multiple vulnerabilities, including several "critical" vulnerabilities. For thos Windows users out there, I'd recommend patching ASAP.

Overview article on SecurityFocus
Microsoft Security Bulletins

Recently, a string of attacks has taken place against numerous University systems and other high performance computing centers. This bulletin from the Stanford University ITSS provides an excellent overview of the attacks, covering how they were compromised, what evidence to look for, possible countermeasures, etc.

This is a very well-written article that also provides background information on the hows and whys of expoits. I highly recommend it.

Here's the full story.

You are engaged in a chat session with some friends and colleagues, when one of them makes a witty remark or imparts a pithy bit of information. You hit CTRL-A and select the conversation, then copy it to a document that you save. Under a little-noticed decision in a New Hampshire Superior Court in late February, these actions may just land you in jail.

So does that sound as rediculous to you as it does to me? You'll need to read the full story on SecurityFocus for all the details, but needless to say, it's an awful situation. Heck, all major chat clients (including the oh-so-wonderful Gaim include features to automatically save transcripts. This is a selling point. Let's hope this situation gets resolved quickly.



Here's the full story.

Here's the follow-up to the forensics article I posted below. This time the article focuses on the collection and analysis of data, and references some pretty good resources at the end of the article. Well worth checking out.

Here's the full article.