-- SANS Northern Virginia 2011, Reston, VA, April 15-23, 2011 11 courses. Bonus evening presentations include Cyberwar or Business as Usual? The State of US Federal CyberSecurity Efforts http://www.sans.org/northern-virginia-2011/
-- SANS Security West 2011, San Diego, CA, May 3-12, 2011 23 courses. Bonus evening presentations include The Emerging Security Threat Panel Discussion; and Emerging Trends in Data Law and Investigation http://www.sans.org/security-west-2011/
Plus Barcelona, Amsterdam, Brisbane and London all in the next 90 days. For a list of all upcoming events, on-line and live: http://www.sans.org/index.php ******************** Sponsored by Tripwire, Inc. *************************
New SANS Analyst Program Webcast: Debunking Continuous Monitoring Myths, May 17, 1PM EDT Learn what holds organizations back from implementing continuous monitoring and where to get started. Featuring Eugene E. Schultz and Steve Johnston. http://www.sans.org/info/73838
[Editor's Note (Pescatore): The SSL certificate industry has long needed to invest in stronger external review of registration processes, as proven by this incident and others before it. (Ullrich): SSL is based on trust. However, in a race to the bottom on pricing, certificate authorities no longer are able to rally the resources to sufficiently secure the SSL infrastructure they manage. It is sad that all it took to compromise the system was a single password, not two factor authentication. This comes just at a time when we finally see large sites like Facebook, Google, Microsoft and Twitter implementing site-wide SSL as an option. ]
Managing Effects of RSA SecurID Breach (March 23, 2011)
A Department of Homeland Security (DHS) spokesperson said that DHS is working with RSA to secure networks accessible through that company's SecurID two-factor authentication technology, following RSA's disclosure of a security breach that compromised "certain information" about SecurID. RSA has contracts with numerous federal government agencies. RSA has published a bulletin detailing what steps companies can take to protect their information. Internet Storm Center: -http://isc.sans.edu/diary.html?storyid=10564 -http://www.washingtonpost.com/world/us_agencies_respond_to_cyberattack_on_inform ation_security_firm/2011/03/23/ABDhjoKB_story.html?wprss=rss_homepage [Editor's Note: (Paller): One of the largest defense contractors has stopped the use of RSA tokens by its senior staff. They replaced the tokens with another manufacturer's solution. I asked whether the move had been planned for a long time. The answer was, "No. We did it because of the breach." ]
Attack Code Targets SCADA Systems (March 22 & 23, 2011)
1) Interested in being part of the solution to fill the critical gap in the nation's cyber security workforce? Sponsor a student scholarship for the next round of the next Cyber Quests (http://uscc.cyberquests.org/) competition starting April 18th. For more information on how you can help, contact Renee N. McLaughlin at firstname.lastname@example.org.
Possible Explanation for Gmail Troubles in China (March 24, 2011)
Security experts have suggested allegations that China has been interfering in Gmail service could be explained by the use of "transparent proxies." These intermediary servers intercept and relay messages and are capable of making changes to the intercepted messages before sending them on to their destinations. Some companies use transparent proxies to filter employees' Internet access. Governments are increasingly using them to identify and censor dissidents. Using HTTPS could thwart these man-in-the-middle attacks. -http://www.technologyreview.com/web/37074
Senator Wants Clarity on US Government's Authority to Track Mobile Data (March 23, 2011)
Senator Ron Wyden (D-Oregon) has proposed a bill that would require the government to obtain warrants before using geo-location information to track individuals. The bill specifies exceptions emergencies, including when someone's life or safety is in danger, when there are immediate risks of danger to others, activities that threaten national security, or activity indicative of organized crime. Critics of the bill say the exceptions are so narrow that federal law enforcement agents might be wary of ever using geo-location information to track people. -http://www.nextgov.com/nextgov/ng_20110323_8085.php
Apple Issues OS X Security Updates (March 22, 2011)
Eugene Schultz, Ph.D., CISM, CISSP, GLSC is CTO of Emagined Security and the author/co-author of books on Unix security, Internet security, Windows NT/2000 security, incident response, and intrusion detection and prevention. He was also the co-founder and original project manager of the Department of Energy's Computer Incident Advisory Capability (CIAC).
John Pescatore is Vice President at Gartner Inc.; he has worked in computer and network security since 1978.
Stephen Northcutt founded the GIAC certification and currently serves as President of the SANS Technology Institute, a post graduate level IT Security College, www.sans.edu.
Dr. Johannes Ullrich is Chief Technology Officer of the Internet Storm Center and Dean of the Faculty of the graduate school at the SANS Technology Institute.
Ed Skoudis is co-founder of Inguardians, a security research and consulting firm, and author and lead instructor of the SANS Hacker Exploits and Incident Handling course.
Rob Lee is the curriculum lead instructor for the SANS Institute's computer forensic courses (computer-forensics.sans.org) and a Director at the incident response company Mandiant.
Rohit Dhamankar is a security professional currently involved in independent security research.
Tom Liston is a Senior Security Consultant and Malware Analyst for Inguardians, a handler for the SANS Institute's Internet Storm Center, and co-author of the book Counter Hack Reloaded.
Dr. Eric Cole is an instructor, author and fellow with The SANS Institute. He has written five books, including Insider Threat and he is a founder with Secure Anchor Consulting.
Ron Dick directed the National Infrastructure Protection Center (NIPC) at the FBI and served as President of the InfraGard National Members Alliance - with more than 22,000 members.
Mason Brown is one of a very small number of people in the information security field who have held a top management position in a Fortune 50 company (Alcoa). He is leading SANS' global initiative to improve application security.
David Hoelzer is the director of research & principal examiner for Enclave Forensics and a senior fellow with the SANS Technology Institute.
Mark Weatherford, Chief Security Officer, North American Electric Reliability Corporation (NERC).
Alan Paller is director of research at the SANS Institute.
Marcus J. Ranum built the first firewall for the White House and is widely recognized as a security products designer and industry innovator.
Clint Kreitner is the founding President and CEO of The Center for Internet Security.
Brian Honan is an independent security consultant based in Dublin, Ireland.
David Turley is SANS infrastructure manager and serves as production manager and final editor on SANS NewsBites.
Please feel free to share this with interested parties via email, but no posting is allowed on web sites. For a free subscription, (and for free posters) or to update a current subscription, visit http://portal.sans.org/