InfoSec News

The people over at MoonSols have made their amazing one-click memory dump tool Dumpit available for free download.
Dumpit vastly simplifies memory acquisition. Effectively Dumpit combines win32dd and win64dd into one tool and is so simple to use even a non-technical user could do acquisition from a USB key. The dump can then be analyzed using conventional tools such as Redline or Volatility.
For a quick demo of Dumpit, check out the video demo from fellow handler Lenny Zeltser.
-- Rick Wanner - rwanner at isc dot sans dot org - http://namedeplume.blogspot.com/ - Twitter:namedeplume (Protected) (c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
 
Yesterday was the 30th Anniversary of the release of the IBMPC. It was an interesting walk down memory lane going back and reading some of the reviews of the PC. Over at the ISC this started the discussion of What was your first computer? The ISCHandlers vary widely in age, so the answers predictably were quite variable. Oddly enough, although some of us worked with the IBMPC, none of us actually owned one, Timex Sinclair, TRS-80, IBMXT, 286 PC clone, Vic-20, Commodore-64, Amiga and Apple II were some of the answers.
Mine was a TRS80 Model I my Dad bought in about 1978. It was a 4K machine with a cassette tape drive. The first programming language I learned was Z80 assembler, followed shortly by Basic. The first real program I wrote was a bad graphical version of poker dice.
I would love to hear about your first...

-- Rick Wanner - rwanner at isc dot sans dot org - http://namedeplume.blogspot.com/ - Twitter:namedeplume (Protected) (c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
 
Months after Google said that Chinese hackers were targeting the Gmail accounts of senior U.S. government officials, attempts to hijack Gmail inboxes continue, a researcher said.
 
What will smartphones look like in five years? Or ten? What sort of amazing things will they be able to do?
 
Google needs to come up with a real names policy for its Google+ social network that doesn't require phony justifications, columnist Mike Elgan says.
 
 
Edith Marden, National Bureau of Standards (now the National Institute of Standards and Technology) computer programmer, operates the Standards Electronic Automatic Computer (SEAC) during the 1950s.Credit: NISTView hi-resolution imagetab
 
Cybersecurity training is spreading from high-tech and government offices into high schools, libraries and workplaces near you. Called the National Initiative for Cybersecurity Education (NICE) and coordinated bythe National Institute of ...
 
As part of its initiative to ensure that the Internet continues to spawn growth and innovation, the Department of Commerce will hold a symposium on 'Cybersecurity and Innovation in the Information Economy' on July 27, 2010, at the Ronald ...
 
After a public comment period, the National Institute of Standards and Technology (NIST) has published an updated set of guidelines for developing security assessment plans and associated security control assessment procedures that are ...
 
The National Institute of Standards and Technology (NIST) has issued draft recommendations for securely configuring and using full virtualization technologies, which, by means of software, duplicate a computers operating system and its ...
 
A comprehensive review of the nexus between cybersecurity challenges in the commercial sector and innovation in the Internet economy that is being conducted by The Department of Commerces Internet Policy Task Force is the subject of the ...
 
The Commerce Department has published a Notice of Inquiry (NOI) on 'Cybersecurity, Innovation, and Internet Policy.' The department seeks comments from all stakeholders, including the commercial, academic and civil society sectors, on ...
 
In efforts to help the nations health care industry make the transition to the digital age in an effective and meaningful fashion, the National Institute of Standards and Technology (NIST) has published a set of approved procedures for ...
 
The Sixth Annual IT Security Automation Conference, co-hosted by the National Institute of Standards and Technology (NIST), focuses on applying and integrating emerging cyber security automation technologies and software assurance into a ...
 
 
On November 4 and 5, 2010, the National Institute of Standards and Technology (NIST) will host the Cloud Computing Forum and Workshop II to give government and industry stakeholders opportunity to comment on the next steps in developing ...
 
The National Institute of Standards and Technology (NIST) and the National Telecommunications and Information Administration (NTIA) are seeking partners in the telecommunications industry to help create a demonstration broadband ...
 
The National Institute of Standards and Technology (NIST) has issued the final version of its recommendations for securely configuring and using full computing virtualization technologies. The security recommendations are contained ...
 
The National Institute of Standards and Technology (NIST) has issued two new draft documents on cloud computing for public comment, including the first set of guidelines for managing security and privacy issues in cloud computing. The ...
 
Information technology experts, insurers, policy makers and representatives of healthcare organizations will convene on April 5-6, 2011, in Bethesda, Md., to survey current approaches to preserving electronic health records (EHRs) and ...
 
If you found this article through a search engine, you can thank an automated text retrieval system. For 20 years, the Text REtrieval Conference (TREC) sponsored by the National Institute of Standards and Technology (NIST) has been one ...
 
What NIST-led innovation is estimated to have saved U.S. industry $6.1 billion over the past 20 years? Well, probably several, but, perhaps surprisingly, a new economics study* points to the development of 'role-based access control,' a ...
 
The National Institute of Standards and Technology (NIST) has published the final version of a special publication that can help organizations to more effectively integrate information security risk planning into their mission-critical ...
 
Computer scientists at the National Institute of Standards and Technology (NIST) are requesting comments from interested parties on their biennial update of the catalog of security controls for the federal government. The security ...
 
The National Institute of Standards and Technology (NIST) will host the Cloud Computing Forum and Workshop III on April 7-8, 2011, at its Gaithersburg, Md., campus. Featured speakers include U.S. Chief Information Officer Vivek Kundra, ...
 
The National Institute of Standards and Technology (NIST) is co-hosting a conference to explore the current health information technology security landscape and the Health Insurance Portability and Accountability Act (HIPAA) Security ...
 
On April 15, the Obama Administration formally launched its National Strategy for Trusted Identities in Cyberspace (NSTIC), a plan to work with the private sector to develop a private market for secure identity credentials for the ...
 
A new publication from the National Institute of Standards and Technology (NIST) provides guidelines to secure the earliest stages of the computer boot process. Commonly known as the Basic InputOutput System (BIOS), this fundamental ...
 
The cloud computing research team at the National Institute of Standards and Technology (NIST) is requesting public comments on a draft of its most complete guide to cloud computing to date.NIST Cloud Computing Synopsis and ...
 
The National Institute of Standards and Technology (NIST) is hosting a workshop on usability of electronic health records (EHR) on June 7, 2011, at NISTs campus in Gaithersburg, Md. 'A Community-Building Workshop: Measuring, Evaluating ...
 
Robotic automation, microrobotics and robotic perception and recognition all advanced a few steps closer to their future applications in manufacturing, health care and other areas during the week of May 9-13, 2011.A photomicrograph ...
 
A new White House policy document released today* highlights strategic roles that the National Institute of Standards and Technology (NIST) plays in accelerating the modernization of the nations electric infrastructure, bolstering ...
 
The Department of Commerces Internet Policy Task Force is requesting comments on a report that proposes voluntary codes of conduct to strengthen the cybersecurity of companies that increasingly rely on the Internet to do business, but ...
 
The National Institute of Standards and Technology (NIST) has issued the final version of its Guide to Industrial Control Systems (ICS) Security (SP 800-82),* intended to help pipeline operators, power producers, manufacturers, air ...
 
Internet Storm Center Infocon Status