Thursday, October 27, 2011

2012 DISA FSO Release Schedule for STIGs

While looking for a STIG today, I saw that DISA released the schedule for updated STIGs in 2012.  Those dates are:
  • First Quarter:  27 January 2012
  • Second Quarter 27 April 2012
  • Third Quarter:  27 July 2012
  • Fourth Quarter:  26 October 2012

I probably will not get a chance to write up what gets released this quarter due to travel, but I did see that the Gold Disk has been released.  The files are in the PKI-protected area of DISA.

SANS Incident Detction and Log Management Summit

I just received an email about this summit today, and it looks like a great couple of days' worth of events.  Due to politics in the office, and likely my travel schedule, it appears I will not be able to attend.  The event is being held December 7 and 8, 2011 in Washington D.C.

Here's a link to the summit.

I look forward to reading write-ups and recaps of the event.

Monday, October 10, 2011

A link to a post on getting into the field

As I am continuously trying to land a job in IR and Forensics full time, I look for any clues or tips on breaking into the field.  The other day, I saw this article, linked to the Forensic Focus site and thought it would benefit others looking to get into the field.

Good luck.

Advide for Digital Forensics Job Seekers

Monday, October 3, 2011

Betfair accounts hacked

I haven't seen this story making the rounds in the security community.  Interestingly, I got this story from a mailing list for a card forum.  Apparently, 2.28 million"encrypted payment card account numbers and other details" were stolen OVER 18 MONTHS AGO.  Betfair just recently notified their clients.  Allegedly, 3.16 million "account user names with encrypted security questions" and 89,744 "account usernames with bank details" were also taken.

An article with more information is here.

Sure, it's good to hear that some information was encrypted.  However, a lot can happen in 18 months.  If someone has a link to an article with more technical information, I would love to see it.