InfoSec Outpost

Google made a public announcement today that they realized they had made a major blunder. Google’s top engineer Alan Eustice copped to the fact they had been doing this, and supposedly Google is working on a plan to “delete” the 600+ GB of data.

This, combined with the latest facebook stuff, makes me consider deleting myself from the internet.

Google Gobbling Private Information from WiFi networks

As always, the wiley criminal underworld is preying on current events, search results, and/or general spam e-mail.

It appears they are currently trying to spoof IRS emails and route US citizens to a bogus site which will give them a nice Zeus bot install. Basically, just don’t bother reading it. The IRS doesn’t bother sending an e-mail. They call you or knock on your door. They know who you are…

Heres a bit more info from the SANS ISC – http://isc.sans.org/diary.html?storyid=8503

I’ve started this blog for three reasons:

1. Education and awareness: Information security has long been neglected by corporations and civilians. It is something that will not function properly unless it is an integrated part of the thought process. I intend to provide statistics, references to current trends and research, as well as do some of my own research. I will periodically create presentations, and share them here under some kind of open copyright framework.
2. Tools and technology review: There are always new tools and technologies which are touted as a silver bullet for information security. I will periodically review tools or technologies and let you know what I think. I always find that it is most important to make what you already may have work to its full potential before spending on something new.
3. 0-Day and exploit analysis: I always enjoy getting a sample of the latest malware, trojan, rootkit and taking a look under the covers. As time permits I’ll post these analysis.

Please post any feedback or ideas you may have.