Good ol' Twitter -- it is so versatile that bot herders are using it to control their bots. Man, what else can happen to this app?

Rich Mogull of Securosis puts a rear naked choke on the Heartland CEO Robert Carr in his post about Mr. Carr's interview with CSO magazine. Thankfully, Rich is an EMT, so he knows how to revive him.

Are all of us who use some form of social networking websites doomed to living through DoS after DoS because of political battles across the world? I really hope not, but I fear the reality.

Beware SSH password attacks! The SANS Internet Storm Center is pointing out successful SSH password brute force attacks and gives some counter-measures.

There is no doubt that conferences can be fun. But if your employer sends you to a conference, what are your responsibilities while you are attending?

Have you attended the RSA Conference in the past couple of years and have also recently lost your job? Here's an opportunity to go to RSA again on their dime.

Are you a business owner hit by the recession that is considering layoffs but has worries about disgruntled workers?  Do you need to save some money but don't want to lose intellectual property to your ex-employees?  If so, maybe you should consider furloughs.

A Nashville, TN, restaurateur is offering his clients the opportunity to swipe their own credit cards when they dine in his establishment. Is this just window dressing, or is it a good idea?

I would cry if this just wasn't so darn hilarious. Mule skinners, aka "seasonal workers who dress in colonial garb at a historical park in Easton, Pa, " have to get Coast Guard credentials to operate a mule-drawn boat (stupid). Worse, the Maritime Transportation Security Act of 2002 requires that anyone holding that cred "must apply for biometric Transportation Worker Identification Credentials (TWIC)". 

Symantec is reporting that there is an exploit in the wild for an Excel 2007 and Excel 2007 SP1 zero-day remote code execution vulnerability (other versions may be affected as well).  There's not a lot of publicly available information about the trojan or the vulnerability.  Symantec is saying that the vulnerability is being exploited by a variant of the Mdropper trojan, which they are calling Trojan.Mdropper.AC.  There are no patches for this yet (which is part of the definition for 0-day, so duh).

It looks like cyberattacks against federal networks are increasing.  This comes from an article in USA Today stating that in 2008 there was a 40% increase of reported cyberattacks against U.S. Government computer networks, with many of the attacks coming through attempts to plant malware to get to sensitive data.

Here is the typical process for scoping out internal penetration tests for those companies that need to be compliant with PCI DSS.

The old cut-and-paste trick strikes again.

Some fairly innovative bad guys are using windshield fliers to spread trojans. No, the fliers don't have USB flash drives glued to them.

Dreaming big is fine. But knowing when to come back to reality is often the key to the solution. Sometimes the low-tech hack is the hack to use.