Safe Online Shopping

• 10 Tips for Smart Holiday Shopping Online
• SafeShopping.org Tips: Shopping Tip List
• 10 Tips for Smart Holiday Shopping Online
• OnGuard Online - Online Shopping
• FTC Online Shopping
• VITA:Holiday Shopping 2007

McAfee Virtual Criminology Report - The Next Wave

Report at: http://www.mcafee.com/us/local_content/reports/mcafee_criminology_report2007_en.pdf
Story at: http://news.zdnet.com/2100-1009_22-6220619.html?tag=nl.e622

Security Salaries

PayScale - People with Jobs in Computer/Network Security Salary, Average Salaries
SaNS Security Survey 2005-2007

Personal Software Inspector (PSI) - Secunia

[From ZDNet]
Secunia has shipped a downloadable version of a free utility that scans Windows machines to find missing software patches.
The tool, an enhancement to the Secunia Software inspector (a Web-based scanner I’ve covered before), can be used to inspect and monitor more than 4,200 different PC applications to flag dangerous vulnerabilities.

Personal Software Inspector (PSI) - Secunia

Mortgage Data Exposed through Filesharing Network

http://www.sans.org/newsletters/newsbites/newsbites.php?vol=9&issue=76&rss=Y#sID312

Zero-Day PDF Flaw in Adobe Reader

http://www.sans.org/newsletters/newsbites/newsbites.php?vol=9&issue=76&rss=Y#sID309

From Virtual Environment to the Real World: How malware can get out of a VM and take control of the host machine

http://secunia.com/advisories/26890/
http://www.iss.net/threats/275.html

Data Seepage PPT

http://www.erratasec.com/BH_DC_07_Data_seepage.ppt

Windows XP on a stick

http://www.tomshardware.com/2005/09/09/windows_in_your_pocket/

Google Online Security Blog: On virtualisation

Will the next piece of malware escape its virtual machine environment? Might be sooner than you think.
Google Online Security Blog: On virtualisation

Read later: How a Linux Server Gets Turned into a Zombie

http://blog.gnist.org/article.php?story=HollidayCracking

Memberships

Association for Computing Machinery (since 1997)
Information Systems Security Association (since 2007)
Information System Security Certification Consortium (since July 2007)
Institute of Electrical and Electronics Engineers (since 1997)
Minnesota Business Continuity Planners Association (since August 2007)

ISSA Journal - July 2007

Probably the most useful security magazine you can read. Short, to the point, and not cluttered with ads.

Information Warfare: separating hype from reality

If you like to speak in 3-letter words, then this book is for you. Otherwise, skip the first few chapters of abbreviations and history of security in the US government and jump into chapter 5 Cyberterrorism: Hype and Reality or into chapter 7 Information Operations and the Average Citizen.

CISA Exam Cram 2 : Certified Information Systems Auditor

Finished this CISA exam cram book. Some sections took some extra (and slow) reading since the auditing world seems to redefine the English language. Overall, a good primer to the CISA field but I can tell that I will need to read more on this topic.

Coffee & IT Security

"If you spend more on coffee than on IT security, then you will be hacked. What's more, you deserve to be hacked."
Richard Clarke at the 2002 RSA Security Conference.