Today at the Ohio Information Security Summit I released my Facebook Security & Privacy Guide. This guide gives you suggested "baseline" security settings that you can use when configuring your Facebook account. Obviously, you can adjust these settings based on your own level of risk but it should give you a good starting point.

How did this project get started?
I have been doing several months of research with my own Facebook account as well as gathering the input of other Facebook users to determine what the privacy and security settings would be without loosing the key features of using a social network website...the networking!

Please feel free to distribute this document to friends and family or use it for any security awareness campaigns. I will hopefully be keeping up with any updates to the document when Facebook changes things. I might be putting together a similar document together for MySpace but MySpace is a totally different animal altogether. We shall see! :-)

You can download a pdf version of the guide here.

I won't go into detail about the new Microsoft vulnerability...you all know it's pretty serious and there are a ton of blogs and websites talking about the dirty details. Hopefully you have all read about it and are getting the word out about patching. However, there are some updates on the status of currently available exploits for the vulnerability that I found interesting.

Public exploit code?
Yesterday Microsoft posted this update to their blog on the MSRC. Microsoft says that there is currently no public exploit code available. The code mentioned that causes a denial of service attack was the code posted on Milw0rm I believe. The only working code released was from Immunity CANVAS and Core Impact if you are a paying customer. Core Impact does mention that the exploit is in early release and may contain bugs or limited functionality (not 100% reliable).

Gimmiv.A - Is it a worm or a trojan?
Don't let the thought cross your mind that you can perhaps delay patching your systems because public exploit code is not working/available! You still need to patch as there is malware that is currently out in the wild (Gimmiv.A) being used in "targeted" attacks. Whether or not this is a trojan or a worm is up for debate. Microsoft says this is not a worm but a trojan. However, other researchers are saying that this is worm because of the way it attacks other hosts on a network via RPC. I guess you could call it a "network-aware" trojan as ThreatExpert mentions. Either way, malware authors are most likely developing more powerful payloads as I write this.

As a final reminder we all know based on past history with RPC vulnerabilities...reliable public exploit code will be out before you know it! Make sure you take your patching seriously...

UPDATE: If you follow HD Moore on Twitter you will see that he has just released MS08-067 PoC code for Metasploit.

Last Wednesday I gave a presentation to the Northeast Ohio Information Security Forum on Maltego which is a fantastic tool for information gathering. The presentation focused on a high level overview of the application and how it can be used for all types of security related work including security assessments, investigations and helping find public information about a company or person.

You can download the presentation here. Like I mentioned at the talk you can get more information on Maltego from the Paterva website. If you are looking for a few good tutorials you can check out part one and part two on Room362.com or Ethicalhacker.net.

Over the weekend I posted my first article on Social Network/Media security over at Blogsecurify. You can check out the post here. My next article will talk about the security of third-party applications and widgets for social media applications.

This article was just too good and worthy of a blog post...apparently a MI6 digital camera went missing and went up for sale on eBay...for only $30. The kicker is that the camera's memory card contained the following information:

Via Reuters:

"Its memory had names of al Qaeda members, fingerprints and suspects' academic records as well as pictures of rocket launchers and missiles, the Sun newspaper reported."

Opps... So did the camera have a "If lost, please call the following MI6 number" sticker on it? :-) That is one big mistake for the British intel boys...

Just a reminder to head over to malwarechallenge.info to start the malware challenge that was mentioned on the last Security Justice podcast as well as a blog post that I did a few days ago. The contest runs from October 1st - 26th and is open to everyone! May the force be with you...