SecurityTwits Weekly Recap - 6/1 - 6/6

Here's what went on around here for the last few days. Tweets are in ascending date order except for answers to questions which are still in ascending date order, but immediately following the original question.

  1. First don't forget how to get @SecurityTwits attention. Either @ me or do the following.
  2. Reminder: Tag with #infosecq for questions, #infoseccfp for cfps and #infosecjobs for, well, jobs if you want me to RT them.
  3. Last week's recap.
  4. Now for this week's.
  5. RT @techflavor: @securitytwits oh someone pls recommend a reputable data recovery service (mechanical issues) with a quick turnover
  6. RT @HouSecCon: HouSecCon CFP is open now! Submission deadline is Sept 10. Go to  http://HoustonSecCon.com/call-for-papers/ .com/call-for-papers/ for details.
  7. RT @stfn42: Experienced in security? Got experience with iOS and MDM? Like to break stuff? I might have a job for you. Loc: Switzerland preferred.
  8. RT @Rootx60: @securitytwits hitting people out there what certification is the best to start to become a penetration tester. I am new at it
  9. @Rootx60 @securitytwits get a linux certification -- then go for CE|H after you know how to get around.
  10. @Rootx60 @securitytwits who is paying? CEH has some industry recognition. OSCP has good content at (cont)  http://tl.gd/hlr3ov 
  11. @Rootx60 there is absolutely no cert around that will prepare you for that. I would rather recommend an internship. /cc @securitytwits
  12. @Rootx60 @securitytwits If 1 has exper. in systems, coding +/or networking with foundation in security, then try @eLearnSecurity Student.
  13. @Rootx60 @securitytwits CISSP. But knowledge + ability are more valued than certs. Hire people that can do job, regardless of certs/degree
  14. @wimremes @Rootx60 @securitytwits currently working with a cert company to have my course lead to a hands on exam and cert
  15. @securitytwits @Rootx60 Unfortunately CEH will get you farthest but those from Offensive Security are best.
  16. RT @banasidhe: CFP is still open over at  http://bsideslv.org 18 more days to go until closing. Submit! or it'll be one long 2 day hallway track. ;)
  17. RT @AcuminUS: Looking for a talented Senior Security Engineer in Boston, Bay area of Chicago! -  http://www.acuminconsulting.com/Senior_Security_Engineer/jid-21.aspx?page=1 sulting.com/Seniinfoecurity_Engineer/jid-21.aspx?page=1 90K-110K base #infosecjobs #ITjobs
  18. RT @ryancbarnett: Seeking web application defenders/WAF researchers to join my team (Location Israel) -  http://bit.ly/KxlsY0 
  19. RT @apiary: Looking for Entry Level Application Security Support Analyst in the Boston Area here at Veracode:  http://bit.ly/LrSXXZ  #infosecjobs
  20. @securitytwits Hiring a pen tester, Internal/Web App skills, polished, client facing professional willing to travel 50%  http://www.paysw.com/company/Company_Careers.php /company/Company_Careers.php
  21. RT @agentFin: The @GrouponEng team is looking for a solid app security person w/ some programming chops #infosecjobs cc/ @abedra @SECURItyBSides
  22. @mubix @ronin_ruby @securitytwits what is the best method to learn penetration testing I am an entry level and would like to get into it
  23. @Rootx60 @mubix @ronin_ruby @securitytwits I am in the same boat, but Home Lab, CTFs, People Networking @ Conferences and Local Meetups
  24. RT @InfoSecRamblins: Q: Does your risk assessment team get involved in security architecture or do they perform assessments based on completed design work?
  25. @InfoSecRamblins @securitytwits Both. 2 teams in a tight feedback loop. What is designed is not always what is implemented.
  26. @securitytwits @ronin_ruby @mubix Working on the first stage of Penetration testing Gathering the information can some one give me tips
  27. @mubix @ronin_ruby @securitytwits anyone know about the tools needed for information gathering like whois etc. Just you favorite
  28. @mubix @ronin_ruby @securitytwits I also have a wifi pineapple anyone know some documentation to configure and make this unit work as a MITM
  29. @Rootx60 @mubix @ronin_ruby @securitytwits off the top of my head, I hear these are good- Metasploit, BeEF, Maltego, WireShark, Burp Suite..
  30. @securitytwits @ronin_ruby @mubix also I am new to metasploit which I am playing with does someone know some training I can use
  31. @securitytwits #infosecq How many people have setup a rouge wireless AP on a pentest? (Just trying to get some rough numbers) Thanks
  32. RT @diami03: Network Security Manager position for Fiserv in ATL available. DM if interested
  33. Got DDP in Las Vegas and a Sr. Tech Lead / cc @securitytwits PM if interested RT plz
  34. RT @Patories: my team has recently posted positions, one for AppSec  https://secure05.principal.com/hr/recruiting/ext/jobDetailLink.faces?jid=213584&seqid=1 cipal.com/hr/recruiting https://secure05.principal.com/hr/recruiting/ext/jobDetailLink.faces?jid=213504&seqid=1 cei?jid=213584&seqid=1 and 1 for NetSec Mon https://secure05.principal.com/hr/recruiting/ext/jobDetailLink.faces?jid=213504&seqid=1 #infosecjobs
  35. RT @securitymoey: That’s right @BurbSec TONIGHT !! Fox and Hound in Schaumburg. 6:15ish
  36. @Rootx60 @securitytwits @ronin_ruby @mubix Are you looking to do something specific? I always just teach myself on those types of things.
  37. @izatt82 @securitytwits @ronin_ruby @mubix just trying to understand on how nmap works and wha the different functions do. It wouls help
  38. @Rootx60 @securitytwits @ronin_ruby @mubix This is some basic stuff  http://linuxaria.com/article/understanding-nmap-commands-tutorial?lang=en /article/understanding-nmap-commands-tutorial?lang=en how is your networking understanding? advanced?
  39. @Rootx60 @securitytwits @ronin_ruby @mubix This one is awesome as well  http://danielmiessler.com/blog/a-summary-of-new-nmap-features-from-blackhatdefcon-2008 r.com/blog/a-summary-of-new-nmap-features-from-blackhatdefcon-2008 Let us know if that works and hit me up DM.