I had a great video forwarded onto me by another IT Pro.  Microsoft has a presentation by Mark Russinovich on Windows Security Boundaries.  This is a great resource to learn how Microsoft approaches security boundaries in their operating systems.  Some of the security boundaries that are covered include physical machines, system virtual machines, and user sessions.  Mark also goes in to processes, patch guard, and kernel-mode signing.  As always Mark does a great job of breaking down security using some of his System Internals Tools.  The presentation is about an hour and fifteen minutes long.  Personally I think it is well worth your time if you want understand operating system security better.

Windows Security Boundaries On Tech Net
http://www.microsoft.com/emea/spotlight/sessionh.aspx?videoid=993

One of the things that I have not seen for a long time is a program that rivals Roboform.  The greatest part about it is that its free.  Lastpass uses a utility that runs on your computer and also uses a web service.  This means that you can access your password information from multiple different computers.  The stand alone program that runs on your computer also insures that you access to the information if you computer is offline.  The main thing I like about the program is that you can set it up to automatically log you into sites once you visit them.  You can also store other information such as form information and secure notes.   Currently there are both plugins for Firefox and IE.   There is also a portable version available to people who want to take the information with them.  Some of the down falls currently are that it does not support Safari and Chrome web browsers.  According to everything I have read they are working on extending support to both of those browsers.  I would highly recommend checking out their services and to give them a try.

Lastpass Main Page
https://lastpass.com/

Just in case you have not heard Microsoft has released a rare out of cycle security patch that should be applied ASAP.  Microsoft has not released an out of cycle patch in a very long period of time.  Susan Bradley has a great article up on windowssecrets.com that goes into the full explanation.  I strongly encourage you to apply the patch and read Susan’s article to better understand how critical this patch is.

WindowsSecrets.com Article
http://windowssecrets.com/2008/10/24/02-Microsoft-posts-emergency-defense-for-new-attack

One of the most interesting sessions I have seen on security was presented at Tech ED by Marcus Murray back in 2006.  From his blog it looks like he is still impressing people by doing his presentations.  He focuses not only on traditional network attacks but also physical security of his network.  One of the interesting stories he talks about is dropping flash drives in the parking lot of a company.  Inevitable one of the company employees will take a flash drive and plug it into their computer.  The flash drive then installs software that reports back to him.  He then has control of the users machine.  It is a pretty scary demonstration that shows just how vulnerable a company is.  I would strongly encourage you to watch the below presentation.  It will give you a new outlook on how you view network security at your current job.

Recorded Presentation
http://www.microsoft.com/emea/spotlight/sessionh.aspx?videoid=351

Marcus Murray’s Blog
http://truesecurity.se/blogs/murray/default.aspx