patching

Good afternoon everybody! I hope your day is going well.

Here are today's Interesting Information Security Bits from around the web.

  1. Beware of hasty decisions, early indicators and selection bias.
    (Mis)reading the runes << wirewatcher
    Tags: ( incident-response )
  2. The call for papers for Defcon 18 is open. Get to work.
    DEF CON(r) 18 Hacking Conference - Call for Papers Announcement
    Tags: ( cfg defcon-18 )
  3. As if managing VoIP wasn't difficult enough already, let's through in steganography.
    A new VoIP threat - steganography - RiskPundit
    Tags: ( voip steganography )
  4. This might be a good post to keep handy in the event you need to backout a patch and can't boot.
    Using Linux to back out a Windows XP patch - Computerworld Blogs
    Tags: ( patching recovery )
  5. Challenge number 2 is ready for your attention. Give it a go.
    Forensic Challenge 2010/2 - "browsers under attack" is now online | The Honeynet Project
    Tags: ( forensics challenge )
  6. A lovely article about flash cookies and what they can tell a forensic investigator.
    Local Shared Objects, aka Flash Cookies
    Tags: ( flash cookies privacy )
  7. An interesting topic, tokenization, is covered quite well in this post on InfoCynic.
    A New Approach to Enterprise Data Security | Infosec Cynic
    Tags: ( encryption tokenization )
  8. A few things you should be aware of regarding the HITECH act.
    7 Things You Need to Know About HITECH | Optimal Security: The Lumension Blog
    Tags: ( hitech )
  9. Alex opines on the cloud, metrics and faith. A good read.
    On Cloud Security Metrics >> Dub Cloud
    Tags: ( cloud metrics )
  10. I have attended a couple virtual conferences and enjoyed them. A good line-up here.
    Infosecurity (UK) - 2010 Virtual Conference on Endpoint Security - Beyond the Perimeter - Full conference programme revealed
    Tags: ( conference virtual )

That's it for today. Have fun!

Subscribe to my RSS Feed if you enjoy these daily Interesting Bits posts.

Kevin

{ 0 comments }

Good afternoon everybody! I hope your day is going well.

Here are today's Interesting Information Security Bits from around the web.

  1. Old attacks find a new home. Side-channel attacks against the "Cloud"
    Researchers Find a New Way to Attack The Cloud | threatpost
    Tags: ( cloud )
  2. This seems like a very poor decision.
    Oracle Delays Security Patches For OpenWorld : Liquidmatrix Security Digest
    Tags: ( oracle )
  3. Like Agent J says in "Men in Black II", "No, what you remember is that you used to drive that old busted junk. See, I drive... the new hotness." Brick and mortar bank robbery is the old busted, electronic bank robbery is the new hotness.
    Security Fix - More Business Banking Victims Speak Out
    Tags: ( theft )

That's it for today. Have fun!

Subscribe to my RSS Feed if you enjoy these daily Interesting Bits posts.

Kevin

{ 0 comments }

Good afternoon everybody! I hope your day is going well.

Here are today's Interesting Information Security Bits from around the web.

  1. You can download the raw anonymized survey results from the Project Quant survey.
    Raw Project Quant Survey Results
    Tags: ( patching )
  2. Want to hear about writing a security book? Andrew will be SANS Network Security 2009 talking about that very thing.
    Andrew Hay >> Blog Archive >> Presenting at SANS Network Security 2009 - "So You Want to Write a Security Book, Eh?"
    Tags: ( writing books )
  3. Some thoughts on compliance in a virtualized environment.
    Five Ways To Meet Compliance In A Virtualized Environment - DarkReading
    Tags: ( virtualization )
  4. A couple things to check and do after you upgrade to Snow Leopard.
    Snow Leopard downgrades security and misses opportunity to improve | Chester Wisniewski's Blog
    Tags: ( apple macosx )
  5. In case you didn't know, there is going to be a blogger meetup at RSA Europe in October. 🙂
    RSA Conference - Security Bloggers Meet up 2009 - London | Security Active Blog
    Tags: ( meetup )
  6. This post strikes a particular chord with me as I have been thinking about this quite a bit lately. Most of us are operating under some pretty crushing workloads, but it we don't take time to manage our people, those workloads will just even heavier.
    Security Ripcord >> Blog Archive >> Take Time To Manage
    Tags: ( management )

That's it for today. Have fun!

Subscribe to my RSS Feed if you enjoy these daily Interesting Bits posts.

Kevin

{ 0 comments }

Good afternoon everybody! I hope your day is going well.

Here are today's Interesting Information Security Bits from around the web.

  1. Raf interviews Andre Gironda.
    Digital Soapbox - Preaching Security to the Digital Masses: 31337 Spotlight: Andre Gironda
    Tags: ( interview )
  2. Here is the solution and winners of the third PandaLabs challenge.
    3rd Panda Challenge solution & winners - PandaLabs
    Tags: ( challenge )
  3. Forcing HTTPS sounds good. It will be interesting to see how this shakes out.
    Locking up the valuables: Opt-in security with ForceTLS at Mozilla Security Blog
    Tags: ( webappsec )
  4. Version 1.0 of Project Quant, a project to develop a patch management framework, has been released along with the survey results.
    Project Quant Version 1.0 Report and Survey Results
    Tags: ( patching )
  5. Part 3 of Ax0n's recipe for evilness.
    HiR Information Report: Evil Wifi Part 3: Hamster & Ferret
    Tags: ( wireless hacking )
  6. Cutaway has a very interesting post up about malware that resides in the registry. He points to a couple other posts that are worth reading too. This is very cool...scary...but very cool.
    Security Ripcord >> Blog Archive >> Malware IN Registry a.k.a If It Can't Be Done, Why Am I Looking At It?
    Tags: ( registry malware )
  7. Be careful what information you are sharing in something as basic as email headers. That stuff can be used against you.
    Looking beyond the surface ... << The Security Kitchen
    Tags: ( data-leakage )
  8. Martin points out some basic truths you should be aware of.
    Incident Response Leadership: Basic Truths : The Security Catalyst
    Tags: ( incident-response )
  9. You should do what Jack says. Go read the post he points you at and then send it to your friends and family.
    Uncommon Sense Security: A good primer on Social Networking and Security Risks
    Tags: ( social-networks )
  10. Folks, regardless of what the NYSE says, details about your infrastructure, patch levels, software versions, etc. is sensitive information.
    Data Detailing New York Stock Exchange Network Exposed on Unsecured Server | Threat Level | Wired.com
    Tags: ( data-leakage )

That's it for today. Have fun!

Subscribe to my RSS Feed if you enjoy these daily Interesting Bits posts.

Kevin

{ 1 comment }

Good afternoon everybody! I hope your day is going well.

Here are today's Interesting Information Security Bits from around the web.

  1. Oops. Didn't mean for that super secret list of civilian nuclear sites to be posted.
    Government Accidently Posts Sensitive Nuclear Documents Online -- Government IT Security
    Tags: ( data-leakage )
  2. If you are using Rails 2.3 and performing digest authentication, you need to read this and implement the fix provided.
    Nate's Tumble Log, Security hole found in Rails 2.3's http_authentication.rb
    Tags: ( rails ruby )
  3. Xavier has a nice tutorial on integrating Didier Stevens handy PDFiD tool with Nautilus on a Linux system.
    /dev/random >> Blog Archive >> PDFiD Integration with Nautilus
    Tags: ( pdf pdfid )
  4. If you see visits to these sites in your proxy logs, you have some work to do. Also, if you don't have a proxy or don't look at the logs, you have even more work to do 🙂
    Google Online Security Blog: Top 10 Malware Sites
    Tags: ( malware )
  5. Rich and Adrian are looking for some help with Project Quant. They have a survey up about patch management they would really like for you to participate in.
    TAKE PART IN PROJECT QUANT (please)! << The New School of Information Security
    Tags: ( patching )
  6. If you are in the Atlanta area, the June meeting of NAISG is happening on the 10th. Stop on by.
    June Atlanta NAISG Meeting >> Andy ITGuy
    Tags: ( naisg )
  7. A new release of BASE is available.
    New version (v 1.4.3.1) of BASE available
    Tags: ( ids base snort )

That's it for today. Have fun!

Subscribe to my RSS Feed if you enjoy these daily Interesting Bits posts.

Kevin

{ 0 comments }

Good afternoon everybody! I hope your day is going well.

Here are today's Interesting Information Security Bits from around the web.

  1. If you were thinking about changing patch management software vendors, BigFix might be able to save you some cashola. Disclaimer: I do not work for or have any interest in BigFix.
    BigFix hits rivals with 50% price chop - Network World
    Tags: ( patching )
  2. Another list of top whatevers. Worth a glance.
    Defense agencies list top 20 security controls | Security - CNET News
    Tags: ( general )
  3. Surprise, surprise. Another piece of malicious software on Facebook. This is why I A) Don't user very many Facebook apps and B) don't accept requests from folks for things like "Flair" and "Drinks."
    Facebook users targeted by rogue application | Security - CNET News
    Tags: ( malware facebook )
  4. Christofer or The Hoff, as he is frequently called, has a post up that has a very good point we should all take to heart.
    Rational Survivability: Trust But Verify? That's An Oxymoron...
    Tags: ( general )
  5. Jeremiah's Top Ten Web Hacking techniques for 2008 is out.
    Jeremiah Grossman: Top Ten Web Hacking Techniques of 2008 (Official)
    Tags: ( hacking top-ten )
  6. The first of a couple of articles that will explore how the Heartland issue might have occurred. This one is a primer of empty disk space. Good stuff.
    Ascension Blog >> Don't let what Happened to Heartland Happen to You - Part One
    Tags: ( forensics )

That's it for today. Have fun!

Subscribe to my RSS Feed if you enjoy these daily Interesting Bits posts.

Kevin

{ 0 comments }

It’s quicker, but don’t forget to fix it…

by kriggins on September 30, 2008

in General

Good morning/afternoon/evening everybody.

Hope your day was/is/will be great! 🙂

Lori MacVittie over at DevCentral, who you should all read, wrote Which security strategy takes more time: configuration or coding? recently. It's a good article with some very valid points, but it made me think of something else we need to be aware of when we make "time trade-off" choices.

I agree that WAFs, ACLs, black holing traffic, etc. are all good and
effective methods of mitigating risk and protecting against known
threats and in some case unknown threats. For example, how often have you whipped up a solution to a problem and slapped it into place?  You know it is not an appropriate long term solution, but you say to yourself, "I'll come back and do that better when I have time."

Fast forward 3 years and your quick fix is still in production causing all sorts of grief because it was never intended to be a long term solution and/or nobody knows what this things is doing and they remove it, again, causing all kinds of grief.

Maybe I'm stating the obvious, but we need to make sure we have effective policies and procedures in place to ensure that we are addressing things in an appropriate manner, independent of the "this is quicker" mentality. Again, I am not saying that quicker shouldn't be used.  It has it's place and often is the best short term choice.  I just want to remind everybody that we need to keep that long term horizon in sight also.

Agree, disagree, think I'm looney?  Leave me a note in the comments with your thoughts.

Kevin

Image courtsey of jakeliefer

{ 0 comments }