If someone ever tells you something like the following: “We defend against all zero day attacks using a holistic solution that integrates the end-to-end synergies in security infrastructure with no false positives.” Run away.
I hate to admit it, but someone will probably hack this site at some point. And they may even use it to hack your computer. And there’s not a darn thing I can do about it. Security, and hacking, are kind of trendy. Both the good guys and the bad guys have a habit of focusing on certain attacks and defenses based on what’s “hot”. We’re kind of the fashion whores of the IT world. I mean I just can’t believe Johnny calls himself a 1337 hax0r for finding a buffer overflow in RPC. I mean
An article just posted by the New York Times reveals that the latest National Intelligence Estimate on terrorism concludes that our involvement in Iraq has increased the global terror threat. Most of the time I make fun of security pundits that think because they stopped a few hackers they’re qualified to discuss issues of national security, but this time I just can’t help myself. I’ve become what I loathe. Edited- I take that back, and the rest of the post. There are people losing their lives over this; I deleted my initial comments. Just go read the
In a post titled “Access of Access + Audit” Dr. Anton Chuvakin discusses the importance of logging, well pretty much everything. When it comes to working in the enterprise environment I tend to agree- audit logs are some of the most useful security, troubleshooting, and performance management tools we have. Back when I was operational I had two kinds of bad log days- those hair pulling, neurotic-in-a-here’s-johnny-way days spent combing, manually, through massive logs, and (even worse) those really I’m-so-screwed days where we didn’t have the logs at all. Since, thanks to better search and analysis tools, those
There’s a lot going on in the world of Digital Rights Management (DRM) these days and I realized not everyone understands exactly what DRM is, how it works, and what the implications are. This has popped up a few times recently among friends and family as (being the alpha geek) I’ve been asked to explain why certain music or movie files don’t work on various players. Before digging into some of the security issues around DRM I thought it would be good to post a (relatively) brief overview. I’ll be honest – as objective as I try
So Apple issued an update for the Mac wireless drivers to prevent a buffer overflow, but denies SecureWorks provided them anything useful. Right. We believe you. Got it. You “just happened” to discover exactly the kind of vulnerability that Maynor and Ellch demoed, but they were evil, uncooperative bad guys for hinting they might be there. Considering SecureWorks works responsibly with all sorts of other vendors in the market I suspect the anger may be a tad misplaced. Come on Apple; all software has vulnerabilities. It’s time to stop putting PR in charge of vulnerability management. To quote the
New IE Flaw Exploited on Porn Sites Now we did warn you, and I quote: Especially if you go to “those” sites. Yes, you. Stop pretending you don’t know what I’m talking about. For the record “those sites” are porn and gambling. So you poker addicts are next. And you file sharers- don’t start thinking you’re all safe or something. Those torrent trackers are web pages you know. Of course Disney World fingerprints everyone these days, so maybe they’ll pick this up.
To whom it may concern, While, as a security professional, I take great care to protect all of my systems and data, I cannot guarantee that I am fully compliant with both the HIPAA security and privacy requirements. I have never undergone a HIPAA audit, nor any official HIPAA training or evaluations of any kind beyond those provided to first responders. For your information I do take extensive security precautions including: Hardware and software firewalls on all systems and networks Home directory encryption on my primary Mac Antivirus/antispyware on all Windows systems OS hardening and service minimization Rapid deployment
Symantec has just reported a new 0day security vulnerability in Internet Explorer that could allow someone to take over your computer. For you non-geeks a 0day (or zero-day, or 0-day) is a vulnerability without a patch. In other words, you can’t fix the flaw on your computer so you either have to block the attacks before they hit you or disable the vulnerable software. While details are sketchy it looks like this particular vulnerability could allow an attacker to take over your computer when you visit a website with the attack code on it. This isn’t the first
I travel a lot, and on occasion I’ll run Nmap or some other scanner from my hotel room to get an idea of what’s out there, and how dangerous these hotel networks really are. To be honest it’s not something I do all that much anymore since even scanning an open network is running the risk of being considered over the line. But I just discovered a new security tool. It’s free. And it even plays music! Yes, the ever venerable and recently updated iTunes turns out to be an honest to goodness, if limited, security