Commentary
Content posted in March 2010
Page 1 / 2   >   >>
When To Choose: Preventive VS Reactive Security
Commentary  |  3/31/2010  | 
Information security is an area of IT that can have an extremely varied budget based on the parent organizations' belief of whether or not they'll be hacked. It's a mentality that seems silly if you've been in the infosec biz for a while because you most likely have realized by now that everyone gets hacked or has a data breach at some point.
Insiders Not The Real Database Threat
Commentary  |  3/31/2010  | 
The recent incident where an HSBC employee raided a corporate database of customer information and then attempted to sell information to French tax collectors has been characterized as a user-access control issue. But I don't agree.
April Fools: Cybercrooks' Pranks Are No Joke
Commentary  |  3/31/2010  | 
The April 1 eruption of spyware, scamware, malware links and other bad stuff is upon us again. Are you and your company ready?
Get To Know The Storage I/O Chain
Commentary  |  3/30/2010  | 
Storage performance problems are often circular challenges. You fix one bottleneck and you expose another one. You can't really fix storage I/O, all you can do is get it to the point that people stop blaming storage for the performance problems in the data center. Getting there requires knowing the storage I/O chain.
OS X Gets Massive Patch, Microsoft Closes Zero-Day
Commentary  |  3/29/2010  | 
Apple drops a patch for a staggering 88 vulnerabilities while Microsoft closes a hole in certain versions of Internet Explorer that have been under attack for several weeks.
Which Storage Protocol Is Best For VMware?
Commentary  |  3/26/2010  | 
In a recent entry in his blog, StorageTexan asks "why someone would choose to go NFS instead of doing block based connectivity for things like VSPhere?" http://storagetexan.com/2010/03/25/the-debate-why-nfs-vs-block-access-for-osapplications/ and while I gave a brief opinion as a comment on his site, I thought I would take a little deeper dive here. Which storage protocol is best for VMware?
A Russian Strategist's Take On Information Warfare
Commentary  |  3/26/2010  | 
Today I'd like to introduce you to one of the main thinkers on information warfare, who most of you never heard of. S.P. Rastorguev (Расторгуев C.П.). He is a Russian strategist who unfortunately, as far as I can find, hasn't been translated.
Ransomware Continues To Soar
Commentary  |  3/26/2010  | 
New analysis on the ransomware trend shows how cyber thieves are increasingly holding systems hostage in an attempt to extort users.
How Safari Hacker Finds Bugs
Commentary  |  3/25/2010  | 
Multiple vulnerabilities in the mainstream browsers and other widely installed software came to light at the CanSecWest conference in Vancouver.
Hacker Cracks Internet Explorer 8 on Windows 7
Commentary  |  3/25/2010  | 
Despite the security measures included in Windows 7, two security researchers were able to defeat the security provided to users running Internet Explorer 8 on top of Microsoft's latest operating system.
March Madness: Hoop Dreams Spawn Malware Nightmares
Commentary  |  3/24/2010  | 
Some interesting stats from security firm Zscaler, Cisco Scansafe and eSoft point out the surge in business bandwidth consumption during NCAA games -- and warn that unwary searching for bracket listings could result in malware being dunked into your system.
Proceed Gradually With Fibre Channel Over Ethernet
Commentary  |  3/23/2010  | 
There has been some concern recently of Fibre Channel Over Ethernet's (FCoE's) readiness to be deployed as an IT infrastructure. While the technology will continue to develop, it should be suitable for many environments. No one should be suggesting that the move to FCoE is a total rip-and-replace, but more of a gradual move as the opportunity arises.
Cyber Cities Attract Cyber Crooks -- Ya THINK?
Commentary  |  3/23/2010  | 
Symantec's new list of the top cities for cyber crime risks rounds up the usual suspects (the more cyber-savvy the city, the more crooks that come there) -- and offers some important reminders no matter where you work and live.
Automated Web Scanners Bring The Noise
Commentary  |  3/22/2010  | 
One fish, two fish, red fish, skipfish...huh? That was my initial thought. Skipfish is definitely an interesting name for a Web application security scanner. It sounds like it came straight out of a Dr. Seuss book, but instead it's an awesome new tool from Michal Zalewski and Google.
DHS To Pilot Enhanced Network Intrusion Prevention Technology
Commentary  |  3/22/2010  | 
The Department of Homeland Security (DHS) will be partnering with a government agency and an internet service provider to trial an enhanced and upcoming version Einstein, a system used to help secure the networks of certain federal departments and agencies.
End User Security: Why Bother?
Commentary  |  3/22/2010  | 
According to some new research, that's precisely the reason end users don't trouble themselves with strong passwords and safe surfing practices. The risks they believe they're exposed to just don't outweigh the annoyances security imposes.
Mozilla To Patch Critical Firefox Bug
Commentary  |  3/20/2010  | 
Mozilla has confirmed a zero day vulnerability that affects Firefox version 3.6. The flaw makes it possible for malicious code to be injected into systems running the web browser. A fully tested fix won't be available until March 30.
DIY Whitelisting
Commentary  |  3/19/2010  | 
I've received several good questions about Microsoft software restriction policies. It's one of those features included in Windows that most people seem to have heard of once, but can't recall where and don't remember what it does. One of the e-mail messages asked about how to know which files are good.
Personal Panic-Button Apps Land On Mobile Phones
Commentary  |  3/19/2010  | 
Personal security apps for mobile phones are here, and famed criminal profiler and frequent NBC/MSNBC guest commentator Clinton Van Zandt is getting into the act. Van Zandt is now featuring on his LiveSecure.org Website, among other personal security products, a silent panic-button app for smartphones. Separately, a new start-up called SafeKidZone is also about to launch a new panic-button app and service for kids' mobile phones.
SLAs Can Make Life Easier
Commentary  |  3/19/2010  | 
Many times when I am speaking with an IT Manager and I ask what their Service Level Agreements (SLAs) are with their users, I get an eye roll filled answer that generally equates to the revelation that the SLA is implied. There is a belief by many that SLAs are just are not worth the effort. The reality is that SLAs can make life easier and are well worth the effort.
So Long, And No Thanks: Why User Education Fails
Commentary  |  3/18/2010  | 
In "So Long, And No Thanks for the Externalities: The Rational Rejection of Security Advice by Users," Cormac Herley of Microsoft Research tries to answer why users don't respond to security advice.
Global CIO: Google, At Last, Goes For Microsoft's Throat
Commentary  |  3/18/2010  | 
It's getting serious about enterprise IT.
Advantages Of PCI-Based SSDs
Commentary  |  3/17/2010  | 
The typical path to SSD is by either buying a SAN attached SSD specific storage system or leveraging SSD drives in an alternate drive type in a storage system. For a few years however another form factor has been establishing itself, the PCIe based SSD and there may be some areas where it has a few advantages.
Drive Imaging Using Software Write Blocking
Commentary  |  3/17/2010  | 
In my last blog, I detailed several methods for imaging hard drives using hardware and software-based tools. To finish the discussion, today I want to get into software-based write-blocking tools that can be used when hardware options are not available, the drives are not supported, or the situation requires the system to be imaged while online.
McAfee Tackles Cloud Security For Cloud Service Providers
Commentary  |  3/17/2010  | 
Security vendor McAfee aims to take on concerns about cloud security where the concerns flourish and where the customers are -- among the SaaS providers in the cloud. The goal is not only to up security levels, but also establish a trusted brand.
Database Dangers In The Cloud
Commentary  |  3/17/2010  | 
Moving to a cloud-based database and virtual environment comes with plenty of benefits, but there's also a potential price to pay for security.
Industry Poll Shocker: Employees Bypass IT Policies
Commentary  |  3/15/2010  | 
A poll released today by Harris Interactive found that a good portion of workers admit that they knowingly violate IT policies so that they can get their work done. My take: those workers that didn't admit that they violate corporate compliance and security policies are liars.
Using Hard-Drive Imaging In Forensics
Commentary  |  3/15/2010  | 
A client recently asked me about adding hard drive imaging into its standard incident response process. Because most of the incidents the client deals with are related to malware infections, its current process is to make sure the user's data is backed up before wiping the hard drive and installing a fresh version of the operating system -- a solid process, but it could use some improvements to deal with modern malware.
Do SSDs Belong In Laptops?
Commentary  |  3/15/2010  | 
If there is confusion over when you use solid state disk (SSD) in the enterprise then there seems to be utter chaos when it comes to the laptop market. The typical hope is that the use of SSDs will improve performance and improve battery life of these devices that for many people are their primary computing platform. In addition to performance and battery life there are other laptop challenges that SSD may be able to help with.
More Than Half Of SMBs Hit By Online Bank Fraud Last Year
Commentary  |  3/15/2010  | 
Some scary figures from a new Ponemon/Guardian Analytics study of SMB online banking fraud find that more than half of the 500+ businesses surveyed got tagged by fraud, and more than half of those were not fully reimbursed for their losses.
More Anti-Virus Fail
Commentary  |  3/13/2010  | 
By focusing on threats, rather than vulnerabilities, those who rely on anti-virus software to stop rapidly evolving attacks are simply asking for their systems to be owned.
It's Time For Personal 'OnStar'-Like Security
Commentary  |  3/12/2010  | 
I recently saw a story about a young child who, upon being confronted by armed robbers in his home, had the presence of mind to lock himself in a bathroom with his younger sister and call 911. Doing so likely saved the lives of everyone in the house. Because this outcome is unusual, I think it's time we looked at personal security more closely.
Challenge Yourself To Be Better
Commentary  |  3/11/2010  | 
If you've been in the information security field for more than six months, then you know it's vital to stay on top of the latest threats, tools, and news to be effective at your job. That's why many of us love the field so much--it's always changing. And it challenges us.
Cyberwarfare: Play Offense Or Defense?
Commentary  |  3/11/2010  | 
One of the key differences in military theory between Internet warfare and kinetic warfare is whether defense or offense are stronger. Here's a shortened version of an argument I am formulating about this matter following years of debate.
Simplify Your Existing Storage
Commentary  |  3/11/2010  | 
Sometimes in storage you don't have the budget to go out and get the latest, greatest storage system that is going to make your life simpler. Sometimes you have to make due with what you have. That does not mean that you have to live without all the new capabilities that are becoming available in storage like improved provisioning and multiple protocols.
Energizer Bunny Gone Bad
Commentary  |  3/10/2010  | 
Along with the usual security alerts covering the March bulletins from Microsoft and various content management systems flaws, US CERT published an unusual security alert about a product from Energizer, the battery company.
As Celebrities And Millions Joined Twitter Criminals Followed
Commentary  |  3/10/2010  | 
Anyone who has been using social networks for the past couple of years has anecdotally witnessed an increase in malicious activity and phishing attacks. Today, a security firm released its analysis of 19 million Twitter accounts and has quantified just how rapidly malicious activity on Twitter has grown. Hint: it's been significant recently.
Extending Your Storage
Commentary  |  3/10/2010  | 
In our last entry we discussed what to look for in a new storage system. But what if you don't have the budget for a new storage system or your current system is not old enough that you dare bring up the subject of replacing it? The alternative is to look for solutions that can extend the usefulness of what you currently have.
Do As Security Pros Say, Not As They Do
Commentary  |  3/9/2010  | 
Monitoring at the RSA Conference found plenty of security vulnerabilities on the wireless networks the security professionals were using.
New Analysis Tools For Windows Memory
Commentary  |  3/8/2010  | 
Last week I looked at some creative uses of log analysis for detecting malware, and ways to acquire Windows physical memory for analysis. What I've seen time and time again is where those in charge of security don't even bother to log information from their systems and applications, leading them to a much larger incident response scenario than if they could detect it sooner.
Facebook As A Spear-Phishing Tool
Commentary  |  3/8/2010  | 
My company Secure Network has been performing a variety of penetration tests that leverage information derived from sites such as MySpace and Facebook.
Acquiring Windows Memory For Incident Response
Commentary  |  3/5/2010  | 
It was a busy week. Some of you made the annual trek out to San Francisco, while the rest of you were stuck working diligently in your office. Me...well, I'm in the latter group.
Twitter Attacks Get Automated
Commentary  |  3/5/2010  | 
A security researcher has released an automated social network attack tool in an attempt to show just how vulnerable social nets are.
Replacing Storage? What To Look For
Commentary  |  3/5/2010  | 
In our last entry, we discussed how the cost of out-year maintenance will cause you to look for another storage vendor and based on the comments and emails, we struck a nerve. Beyond that issue though what else will make you switch storage vendors?
Global CIO: In Age Of Google Hack, Verdasys Redefining Cybersecurity
Commentary  |  3/4/2010  | 
After a huge victory protecting Ferrari's racing secrets, Verdasys is racking up big wins among large enterprises seeking new approaches.
Social Networks, Data Leaks, And Operation Security
Commentary  |  3/4/2010  | 
Following a Facebook update from a soldier on an upcoming operation, the Israeli Defense Forces (IDF) canceled an operation into the West Bank, illustrating how the connected world makes maintaining operational security (OPSEC) all the more difficult.
RSA: Experts Urge Cybersecurity Collaboration, Quality Assurance
Commentary  |  3/3/2010  | 
An important theme within the conversation at RSA Conference 2010 has been finding ways for the government and private industry to better collaborate when it comes to fighting cyberthreats.
Malware's New Vehicle
Commentary  |  3/3/2010  | 
Malware has been around for years, but most IT pros think about it only when a family member calls for computer help. Well, one theme of RSA is that we're all going to have to pay closer attention.
Is Out-Year Maintenance Really Motivation?
Commentary  |  3/3/2010  | 
At some point in the next few years, maybe this year, you are going to switch storage vendors. In the industry we use terms like refresh your storage instead of switch. Sounds less painful. In my blog over at Network Computing I spoke about how you need to be careful of the actual migration of data and who is going to do it. A common motivation to switch is the cost of out-year mai
RSA: Toward A Trusted Cloud
Commentary  |  3/1/2010  | 
Moving toward ways to manage, verify, and trust cloud security was the prevalent theme today The Cloud Security Alliance Summit, held here in San Francisco as the RSA Security Conference 2010 gets underway.
Page 1 / 2   >   >>


Register for Dark Reading Newsletters
Dark Reading Live EVENTS
INsecurity - For the Defenders of Enterprise Security
A Dark Reading Conference
While red team conferences focus primarily on new vulnerabilities and security researchers, INsecurity puts security execution, protection, and operations center stage. The primary speakers will be CISOs and leaders in security defense; the blue team will be the focus.
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
Security Vulnerabilities: The Next Wave
Just when you thought it was safe, researchers have unveiled a new round of IT security flaws. Is your enterprise ready?
Flash Poll
[Strategic Security Report] Assessing Cybersecurity Risk
[Strategic Security Report] Assessing Cybersecurity Risk
As cyber attackers become more sophisticated and enterprise defenses become more complex, many enterprises are faced with a complicated question: what is the risk of an IT security breach? This report delivers insight on how today's enterprises evaluate the risks they face. This report also offers a look at security professionals' concerns about a wide variety of threats, including cloud security, mobile security, and the Internet of Things.
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2017-0290
Published: 2017-05-09
NScript in mpengine in Microsoft Malware Protection Engine with Engine Version before 1.1.13704.0, as used in Windows Defender and other products, allows remote attackers to execute arbitrary code or cause a denial of service (type confusion and application crash) via crafted JavaScript code within ...

CVE-2016-10369
Published: 2017-05-08
unixsocket.c in lxterminal through 0.3.0 insecurely uses /tmp for a socket file, allowing a local user to cause a denial of service (preventing terminal launch), or possibly have other impact (bypassing terminal access control).

CVE-2016-8202
Published: 2017-05-08
A privilege escalation vulnerability in Brocade Fibre Channel SAN products running Brocade Fabric OS (FOS) releases earlier than v7.4.1d and v8.0.1b could allow an authenticated attacker to elevate the privileges of user accounts accessing the system via command line interface. With affected version...

CVE-2016-8209
Published: 2017-05-08
Improper checks for unusual or exceptional conditions in Brocade NetIron 05.8.00 and later releases up to and including 06.1.00, when the Management Module is continuously scanned on port 22, may allow attackers to cause a denial of service (crash and reload) of the management module.

CVE-2017-0890
Published: 2017-05-08
Nextcloud Server before 11.0.3 is vulnerable to an inadequate escaping leading to a XSS vulnerability in the search module. To be exploitable a user has to write or paste malicious content into the search dialogue.