In Software We (Can't) Trust
I can't think of more than a few attacks in the past decade that involved stolen certificates as part of the malware or exploit code. However, recent attacks, and new research highlights the increasing danger of trusting signed digital certificates.
User Authentication In E-Commerce
When we designed SSL to enable e-commerce on the Web, we had to solve two issues. One was the Web's openness -- the fact that anybody can read anything -- and the other was how parties might authenticate with one another.
Ready For Primary Cloud Storage?
Cloud storage has moved out of the experimental mode and into some form of production for many organizations. To date most of the use cases are either to backup data to the cloud or to archive data to the cloud. Now though the move is on to provide leverage the cloud for primary data storage. If successful it could change the way many businesses buy storage.
Google To Warn Admins Of Malware Infestations
It's been made very clear that one of the greatest threats to Web safety is reputable Web sites getting nailed with malware - and their web masters don't even know it. That malware then infects users - who also go unaware that they've been pwned. This week, Google is taking steps to try to turn that tide.
Why The Insider Threat Is Ignored
The insider threat is complicated, and most organizations do not fully understand the magnitude of the problem. There are three main reasons why the insider threat has been ignored: Organizations do not know it's happening, it's easy for organizations to be in denial, and organizations fear bad publicity.
Government Puts The Hurt On The Internet
There are a lot of problems that face the Internet and technology today, from major security flaws to increasing infrastructure demands, you name it. But by far the biggest threats are the regular attempts by government and special interests to control the Internet and technology, attempts which would usually end up causing severe damage.
Integrating The SSD Appliance
The SSD Appliance or Memory Array applies to storage systems that are designed from the ground up to only be used with solid state storage. They are often focused on storage I/O performance and solid state integrity more so than providing storage services like snapshots or replication. In this entry we will look at when does it make sense to use these products instead of adding SSD to an existing storage system or going all out and buying a new solid state storage system.
Stuxnet Pwned Iran. Are We Next?
For the past few weeks rumors had run rampant about the purported targets of the Stuxnet worm. One of those rumors was that the worm was targeting Iran's controversial nuclear sites. Now, according to news reports that hit yesterday, those rumors may very well be right. There's a warning in all of this for the United States.
Five Main Causes Of SMB Security Incidents
Like you, I have read many articles covering small business security, the authors of which have made up various lists of "top X threats" or "this year's biggest vulnerabilities," etc. So I thought it would be interesting to dig into a sampling of the data breach reports and collect some real data on causes of breaches and other security incidents in SMBs.
Lock-Picking Popularity Grows
As security professionals, it is easy to get focused only on the technical side of security and forget about the importance of physical security.
What Solid State Form Factor Is Best - Integration
Returning to our Solid State Form factor series; this entry we are going to begin the discussion about solid state integration. There are really two parts of the integration discussion; how will you integrate solid state disk into your storage infrastructure and the other is how will your vendor integrate solid state disk into their storage system? We'll tackle the vendor issue first since it may directl
'Here You Have' A Lesson
It's been interchangeably called spam, or a targeted attack that spun out of control, or a form of cyber-jihad with alleged geopolitical implications. But regardless of what you call it, the "Here You Have" email worm is an excellent example of just how well today's security can work. Here are a few justifications for that optimism.
Different Flavors Of The Insider Threat
There are different categories of insider threats, based on the level of access the employee has. There are four types: pure insider, insider associate, insider affiliate, and outside affiliate. Each of these categories also has different motives. Understanding each is a key to building proper preventive and detective defenses.
The Cookies You Can't Remove
They say that some things last forever, like diamonds or true love or Twinkies. But should browser cookies used for tracking be added to that list?
Web-Based Spam Detection With Google Alerts
Search engines are great, powerful tools. They can help find an answer when you've tried everything you can think of. They can also help find information about a company you may be performing a penetration test on.
Twitter Under Attack
There's a cross-site site scripting flaw aggressively spreading across the social networking site Twitter. I know, I was hacked first thing this morning. . .
Virtual Desktops And Storage - Dealing With Boot Storms
Virtual desktop environments are different than virtual server environments when discussing performance. To the virtual desktop environment we need to be able to provide acceptable performance consistent, but moderate, performance throughout the day to a set of endpoints (desktops and laptops) that have similar I/O patterns. This is different than server virtualization which has highly random I/O patterns and needs very high performance at peak moments throughout the day.
The What And The Why Of Professional Penetration Testing
Welcome to the first in a series of posts on professional penetration testing. During the course of the next few entries, I will shed light on the often confusing and rarely straightforward world of penetration testing based on my experience during the past decade as both a professional penetration tester and a manager of penetration testing teams.
Missing The Insider Threat
"I trust everyone. It is the devil inside that I do not trust" is a great line from the movie "The Italian Job." Every single person has the potential to do harm if the right circumstances occur. Yes, this includes employees.
Protegrity Gets Aggressive
Last week Protegrity announced it had filed patent infringement suits against NuBridges and Voltage Security Inc., its main competitors. Patent infringements suits are nothing new with technology companies, but this one was a little odd in that the suits were actually filed in May.
A Lesson From Steve Jobs' Email
We've all had one of these moments: You get an email and quickly respond without putting much thought into it. Then you end up wishing you'd taken more time.
Desktop Virtualization And The Storage Challenges It Creates
As server virtualization becomes more widespread desktop virtualization is quickly becoming the next big project that IT Managers have on their white board. As with any new IT project it has the opportunity to bring added flexibility and cost savings to the organization while at the same time increasing IT efficiency. However like server virtualization before desktop virtualization brings a whole new set of storage challenges.
Which Solid State Disk Is Best? Part IV
The next step in deciding which solid state storage is best for your environment is to understand how you are going to use solid state disk. I moved this ahead of how to integrate solid state disk into your environment because knowing how you are going to use solid state disk may impact how you choose to implement it.
Taking USB Attacks To The Next Level
USB devices have many benign, legitimate uses. But put a USB-based device in the hands of a savvy hardware hacker, and that USB device can go from good to evil in no time.
Cloud Security And Compliance: Clear The Ambiguity
The fact that business consumers of public cloud computing services don't get much in the way of transparency into the governance and security efforts of their cloud providers has been an obvious hindrance to cloud adoption. Here's an example at how a nascent, but encouraging, standard - CloudAudit - aims to change that.
Relying On Tools Makes You Dumber
It takes a lot of time and effort to stay up on the latest vulnerabilities, attacks, and tools. Often, we in the security field rely on tools to automate parts of a vulnerability assessment or penetration test, but our testing should never rely only on the tools. If all we ran were some tools and blindly trusted their output,then we would be no better than your average script kiddie.
State Of Cybercrime Legislation Around The World
The main problem with international law enforcement on cybercrime is that even with efforts by the FBI and others, international communication between different agencies around the world is extremely slow.
The DeDupe Performance Boost
Deduplication is the elimination of redundant data typically associated with optimizing storage utilization. I've spent some time lately defending our stance that deduplication in primary storage can be done without a performance penalty. What is not often discussed is that there is also the potential for a performance gain when using deduplication that may outweigh the resources costs associated with the process.
What Solid State Storage Form Factor Is Best? Part II
As discussed in an earlier entry, there are three basic types of solid state form factors available in the market today; PCIe as we discussed last entry, Solid State Disks, which we will cover in this entry and Solid State Appliances also called Memory Arrays which we will cover next. We'll conclude this series with a discussion in integration methods that storage vendors are using to implement solid sta
iPhone iOS Devices Jailbroken
Hackers are claiming to have uncovered a flaw within iPhone and iPod Touch hardware that will make it easy for users to jailbreak their devices. And, if these reports prove accurate, it'll not be a trivial workaround for Apple to fix.
Ownage By USB Keyboard
When was the last time Windows asked you for permission before adding your new hardware -- say, a mouse?
Twitter Hit With Another Cross-Site Scripting Vulnerability
Over this Labor Day weekend developers at Twitter had to do a bit of additional labor that they should have previously completed - and that's to close a potentially dangerous cross-site scripting (XSS) vulnerability before things slid out of hand.
Are Clouds Real?
The theme last week at VMworld was "Virtual Roads, Actual Clouds" which begs the question, are we really to a point that clouds are real? The answer, as always, is "it depends". The determent is dependent on where you sit and what your angle of view is, but for the most part clouds are more real for more businesses than they ever were.
Seven Features To Look For In Database Assessment Tools
As a follow-up to my "Essentials of Database Assessment" post, I want to go over some of the basic features and functions to look for in a database assessment product. Many features differentiate one tool from another, but I'll focus in on the top seven items you should review.
Keep Your Browser Updated
During the Labor Day weekend, I got pulled in by friends and relatives (some remotely) to take care of their computer-related problems.
Anticipating The First Car Virus
I've been thinking a lot about Intel's acquisition of McAfee, and recently spent the afternoon with the company reviewing its strategy. Intel doesn't want to repeat the mistake made with the PC in regard to malware as we move to more common interfaces, operating systems, and network-connected TVs, appliances, manufacturing equipment, air conditioning and heating systems -- and, yes, automobiles and motorcycles. While a virus or an attack on a PC or server is certainly painful, the same attack on
Apple's Ping Stumble Highlights Systemic Security Problem
Within 48 hours of Ping's launch, Apple's foray into music social networks, more than one million users joined. Too bad, like so many other applications and services on the Internet, security was an afterthought, and those users were plagued with spam comments.
vStorage API Spreads Its Wings
The goal for VMware is to virtualize as much of the data center as possible. This goal can only be reached by increasing virtual machine (VM) density per physical server. The roadblock to high VM density per host is storage performance and data protection. Much of the focus of VMworld was addressing those issues through more vendors adopting the use of the vStorage API set.
Finding Exposed Devices On Your Network
When browsing through SHODAN, it never ceases to amaze me what I can find. How is it that people think it's okay to leave their printers, routers, fiber channel switches, and industrial control systems completely open to the Internet?