When To Choose: Preventive VS Reactive Security
Information security is an area of IT that can have an extremely varied budget based on the parent organizations' belief of whether or not they'll be hacked. It's a mentality that seems silly if you've been in the infosec biz for a while because you most likely have realized by now that everyone gets hacked or has a data breach at some point.
Insiders Not The Real Database Threat
The recent incident where an HSBC employee raided a corporate database of customer information and then attempted to sell information to French tax collectors has been characterized as a user-access control issue. But I don't agree.
Get To Know The Storage I/O Chain
Storage performance problems are often circular challenges. You fix one bottleneck and you expose another one. You can't really fix storage I/O, all you can do is get it to the point that people stop blaming storage for the performance problems in the data center. Getting there requires knowing the storage I/O chain.
Which Storage Protocol Is Best For VMware?
In a recent entry in his blog, StorageTexan asks "why someone would choose to go NFS instead of doing block based connectivity for things like VSPhere?" http://storagetexan.com/2010/03/25/the-debate-why-nfs-vs-block-access-for-osapplications/
and while I gave a brief opinion as a comment on his site, I thought I would take a little deeper dive here. Which storage protocol is best for VMware?
A Russian Strategist's Take On Information Warfare
Today I'd like to introduce you to one of the main thinkers on information warfare, who most of you never heard of. S.P. Rastorguev (Расторгуев C.П.). He is a Russian strategist who unfortunately, as far as I can find, hasn't been translated.
Ransomware Continues To Soar
New analysis on the ransomware trend shows how cyber thieves are increasingly holding systems hostage in an attempt to extort users.
How Safari Hacker Finds Bugs
Multiple vulnerabilities in the mainstream browsers and other widely installed software came to light at the CanSecWest conference in Vancouver.
Hacker Cracks Internet Explorer 8 on Windows 7
Despite the security measures included in Windows 7, two security researchers were able to defeat the security provided to users running Internet Explorer 8 on top of Microsoft's latest operating system.
March Madness: Hoop Dreams Spawn Malware Nightmares
Some interesting stats from security firm Zscaler, Cisco Scansafe and eSoft point out the surge in business bandwidth consumption during NCAA games -- and warn that unwary searching for bracket listings could result in malware being dunked into your system.
Proceed Gradually With Fibre Channel Over Ethernet
There has been some concern recently of Fibre Channel Over Ethernet's (FCoE's) readiness to be deployed as an IT infrastructure. While the technology will continue to develop, it should be suitable for many environments. No one should be suggesting that the move to FCoE is a total rip-and-replace, but more of a gradual move as the opportunity arises.
Cyber Cities Attract Cyber Crooks -- Ya THINK?
Symantec's new list of the top cities for cyber crime risks rounds up the usual suspects (the more cyber-savvy the city, the more crooks that come there) -- and offers some important reminders no matter where you work and live.
Automated Web Scanners Bring The Noise
One fish, two fish, red fish, skipfish...huh? That was my initial thought. Skipfish is definitely an interesting name for a Web application security scanner. It sounds like it came straight out of a Dr. Seuss book, but instead it's an awesome new tool from Michal Zalewski and Google.
DHS To Pilot Enhanced Network Intrusion Prevention Technology
The Department of Homeland Security (DHS) will be partnering with a government agency and an internet service provider to trial an enhanced and upcoming version Einstein, a system used to help secure the networks of certain federal departments and agencies.
End User Security: Why Bother?
According to some new research, that's precisely the reason end users don't trouble themselves with strong passwords and safe surfing practices. The risks they believe they're exposed to just don't outweigh the annoyances security imposes.
Mozilla To Patch Critical Firefox Bug
Mozilla has confirmed a zero day vulnerability that affects Firefox version 3.6. The flaw makes it possible for malicious code to be injected into systems running the web browser. A fully tested fix won't be available until March 30.
I've received several good questions about Microsoft software restriction policies. It's one of those features included in Windows that most people seem to have heard of once, but can't recall where and don't remember what it does. One of the e-mail messages asked about how to know which files are good.
Personal Panic-Button Apps Land On Mobile Phones
Personal security apps for mobile phones are here, and famed criminal profiler and frequent NBC/MSNBC guest commentator Clinton Van Zandt is getting into the act. Van Zandt is now featuring on his LiveSecure.org Website, among other personal security products, a silent panic-button app for smartphones. Separately, a new start-up called SafeKidZone is also about to launch a new panic-button app and service for kids' mobile phones.
SLAs Can Make Life Easier
Many times when I am speaking with an IT Manager and I ask what their Service Level Agreements (SLAs) are with their users, I get an eye roll filled answer that generally equates to the revelation that the SLA is implied. There is a belief by many that SLAs are just are not worth the effort. The reality is that SLAs can make life easier and are well worth the effort.
So Long, And No Thanks: Why User Education Fails
In "So Long, And No Thanks for the Externalities: The Rational Rejection of Security Advice by Users," Cormac Herley of Microsoft Research tries to answer why users don't respond to security advice.
Advantages Of PCI-Based SSDs
The typical path to SSD is by either buying a SAN attached SSD specific storage system or leveraging SSD drives in an alternate drive type in a storage system. For a few years however another form factor has been establishing itself, the PCIe based SSD and there may be some areas where it has a few advantages.
Drive Imaging Using Software Write Blocking
In my last blog, I detailed several methods for imaging hard drives using hardware and software-based tools. To finish the discussion, today I want to get into software-based write-blocking tools that can be used when hardware options are not available, the drives are not supported, or the situation requires the system to be imaged while online.
McAfee Tackles Cloud Security For Cloud Service Providers
Security vendor McAfee aims to take on concerns about cloud security where the concerns flourish and where the customers are -- among the SaaS providers in the cloud. The goal is not only to up security levels, but also establish a trusted brand.
Database Dangers In The Cloud
Moving to a cloud-based database and virtual environment comes with plenty of benefits, but there's also a potential price to pay for security.
Industry Poll Shocker: Employees Bypass IT Policies
A poll released today by Harris Interactive found that a good portion of workers admit that they knowingly violate IT policies so that they can get their work done. My take: those workers that didn't admit that they violate corporate compliance and security policies are liars.
Using Hard-Drive Imaging In Forensics
A client recently asked me about adding hard drive imaging into its standard incident response process. Because most of the incidents the client deals with are related to malware infections, its current process is to make sure the user's data is backed up before wiping the hard drive and installing a fresh version of the operating system -- a solid process, but it could use some improvements to deal with modern malware.
Do SSDs Belong In Laptops?
If there is confusion over when you use solid state disk (SSD) in the enterprise then there seems to be utter chaos when it comes to the laptop market. The typical hope is that the use of SSDs will improve performance and improve battery life of these devices that for many people are their primary computing platform. In addition to performance and battery life there are other laptop challenges that SSD may be able to help with.
More Than Half Of SMBs Hit By Online Bank Fraud Last Year
Some scary figures from a new Ponemon/Guardian Analytics study of SMB online banking fraud find that more than half of the 500+ businesses surveyed got tagged by fraud, and more than half of those were not fully reimbursed for their losses.
More Anti-Virus Fail
By focusing on threats, rather than vulnerabilities, those who rely on anti-virus software to stop rapidly evolving attacks are simply asking for their systems to be owned.
It's Time For Personal 'OnStar'-Like Security
I recently saw a story about a young child who, upon being confronted by armed robbers in his home, had the presence of mind to lock himself in a bathroom with his younger sister and call 911. Doing so likely saved the lives of everyone in the house. Because this outcome is unusual, I think it's time we looked at personal security more closely.
Challenge Yourself To Be Better
If you've been in the information security field for more than six months, then you know it's vital to stay on top of the latest threats, tools, and news to be effective at your job. That's why many of us love the field so much--it's always changing. And it challenges us.
Cyberwarfare: Play Offense Or Defense?
One of the key differences in military theory between Internet warfare and kinetic warfare is whether defense or offense are stronger. Here's a shortened version of an argument I am formulating about this matter following years of debate.
Simplify Your Existing Storage
Sometimes in storage you don't have the budget to go out and get the latest, greatest storage system that is going to make your life simpler. Sometimes you have to make due with what you have. That does not mean that you have to live without all the new capabilities that are becoming available in storage like improved provisioning and multiple protocols.
Energizer Bunny Gone Bad
Along with the usual security alerts covering the March bulletins from Microsoft and various content management systems flaws, US CERT published an unusual security alert about a product from Energizer, the battery company.
As Celebrities And Millions Joined Twitter Criminals Followed
Anyone who has been using social networks for the past couple of years has anecdotally witnessed an increase in malicious activity and phishing attacks. Today, a security firm released its analysis of 19 million Twitter accounts and has quantified just how rapidly malicious activity on Twitter has grown. Hint: it's been significant recently.
Extending Your Storage
In our last entry we discussed what to look for in a new storage system. But what if you don't have the budget for a new storage system or your current system is not old enough that you dare bring up the subject of replacing it? The alternative is to look for solutions that can extend the usefulness of what you currently have.
New Analysis Tools For Windows Memory
Last week I looked at some creative uses of log analysis for detecting malware, and ways to acquire Windows physical memory for analysis. What I've seen time and time again is where those in charge of security don't even bother to log information from their systems and applications, leading them to a much larger incident response scenario than if they could detect it sooner.
Facebook As A Spear-Phishing Tool
My company Secure Network has been performing a variety of penetration tests that leverage information derived from sites such as MySpace and Facebook.
Twitter Attacks Get Automated
A security researcher has released an automated social network attack tool in an attempt to show just how vulnerable social nets are.
Replacing Storage? What To Look For
In our last entry, we discussed how the cost of out-year maintenance will cause you to look for another storage vendor and based on the comments and emails, we struck a nerve. Beyond that issue though what else will make you switch storage vendors?
Social Networks, Data Leaks, And Operation Security
Following a Facebook update from a soldier on an upcoming operation, the Israeli Defense Forces (IDF) canceled an operation into the West Bank, illustrating how the connected world makes maintaining operational security (OPSEC) all the more difficult.
Malware's New Vehicle
Malware has been around for years, but most IT pros think about it only when a family member calls for computer help. Well, one theme of RSA is that we're all going to have to pay closer attention.
Is Out-Year Maintenance Really Motivation?
At some point in the next few years, maybe this year, you are going to switch storage vendors. In the industry we use terms like refresh your storage instead of switch. Sounds less painful. In my blog over at Network Computing I spoke about how you need to be careful of the actual migration of data and who is going to do it. A common motivation to switch is the cost of out-year mai
RSA: Toward A Trusted Cloud
Moving toward ways to manage, verify, and trust cloud security was the prevalent theme today The Cloud Security Alliance Summit, held here in San Francisco as the RSA Security Conference 2010 gets underway.