Sending Email, Web Security To The Cloud
E-mail and Web security outsourcing are gaining more momentum as resource-strapped companies look for ways to tighten their IT belts. IT shops are constantly being asked to do more with less, and it's often security that gets more budget cuts since it's an IT area that doesn't contribute directly to a company making money.
Storage Checkers Vs. Chess
Checkers is a two dimensional game where all the pieces have the same ability. Its about covering space. Chess is a complex three dimensional game where all the pieces have different capabilities and there is one common target: the enemy's king. In storage some features begin to look like checkers because they have become so commonplace, but when you dig deeper you find that the capabilities of these features between vendors vary greatly.
Al Qaeda Implicated In Cyberattacks
Some papers recently became publicly available in the case of terrorism suspect Mohamedou Ould Slahi, accused of being one of Al-Qaeda's top recruiters. The papers revealed Al-Qaeda hacking activity, which demonstrates what proof of accountability in Internet attacks is, and how many of us jump to conclusions about countries, such as China, without it.
Fixing Storage Utilization Without A Refresh
In the final part of our storage utilization series we address how to improve storage utilization without refreshing the storage itself. This is, unfortunately, the most difficult way to improve storage utilization.
Microsoft SIR, Dissected
Microsoft published Version 8 of its Security Intelligence Report (SIR) this week. The report covers the second half of 2009 and is a massive piece of information with almost 250 pages.
Trusting 'Trusted' Sites Again
I've been teaching a user security awareness and training course to faculty and staff at our university. One of the great aspects of the class is the discussions that develop out of the participants' questions, like the security of social networks and how to use wireless securely while on the road. Lately, I've been getting one question more and more often: How do I know if a site is safe?
What To Look For In A Primary Storage Refresh
In our last entry we covered how the potential to increase storage utilization may help justify a storage refresh. If you are in a position to refresh your primary storage platform or you think the last entry may help you do that a little sooner than normal, what should you be looking for in your next storage platform?
McAfee's Mess, SEC's Sex Problem And What SMBs Can Learn From Each
Last week's McAfee release of a virus def file that didn't play well (to say the least!) with Windows XP SP3, along with unrelated revelations about the amount of pornsurfing going on at the SEC offers the chance to think a little bit about each problem -- and what your business has done and can do to avoid getting tagged by similar ones.
CSRF Attacks Get New PoC Creation Tool
Cross site request forgery (CSRF) is a powerful attack that can have devastating consequences. It's not a new attack, but new tools are released every year because Web developers don't always write secure code that can prevent these attacks. Often, CSRF vulnerabilities go undetected because automated scanners have difficulty detecting them.
Justifying An Early Storage Refresh
Our last entry covered ways to increase storage utilization. There are three options; live with under-utilization (easy but costly), refresh your current storage (easy but potentially expensive) or making what you have more efficient (potentially time consuming but potentially inexpensive). Most data centers have a schedule to refresh their current storage systems at some point in the future. In this ent
Network Solutions Hack Highlights Hosting Risks
Website hosting vendor Network Solutions Inc. (NSI) has been forced to cleanse its customer Websites after a few "thousand" sites where attacked after an unspecified number of NSI's shared servers were infiltrated.
PCI: Data Token Alternatives
When a merchant cannot -- or will not -- replace credit card numbers with tokens provided by its payment processor, how does it secure it database to be PCI-compliant?
Google Chrome Attracting Hacker Attention
The good news: at a recent security conference, Google Chrome got kudos as the hardest to browser hack. The bad news: a new hack is targeting possibly overconfident Chrome users and tagging them with malware.
California Senate Moves On New Data Breach Law
With 2003's landmark data breach notification law, SB-1386, California set the tone for the wave of state breach notification laws that would follow. Today, more states have similar laws than don't. Last week, the California Senate approved SB-1166 which aims to add more detail to the existing law.
Log Review Checklist For Responders Under Fire
Checklists are one of the most important things for first responders to have access to when responding to an incident. The reasons are many, and most of them tend to fall back on the human nature of the first responder. Incident response can impose a lot of stress on an individual, whether from management or the sheer criticality of the potentially hacked resource, it can be easy to miss a step or remember a command incorrectly when under fire.
Increasing Storage Utilization Rates
In a recent entry by John Foley he discusses some of the pros and cons for leveraging cloud computing to increase IT efficiency in the Federal Government. One of the more startling statements is how low utilization of storage is. Of course low utilization is not the sole problem of Federal IT, the private sector has its challenges with storage utilization as well. What can be done to inc
Attacking Electronic Door Access Control Systems
A friend recently pointed me to some research he has been doing with embedded door access control systems, as well as some of the vulnerabilities he has uncovered. Some of his findings were recently disclosed at Carolinacon, with more to come during his presentation at Hack in the Box.
Bridging The Gap Between Training And Operations
The EDUCAUSE Security Professionals Conference is a great conference for IT staff from higher education to meet and learn about deploying and managing security tools like OSSEC and Bro IDS, hear how others are dealing with compliance issues, and network with other professionals interested in security.
FCoE Poised For Adoption
FCoE adoption is getting ready to pick up steam. That's my take from Storage Networking World (SNW). The FCoE sessions and labs seemed well attended. This means that users are getting ready to deploy the technology, and of course, some already have.
Websites Vulnerable To New Clickjacking Techniques
At Black Hat Europe, UK-based security researcher Paul Stone has demonstrated new and seemingly powerful attacks that dupe users into activating malicious links on Web sites without their even knowing it.
NSA Director On The Cyber-Counterattack
According to an Associated Press report, the director of the National Security Agency told Congress the U.S. should respond in force to computer-based attacks -- even when the attacker is not known. Is that possible, and is it a good idea?
Nmap Does Much More Than Network Discovery
Nmap is among a network penetration tester's best friends, sitting high on a pedestal with the Metasploit Framework. I've been using the tool my entire career for network mapping and host discovery, typically on a weekly basis.
The Best Protocol For The Entry Level SAN
When the time comes to select your first shared storage system or even a second, one of the key points of debate is going to be what protocol you should use for it. The choices today can be somewhat staggering. At a minimum there is fibre, iSCSI and the NAS protocols CIFS and NFS, but there are also several new protocols that you may want to explore.
Big Patch Tuesday On Way
Tomorrow, Microsoft will patch 25 flaws in its operating system, e-mail software, and Office. For its part, Adobe will release a security update for Acrobat and Reader and provide a new way for its customers to receive updates.
Serious Java Flaw Surfaces
All current versions of Windows are open to attack thanks to a flaw within the Java Web Start Framework. Two security researchers announced the flaw just yesterday. The flaw could lead, through very rudimentary Web attacks, to full comprise of attacked systems.
Stop Counting Bots
How many bots are on the Internet, and why should we care? This is an argument I've been making since the late 1990s, and it is high time I got it in writing outside of closed circles.
The Perfect Entry Level SAN
At each Storage Network World (SNW) there are more than a few vendors that I meet with that are trying to address the first time SAN buyer. I expect that this year will be no different. In fact given the economy there may be more than ever. There are few observations that I have made in what makes a successful entry level SAN beyond the given easy and affordable.
Tax Time Is Hacks Time -- Time To Be Wary!
Over the next week or so as you, and, odds are, more than a few others in your workplace are scrambling to make the April 15th deadline, bear in mind that there are plenty of scams hoping to catch and bilk you mid-scramble.
In SSL We Trust? Not Lately
In the past two weeks we have seen multiple problems with SSL, which is used in our Web browsers to protect the privacy and integrity of our electronic transactions.
PCI Database Security Primer
I have written a lot about compliance in that past three months, but most of the guidance has been generic. Now I want to talk about database security specifically in relation to the Payment Card Industry (PCI) Data Security Standard, and consider compliance more from an architectural standpoint as opposed to a tools- or policy-based perspective.
What Is Zero Detect?
There is a term you are going to start hearing more of in storage circles; Zero Detect. Some storage systems that offer thin provisioning are adding the ability to detect areas of a volume that have been zeroed out so they can reclaim that space and use it elsewhere. Zero detect becomes a critical component as we advance the capabilities of thin provisioning.
iPad Hacked, Jailbroken
Unless you've been disconnected from the Internet, TV, and the free world - you know that Apple released the iPad. It only took about a day for a well-known iPhone OS hacking group -- the iPhone Dev team -- to Jailbreak the device using an unpatched security flaw.
Conficker Dead -- Long Live Conficker
Whether or not the Conficker worm is essentially dead, just lying low or somewhere in-between, the lessons of the massive botnet are likely to live on for a long time. Bad news is that there are lessons learned by the botnet makers, too.
Share -- Or Keep Getting Pwned
Forget the bad guys: Sometimes it seems like the security industry doesn't trust itself. There's too much internal hoarding of intelligence for privacy or competitive reasons and too little sharing of information among researchers, victims, and law enforcement about real attacks. All this does is give the cybercriminals an edge.
Password Brute Forcing Tool Gets Major Update
Brute-force password guessing attacks are very common. If you operate a publicly accessible SSH server, then you know firsthand just how common it is with constant poking for weak passwords on accounts like root, admin, and test. When the attackers do find a weak password and gain access, they will typically download their tools and start scanning for more weak passwords from the newly compromised server.
Breaking The Capacity Addiction
One of the complaints I hear about the new Apple iPad is that it does not have enough storage capacity, with high end units only offering 64GBs of storage. As a storage guy from the 5MB hard drive days, this reaction sometimes makes me shake my head in dismay.