I recently started listening to one of SearchSecurity.com’s (which is the online version of Information Security magazine) podcasts, Threat Monitor. In this January 17th podcast, Ed Skoudis has, in my opinion, created the most relevent and comprehensive list of emerging malware threats that I know of.
http://threatmonitor.blogspot.com/2007_01_01_archive.html
Archive for June, 2007
Very good security podcast: Threat Monitor
June 29, 2007Security Digest for June 18th – June 22nd
June 28, 2007
Can ‘cyberinsurance protect you from data breach catastrope?
http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9023078&
pageNumber=1
As insurance companies dip their toe into the cyperbinsurance market, it is good for admins to know what to look for and how to decrease potential premiums.
IBM, HP reshape Web app security market
http://searchsecurity.techtarget.com/columnItem/0,294698,sid14_gci12
61423,00.html?track=sy160
Possible good security consequences of IBM buying Watchfire and HP buying SPI Dynamics
Mergers and acquisitions: Building up security after an M&A
http://searchsecurity.techtarget.com/tip/0,289483,sid14_gci1261024,00.
html?track=sy320
A lot of times IT security is pushed aside during the frantic activities of M&A. Advice: Don’t let it be.
How to create a computer-emergency response team
June 28, 2007
A short article on how a prepared, intra-departmental team can save the day in a crisis.
http://www.networkworld.com/news/2007/061807-security-standard-2-side.html?page=1
[Editor's note (Valle): Many company's ignore this article's advice to their peril. Most small and medium size business do not have a current, working CERT and even large companies that do make the mistake of not including people from all the neccessary departments.]
Data Governance will Eclipse CIO Role
June 21, 2007A very insightful article about how data will become centralized and how information drives business models.
http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9024560&source
=rss_topic17
Editor’s note (Valle): I am a firm believer that information (creation, dissemination, and use) ultimately drives all business models and that the winners in the market are those that will use information to create more value to for their customers than their competitors. I like the author’s idea of a chief information stategist (CIS) whose importance, I think, will eclipse the CIO and CTO role.
Security Digest for June 11th – June 15th
June 21, 2007Study: Law puts damper on Web security research
http://www.computerworld.com/action/article.do?command=viewArticle
Basic&articleId=9024361&source=rss_topic17
Also mentioned in my June 12th post #5. These laws hamper white hat hackers’ ability to do their job.
10 reasons why the Black Hats have us outgunned
http://www.theregister.co.uk/2007/06/13/black_hat_list/
A good primer on what it is like to be a black hat hacker
CIOs look Beyond Cops for Help Fighting Cybercrime
http://www.cio.com/article/118500/CIOs_Look_Beyond_Cops_for_Help
_Fighting_Cybercrime
With the Secret Service and FBI overwhelmed and under-resourced to catch hackers in other countries, CIOs have to find help from others.
Four Deadly security sins
http://www.zdnetasia.com/news/security/0,39044215,62020417,00.htm
A quick reminder to have your bases covered.
Gartner: Consumer Products Threaten Corporate Security
http://www.darkreading.com/document.asp?doc_id=126638
Advice on how to protect against consumer products and Web 2.0 technologies in the enterprise.
Online crime group logs Millionth complaint
http://www.computerworld.com/action/article.do?command=viewArticleBasic&taxonomyName=security&articleId=9025038&
taxonomyId=17&intsrc=kc_top
This represents over $650 million in losses to customers in the US alone.
Why network-based security doesn’t cut it anymore
http://www.networkworld.com/news/2007/061407-vc-recommends-client-
side-security.html?fsrc=rss-security
A VC’s take on the importance of securing the endpoint.
Data Leak Prevention primer
June 21, 2007
A very good article from one of my favorite security bloggers, Richard Bejtlich, on what steps to take before purchasing an extrusion detection or prevention product (aka. Data leak prevention or intellectual property leakage)
http://searchsecurity.techtarget.com/tip/0,289483,sid14_gci1251640,00.html?track=sy260
Editor’s note (Valle): Extrusion detection and prevention, I believe, is going to be the next big thing in security (besides virtualization) There are just too many ways for information to leak out of companies so it makes a lot of sense to tag all important information and then have the ability to stop it from leaving the corporate walls.
Great interview: Security Now and eEye’s Marc Maiffret
June 12, 2007An excellent Security Now podcast (#91) with one of the original hackers.
http://www.grc.com/securitynow.htm
Great insight into network security – Such as:
- Most vulnerabilities in a computer are non-Microsoft, they are vulnerabilities within iTunes, Adobe, QuckTime, Flash, etc..
- Hackers are finding vulnerabilities in non-Microsoft application just as fast as they are finding Microsoft vulnerabilities. The big difference is that other software vendors do not have regular patches like Microsoft.
- Microsoft has the best practice around security than any other software company- because they were forced to. Other vendors have not been forced to and that is why they are more vulnerable.
- As more functionality is added to browsers, their attack surface increases and they become bigger targets.
- As more appliations become hosted it becomes harder for “white” hat hackers and researchers to search for vulnerabilities b/c it becomes illegal at that point while black hat hackers have no such quams.
- If hosting servers become compromised, a hacker can have access to millions of people’s information instead of just one.
- Windows is actually more secure than Macs
- Don’t buy Vista for the security features- it has vulnerabilities as well
Spammers using AI to get through
June 8, 2007Spammers are using image-based spam and artificial intelligence to get through even the best anti-spam defenses
http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9022560&pageNumber=1
[Editors note: (Valle) Since there is currently no really good defense for stopping sophisticated image spam that uses CAPTCHA (completely automated public Turing test to tell computers and humans apart) technology, anti-spam vendors have had to rely more on intent and IP and URL reputation analysis to block spam.
