A recent Threatpost article http://threatpost.com/en_us/a3t where Greg Hoglund comes pretty close to ranting about the actions of Anon and that they did not “hack” HBGary – they just weaseled their way into the HBGary Google account – does illuminate some of the issues with using Cloud services. You see, Greg tried to do some damage …
Category Archives: Security
GMail Security Checklist
The folks at Google have been nice enough to create a checklist to help you secure your system – it’s mostly a collection of best practices known to those in information security, but maybe less obvious to the general user populace. Either way, it would be beneficial for any GMail user to work through the …
Why SORBS sucks.
I like RDNSBLs – they are extremely useful, and when used properly, they can reduce your SPAM intake by 90% or more easily. When they don’t work well though, they kind of suck. No, actually, they really suck. One big problem with SORBS is it’s overly aggressively blacklist of supposed dynamic IP addresses – many …
Microsoft ASP.Net OOB Patch
sorry to interrupt the flow of the Making the Web Work for You series, but this is somewhat important. Microsoft issued a patch last week for the outstanding .Net issue that could pose a significant threat to those of you with Internet facing IIS servers. Although all .Net systems are vulnerable, the affected IIS boxes …
Windows LNK Out-of-Band Patch
As reported by SANS Internet Storm Center: http://isc.sans.edu/diary.html?storyid=9313 Microsoft release patch to address this rather serious vulnerability.
Windows LNK vulnerability
There has been quite a bit of talk in security circles with regard to the latest 0day Windows LNK (short-cut) vulnerability, which has potential to be fairly serious. There are partial fixes and workarounds but not a complete patch as yet. The following links should help you get informed and cover your bases: http://www.sophos.com/products/free-tools/sophos-windows-shortcut-exploit-protection-tool.html http://www.sophos.com/security/topic/shortcut.html
Does this file taste funny to you?
Reminds me of a joke – Q: Why don’t cannibals eat clowns? A: They taste funny. Of course, this entry is not about cannibals, clowns or peculiar appetites – it’s about what to do when you find a suspicious file on a machine, especially if that machine has been acting strangely and you think something …
Intrusion Detection – not just for the enterprise
Intrusion Detection can really be a variety of technologies – NIDS, IPS, HIPS (Network Intrustion Detection, Intrusion Prevention System, Host Intrusion Prevention System). The difference between these is pretty straight-forward, NIDS uses a sensor or sensors to monitor network traffic and alert on anomalies, detection is usually signature-based. IPS is a NIDS setup that is …
Continue reading “Intrusion Detection – not just for the enterprise”
RU listening?
Russia to try to clean-up it’s .ru TLD. I mean – file this under “about time” – that top level domain has become synonymous with malware, spam and criminal activity. It’s a great concept if put into action and enforced, so we will have to wait and see. read the article
Taking down the botnets
Botnet, by and large, are responsible either directly or indirectly, for most of the malicious activity on the internet. When it’s spam, viruses, drive-by downloaded, rogueware, scareware or all-out DDoS attacks, these large, distributed networks of zombie computers are usually behind it. Recently a couple of the big ones have been taken down (or at …