A Lesson in Cloud

A recent Threatpost article http://threatpost.com/en_us/a3t where Greg Hoglund comes pretty close to ranting about the actions of Anon and that they did not “hack” HBGary – they just weaseled their way into the HBGary Google account – does illuminate some of the issues with using Cloud services. You see, Greg tried to do some damage …

Microsoft ASP.Net OOB Patch

sorry to interrupt the flow of the Making the Web Work for You series, but this is somewhat important. Microsoft issued a patch last week for the outstanding .Net issue that could pose a significant threat to those of you with Internet facing IIS servers. Although all .Net systems are vulnerable, the affected IIS boxes …

Intrusion Detection – not just for the enterprise

Intrusion Detection can really be a variety of technologies – NIDS, IPS, HIPS (Network Intrustion Detection, Intrusion Prevention System, Host Intrusion Prevention System).  The difference between these is pretty straight-forward, NIDS uses a sensor or sensors to monitor network traffic and alert on anomalies, detection is usually signature-based.  IPS is a NIDS setup that is …

Taking down the botnets

Botnet, by and large, are responsible either directly or indirectly, for most of the malicious activity on the internet.  When it’s spam, viruses, drive-by downloaded, rogueware, scareware or all-out DDoS attacks, these large, distributed networks of zombie computers are usually behind it. Recently a couple of the big ones have been taken down (or at …

Anti-Virus to become obselete?

Who doesn’t run anti-virus these days (ok all you Mac users put your hands down) – the use of anti-virus, or anti-malware applications is practically a given, to the point where it seems that no matter how poorly it may perform, we keep using it.  AVG itself declares that only 3% of today’s viruses are …