Monday, July 31, 2006
Wednesday, July 26, 2006
Tuesday, July 25, 2006
Tuesday, July 18, 2006
Monday, July 17, 2006
Core Debian server compromised
Pretty straightforward - Debian was broken into (again). Post mortem revealed the compromise was the result of a local kernel exploit and weak user passwords. Without getting into a long winded rant here, but again this is clear example of why in many cases you can spend millions if not billions of dollars on security tools and architectures to mitigate all of your risks but the common compromise is the result of the abstract - you, the average user, developer or administrator. Just like physical security flaws, security begins to dissolve at the abstract human layer when Joe Schmo doesn't adhere to the recommendations or warnings and still plunges away with whatever. Many security researchers continuously focus on the coveted remote exploit for whatever common daemon/service you dare to run. If you talk to anyone who does penetration testing for a living, they'll gladly trade any one of those remote exploits for a solid internal local exploit simply because getting access is pretty trivial. You just have to evaluate all of the links of the chain, take advantage on that single one chain from a distance and then work your way up from there. This will bypass your IPS, Anti-X, HIPS, and Managed Security Operations center 100 out of 100 times.
Wednesday, July 12, 2006
Phishing Filters
Here's one blog link about the new filtes in IE7 that help protect against Phishing as well as the Google toolbar for Firefox users.
Monday, July 10, 2006
Fuzzers
Here's a link to some useful binary protocol analysis fuzzers written by someone who used to work on Cisco's Critical Infrastructure Assurance Group.
Friday, July 07, 2006
Subscribe to:
Posts (Atom)