Oct 23, 2012
Incident Response in 3.08 MB - Always nice to see folks, like our good friend and Stogie Geeks co-host Tim Mugherini, writing about tools that work. This product just sounds useful: The idea behind Carbon Black (CB) is to monitor code execution. A small Windows agent is deployed to each host throughout the enterprise. This agent hashes each process, monitors the sub processes, module loads, registry edits, file writes, and network connections. Digital signatures and the activity of each binary is stored on the CB server.
National Weather Service Hacked - In other news, snow storms are
reported in Miami, earthquakes in the mid-west, and its been
raining in San Diego for 3 weeks straight, but sunny and 75 in
Seattle. CSRF and XSS strike again!
The Importance of Security Awareness - User awareness is still
kicking around, and everyone seems to have a different take. One
thing we all agree on is that it leaves gaps, which is why you need
other stuff to protect your organization. After exploring this
topic, I am of the opinion that you need an awareness program.
There are several companies providing this type of service, go seek
them out, get a solution to educate your users that fits you, and
your budget/ROI, and run with it. I firmly believe this is
something everyone needs to have, just like a firewall or IDS (as
lame as that sounds). Know how much return each defensive measure
provides and use it accordingly.
Zero-day attacks last much longer than most would believe - This speaks to the huge problem we have with software security. On average, its takes 10 months to uncover a 0day vulnerability. Yikes, 10 months is a long time and a lotof damage will occur.
Pacemaker hacker says worm could possibly 'commit mass murder' | Computerworld Blogs - Barnaby Jack strikes again, in what could be a huge problem. This is something that has always bothered me, what happens when criminals take advantage of technology to damage people? Sure, many evil hacking groups launch DoS attacks and break into places like Sony. Thats the least of our worries, as when attacks can affect people's health and well-being on a mass scale, its a game changer. We've seen some car hacking stuff, but pacemakers hit the "heart" of the matter. The response seems to be as much diluted as it always has been, lots of finger pointing and disbelief.