Oversite Sentry – Page 115 – Explaining Security

New Google Chrome vulnerability

Patch your Google Chrome –

From cve.mitre.org

Why would a Google Chrome vulnerability be important? because if you happen to bump into a nefarious website

(unbeknown to you) it will affect your Google Chrome and then little by little the hacker will gain more information.

Pretty soon there will be open ports that you may not know about and those ports are “phoning home” to the master.

Scan your systems(with A or Σ) to see if you have rogue applications on your systems.

Linksys E1200 vulnerable – needs patching

Internet Storm Center has captured the Linksys E1200 exploit.

This is another reason to patch your systems, and if you don’t the bad hackers out there will use your machine for their ends.

A full Packet Capture of the exploit has a link in ISC in case you want to review.

The security dilemma

Information Security has a dilemma:

the problem is that we don’t want to be seen(interfere) with whatever the user wants to do, but yet there

need to be secure transactions. The security of our network and applications need to be part of Information technology actions.

The website, email and network traffic needs to get where it is supposed to go without interference or eavesdropping.

But in network security we have many types of grey areas.

False positives, negatives, and many Heisenberg principle issues (i.e. if you want to view network traffic you may be altering the traffic itself)

Was breach at Target internal or a vendor?

X-force has information on the specific malware that breached the Point of Sale terminals (POS).

The Internet Storm Center has an interesting comment,which is discussed in their newssummary section.

Is a refrigeration vendor ultimately to blame for the target breach?

This brings up another point – your vendors better have good security, as the weakest link in the chain breaks and allows the criminals in.

Are all viruses detectable with AntiVirus?

If all viruses were detectable with antivirus then malware would be easily found and no more hacks would happen.

Some viruses are hard to detect on purpose. They evade antivirus software, system administrators and other software.

But a scan of a system will show a port open which requires further analysis. Because the virus or malware wants to phone home, well it has to have a port open to do that.

Now we can find it: with Sigma

or Alpha