Good Time to Evaluate Patch Management

Interesting to note tomorrow is 2 weeks from Patch Tuesday November 11th (2nd Tuesday of month) and 2 weeks from patch Tuesday in December (the 9th). So it is a perfect time for reflection – thus we review a discussion of the November 2014 patch Tuesday  in SecurityWeek. It means to give direction for companies that … Read more

Free Public Databases – Should they be used at all?

Internet Storm Center has a post today noting the update to Burp Suite an excellent vulnerability analysis of Websites as a proxy server. While checking the update the storm center noted the inclusion of NoSQL injection  in the update. At the same time why is this important? because of the prevalence  of public databases or “Bigdata” … Read more

Microsoft issues out-of-band patch – but wait for now.

MS14-068 has been issued an out-of-band patch, as mentioned at Darkreading This is a Server patch – for Windows 2008, and Windows 2012 patch, this is a critical patch due to Kerberos authentication  needing this fix. SANS Dr. Ullrich has a statement: ” Ullrich says privilege escalation rarely gets the critical rating because the step of … Read more

The Schannel vulnerability MS14-066 details

beyondtrust.com has the information MS14-066 was patched in November patch Tuesday (Nov 11).  and here is the details: Unfortunately for those machines that do not patch regularly, the Microsoft patch allows the reverse engineer to figure out what was patched and then create a hack/Proof of Concept – POC)   We can now see that … Read more

Is malware in your network?

How can you tell if malware is in your network? As the PCRE post at Internet Storm Center says: You can check your logfiles for certain signatures using “Perl Compatible Regular Expressions” (PCRE) Perl is a scripting programming language perl.com gets into some of it’s details. Of course that assumes you have a proxy server and … Read more