Discussion of public breaches of security
Why did we get hacked? Is a common refrain after a breach. Thousands of businesses got hacked last year (and this year) as in my previous post: http://oversitesentry.com/analyzing-data-breaches-can-we-tolerate-status-quo/ We believe in our technologies, in automation in firewalls There are many aspects of potential weakness – and all weaknesses will be taken advantage of. The only way … Read more
The talk on pdf form at Defcon media servers: Inter-VM data exfiltration – The art of cache timing covert channel on x86 multi-core By Etienne Martineau a kernel developer. So how can you steal data from one instance while being on another in the same hypervisor machine – you see the … Read more
Patch Tuesday August ( 8/11/2015) Here is Microsoft patch Tuesday August 2015 edition https://technet.microsoft.com/en-us/library/security/ms15-aug.aspx How can I say that unpatched computers will get hacked? Any Metasploit pentester will tell you this. Metasploit is a nifty program (runs on Linux) that will attack computers with various attacks and payloads. It takes advantage of people who … Read more
Bart Kulach has a pdf from this year’s Defcon23 “Hack the Legacy! IBMi (aka AS/400) revealed” He recommends to check the website he set up http://www.hackthelegacy.org/ The items he has focused on are the privilege escalation issue in this slide: There are some good suggestions for a standard audit of your AD Check your group … Read more
SIEM Security Information Event Management Gartner Magic Quadrant image from http://www.gartner.com/technology/reprints.do?id=1-2J31FF4&ct=150706&st=sb Gartner What is it that we need? To protect our systems and perform functions? Good information from all of our devices. The above diagram is Gartner’s magic Quadrant for SIEM – Security Information Event Management, so the top products/companies are IBM Security, Splunk, … Read more