Tenable Network Security Podcast Episode 173 - "VMware vCenter Patching, Detecting Vulnerable Browsers"

June 13, 2013
by Paul Asadoorian

Welcome to the Tenable Network Security Podcast Episode 173

Announcements

Discussion & Highlighted Plugins

VMware vCenter Patching

  • This week, Tenable released two plugins affecting VMware vCenter. If you are running this product, you must patch this—vCenter is the foundation to your foundation. Successful attacks not only grant the attacker access to the hypervisor, they grant access to all your hypervisors. An attacker with access to the hypervisor has "virtual physical access." For example, downloading the snapshots from your VMware servers is similar to physically sitting in front of your computer. Designing an architecture that allows you to easily patch the virtual infrastructure is not all that easy. While this is certainly technically feasible, the challenges come with a price tag of having multiple, redundant virtual environments. How can we build a cost-effective and low-security-risk virtual infrastructure?

Detecting Vulnerable Browsers

  • You can't have too many checks and balances when it comes to keeping browsers up-to-date with patches. For example, I use Google Chrome on OS X, and set it up to update automatically. Most people are not like me and don't keep up with all the latest vulnerabilities. So, it's very easy to never realize something needs to be updated. Now, multiply this problem by thousands of desktops, virtual machines, and devices that run a web browser. Turns out my browser was in a funky state, and I had to reinstall the updater. Having something like Tenable PVS would help, always telling me which of my machines and devices need updating. Even if I think they're updated, the User-Agent typically doesn't lie (unless you are telling it to). How do you keep your browsers up-to-date? Are there other circumstances which may cause patches to not be applied correctly?

Vulnerability Trending Using Scanning, Sniffing, and Logging

  • I really like this SecurityCenter dashboard. If I was responsible for network security, I'd use it. Being able to pull from three different sources to get vulnerability data is really powerful. Few things are able to hide. I really like that since vulnerabilities can be deceptive, and it's the ones you miss that get exploited. This is what a penetration test does, finds those vulnerabilities in the dark, dusty corners that you missed.

New & Notable Plugins

Nessus

Passive Vulnerability Scanner

SecurityCenter Dashboards and Report Templates

Security News Stories

  1. IPv6 Under Attack?
  2. Guy Hacked His House To Have Its Own Twitter Feed
  3. Microsoft Borks Botnet Takedown In Citadel Snafu
  4. Android Trojans spread by Bluetooth, hijack bank codes
  5. 12 Endpoint Security Myths Dispelled