Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Tenable Network Security Podcast - Episode 24

Welcome to the Tenable Network Security Podcast - Episode 24

Announcements


Interview: Ron Gula

Ron Gula comes on the show to talk about Security Center 4 and give some examples on how you can use the new features to manage security, vulnerabilities and alerts in your environment.

SC_BU.png

Stories

  • Top five idealistic security recommendations - This article highlights some of that major downfalls in most organization's security strategies. The short of it is we expect users not to open attachments, not to surf to "bad" web sites, never use "social networking" web sites, use good passwords for everything and apply all software patches as soon as the are released. These are unreasonable expectations for sure. The nature of computing in most organizations needs to change or computers will continually be compromised by attackers. Many people have been writing and talking about revoking rights of computer users in the workplace, and this seems like the only sane notion to secure the desktop. While users will self-regulate to a point, they need more help to keep their computer from attackers because there is too much at stake. There once was a time when attackers did not have as much to gain, and you could get away with the idealistic security recommendations. Now, attackers are making big business out of Internet crime, and its time that we adapt our security policies to reflect the times.
  • Beware Of The Chuck Norris Worm! - Details are light on how the infections are happening, but there is a work spreading that infects user's routers rather than the PCs. This is very timely as it will be included in my upcoming presentation at SOURCE Boston. I chose the topic for my talk well before this story broke. This further underscores my point that attacking embedded systems can yield far better results than attacking a PC and accomplish the same goals. The "Chuck Norris" worm spreads by installing itself on wireless routers that are exposed to the Internet and using default passwords. It also has been reported to exploit a vulnerability in D-Link routers, most likely the HNAP vulnerability that was posted not too long ago. I will have the full details of my thoughts, research and suggestions for improvement in the area of embedded systems security at my talk. For now, I will leave you with on of my favorite Chuck Norris quotes: "When the boogeyman goes to sleep, he checks his closet for Chuck Norris"
  • Spike In Power Grid Attacks Likely In Next 12 Months - Sure its a snazzy title, but how likely are attacks and what protections are being put in place? Scarce on details, this article does have a quote that reads, "Some companies say there's never been a successful attack against the grid...". My question is, if the attack was truly successful, how would you know if there was such an attack? To me, a successful attack occurs without being detected. There are, of course, ways to attack the grid that would draw attention, such as denial of service. However, the new "Smart Grid" has a model where you can "sell back" your unused power to the utility company. So, if you are conserving energy you will get a credit on your bill. What if I trick the system into thinking my power consumption is less, when in reality I am running electric heaters and a server farm in my basement? I also found this quote very interesting, "The [traditional] power grid today is extremely vulnerable. I could turn off the lights in a major metropolitan area, and they would not come back on for a very long time. You don't need a computer -- just something you could buy at your local hardware store," he says. "Putting a smart meter on everyone's home doesn't make the grid more vulnerable. It just opens up another window that requires a higher level of sophistication [to breach]." I think one thing missing from this statement is geographic location. Sure, I could go to the hardware store and rig some stuff up in my house to disrupt power on the grid. However, with smart meters connected to the network the world is now able to access the hardware, opening up your potential attackers from thousands, to millions of people.
  • Bypassing Anti-Virus
  • - There are many ways for attackers to bypass anti-virus software. The method documented here takes a payload and embeds it into an already trusted executable, which makes it extremely difficult to detect. You should not rely on anti-virus software as a main line of defense. In order to detect malware, you need to analyze behavior, on the system and the network, in order to detect it. For example, your chances of detecting malware using rootkit technologies on the system are pretty slim. However, if new accounts are created and/or accessed, systems are talking to the Internet on strange ports, or other activities are noticed in the logs, you have a much better chance.

Related Posts

Subscribe to the Tenable Blog

Subscribe
Try for Free Buy Now

Try Tenable.io

FREE FOR 60 DAYS

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Sign up now.

Buy Tenable.io

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

65 assets

$2,190.00

Buy Now

Try for Free Buy Now

Try Nessus Professional Free

FREE FOR 7 DAYS

Nessus® is the most comprehensive vulnerability scanner on the market today. Nessus Professional will help automate the vulnerability scanning process, save time in your compliance cycles and allow you to engage your IT team.

Buy Nessus Professional

Nessus® is the most comprehensive vulnerability scanner on the market today. Nessus Professional will help automate the vulnerability scanning process, save time in your compliance cycles and allow you to engage your IT team.

Buy a multi-year license and save

Try for Free Buy Now

Try Tenable.io Web Application Scanning

FREE FOR 60 DAYS

Enjoy full access to our latest web application scanning offering designed for modern applications as part of the Tenable.io platform. Safely scan your entire online portfolio for vulnerabilities with a high degree of accuracy without heavy manual effort or disruption to critical web applications. Sign up now.

Buy Tenable.io Web Application Scanning

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

5 FQDNs

$3,578.00

Buy Now

Try for Free Contact Sales

Try Tenable.io Container Security

FREE FOR 60 DAYS

Enjoy full access to the only container security offering integrated into a vulnerability management platform. Monitor container images for vulnerabilities, malware and policy violations. Integrate with continuous integration and continuous deployment (CI/CD) systems to support DevOps practices, strengthen security and support enterprise policy compliance.

Buy Tenable.io Container Security

Tenable.io Container Security seamlessly and securely enables DevOps processes by providing visibility into the security of container images – including vulnerabilities, malware and policy violations – through integration with the build process.

Learn More about Industrial Security

Get a Demo of Tenable.sc

Please fill out the form below with your contact information and a sales representative will contact you shortly to schedule a demo. You may also include a short comment (limited to 255 characters). Please note that fields with asterisks (*) are mandatory.