Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Tenable Network Security Podcast - Episode 25

Welcome to the Tenable Network Security Podcast - Episode 25



  • Detecting the TDSS/TDL3/Tidserv rootkit with Nessus (Login Required) - This is really great usage of an audit file! It searches the Windows registry for keys associated with the rootkits and alerts on it. This is the rootkit that was causing the "Blue Screen Of Death" problems when users applied some of the recent Microsoft patches. Nessus ProfessionalFeed customers can download the audit file and use it to detect this rootkit in your environment before applying the patches from Microsoft.
  • New Internet Explorer Vulnerability - This is perhaps one of my favorite vulnerability write-ups in a long time. First it states, "a user on the target system needs to be convinced to press the F1 key in response to a pop up dialog box on a specifically prepared website" and then goes on to say "As of now all users need to remember is to not press F1 when they are accessing websites." Can we just remove the F1 key from the keyboard?
  • SCADA Devices on Verizon and Other Wireless Networks - This is interesting, as I have been doing some of my own research in this area. Many SCADA security tactics rely on the so-called "air-gapped" network. This usually does not work out so well when stuff needs to actually talk to other stuff. So slowly they creep onto the network, but since the assumption is that it's "Air-gapped" no one really bothers to look for these devices on the network. Also, since it's a "harmless" embedded system people will assume that they do not have to secure it, so they leave default passwords. This is just a bad combination! Take time to secure everything in your environment and apply your security strategy to all systems, even the embedded ones.
  • GuestStealer Information Wrapup - This is a great summary post of all of the information surrounding the guest stealing vulnerability released at Shmoocon. Nessus was used to detect a directory traversal vulnerability that lead to multiple vulnerabilities in VMware systems that could allow an attacker access to download the entire collection of guest operating systems on the host. Nessus has new checks that look for this specific vulnerability as well.

Download Tenable Podcast Episode 25