Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Tenable Network Security Podcast - Episode 29

Welcome to the Tenable Network Security Podcast - Episode 29

Announcements


Stories

  • Why I Use Firefox - At the recent "Pwn20wn" contest at CanSecWest security conference, a researcher known as "Nils" successfully exploited Mozilla Firefox 3.6.2, bypassing Windows operating system defenses such as ASLR and DEP. This is truly quite the accomplishment, and as the article states: a motivated attacker will find ways to bypass defenses. All browsers were exploited in the "Pwn20wn" contest, including Internet Explorer and Safari (but possibly not Chrome... we're still researching!). However, Mozilla has already fixed the bug that led to this vulnerability and released the patch. Both Microsoft and Apple are still "taking it into consideration". This is why I run Firefox; there is no such thing as a truly "secure" web browser, so I go with the one who can crank out patches the fastest.
  • The Most Depressing Post of the Week - WHID - The Web Hacking Incidents Database is a project run by OWASP in order to track incidents that have occurred as a result of web application attacks. The post linked here is a sample of some of the entries, which include stories such as, "A mentally ill woman exploited a loophole in D.C. tax office online systems to gain unauthorized access to taxpayer accounts."
  • Scraping Time Servers - HD Moore has published a Metasploit module that will execute a DoS attack using the NTP protocol, which can be initiated with a single packet. I first heard of the NTP work HD was doing on the Risky Business podcast. At a Security B-Sides event held along side the RSA conference HD presented his research into NTP. He figured out that there are some neat features built into NTP that are not associated with keeping time. The most useful are the ability to query an NTP server and receive a list of clients that are using it to keep time, in addition to any peers of the NTP server. This allows you to map and discover many hosts on the Internet. Very cool research!
  • Certified Pre-0wned - There have been several reports of devices shipping from the factory with malware installed on them . The latest is the "Energizer trojan", which infects systems, adds itself to the startup registry key, appears to contain Chinese-created software and sets up a listener on TCP port 7777. The lesson to learn here is that no matter how well your systems are protected, malware may find its way into your network. If you are not looking for it, this does not mean it will not exist. Simply relying on anti-virus software alone is a huge mistake, as there are many factors that contribute to the effectiveness of anti-virus software (such as keeping the software and definitions updated). Regular scans using a vulnerability scanner such as Nessus (which can detect several different kinds of malware) is a good measure to add to your overall security strategy.

Related Posts

Subscribe to the Tenable Blog

Subscribe
Try for Free Buy Now

Try Tenable.io

FREE FOR 30 DAYS

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Sign up now.

Buy Tenable.io

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

65 assets

$2,275

Buy Now

Try for Free Buy Now

Try Nessus Professional Free

FREE FOR 7 DAYS

Nessus® is the most comprehensive vulnerability scanner on the market today. Nessus Professional will help automate the vulnerability scanning process, save time in your compliance cycles and allow you to engage your IT team.

Buy Nessus Professional

Nessus® is the most comprehensive vulnerability scanner on the market today. Nessus Professional will help automate the vulnerability scanning process, save time in your compliance cycles and allow you to engage your IT team.

Buy a multi-year license and save. Add Advanced Support for access to phone, email, community and chat support 24 hours a day, 365 days a year. Full details here.

Try for Free Buy Now

Try Tenable.io Web Application Scanning

FREE FOR 30 DAYS

Enjoy full access to our latest web application scanning offering designed for modern applications as part of the Tenable.io platform. Safely scan your entire online portfolio for vulnerabilities with a high degree of accuracy without heavy manual effort or disruption to critical web applications. Sign up now.

Buy Tenable.io Web Application Scanning

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

5 FQDNs

$3,578

Buy Now

Try for Free Contact Sales

Try Tenable.io Container Security

FREE FOR 30 DAYS

Enjoy full access to the only container security offering integrated into a vulnerability management platform. Monitor container images for vulnerabilities, malware and policy violations. Integrate with continuous integration and continuous deployment (CI/CD) systems to support DevOps practices, strengthen security and support enterprise policy compliance.

Buy Tenable.io Container Security

Tenable.io Container Security seamlessly and securely enables DevOps processes by providing visibility into the security of container images – including vulnerabilities, malware and policy violations – through integration with the build process.

Learn More about Industrial Security

Get a Demo of Tenable.sc

Please fill out the form below with your contact information and a sales representative will contact you shortly to schedule a demo. You may also include a short comment (limited to 255 characters). Please note that fields with asterisks (*) are mandatory.

Try for Free Contact Sales

Try Tenable Lumin

FREE FOR 30 DAYS

Visualize and explore your Cyber Exposure, track risk reduction over time and benchmark against your peers with Tenable Lumin.

Buy Tenable Lumin

Contact a Sales Representative to see how Lumin can help you gain insight across your entire organization and manage cyber risk.