Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Tenable Blog

Subscribe

Tenable Network Security Podcast - Episode 32

Welcome to the Tenable Network Security Podcast - Episode 32

Hosts: Paul Asadoorian, Product Evangelist & Kelly Todd, Compliance Analyst

Announcements



Stories

  • Using "grep" to Find Vulnerabilities in Web Applications - Most tend to believe that finding vulnerabilities requires a degree in computer science and knowledge of assembly language (I tend to picture the person's keyboard as having only two keys, one labeled with a "0" and the other with a "1"). However, this is certainly not the case as shown in this post from the folks over at Bonsai Sec (the creators of w3af). They searched through a software package's source code using Bash commands and were able to uncover a remote command execution vulnerability. Pretty sweet!
  • Remotely Exploitable Network Cards! - This attack works by sending packets to a system, which in turn exploits a buffer overflow vulnerability on the network card itself. The network cards have their own memory and RISC-based processor. This means that code can survive a reboot, and potentially access memory directly before the operating system (or even boot loader) loads. The result is a system compromise that can work its way around several layers of protection, and say "so long" to the days where you can just reformat the machine and start fresh. What do we do now? Do we have to include a re-flash of the hardware as well? Is this even possible on such devices as network cards? (For example, some printers ship with static firmware, meaning the end-user is given no means to update it unless they are handy with a soldering iron!).
  • Apache.org's Write-Up of How They Got Hacked - I believe that all organizations that suffer a security breach should do this type of write-up. I'm not saying that you have to post it publicly, but circulate it internally for sure. The four most important questions that you should be answering are "What Happened?", "What Worked?", "What didn't work?" and "What are we changing?". The list of what didn't work is usually much longer than the list of what did work. The most important thing is to change something for the better and really pay close attention to the "lessons learned". Otherwise, the breach is just going to happen again! Too many organizations rush through incident response and "just get it cleaned up" without analyzing the incident and truly understanding why it happened and applying those lessons to their security strategies. This applies in different scenarios such as martial arts. It's inevitable that no matter how good you are, if you are in a fight you're going to get hit. The best defense is to just not be there in the first place to get hit. When that fails, you have to be conditioned to take the hit without absorbing too much damage. Once the match is over, your coach should analyze why you got hit and adjust accordingly (for example, maybe you were too slow and should cut back on your beer consumption).
  • How to Get Started In Information Security, the New School Way - There is a lot to be said on the topic of getting your start in information security. I wrote an article on this subject some time ago and hoped that it helped people. There have been several other articles on this topic and I strongly suggest that if you are new to the field that you read them, and take from them the items that will help you the most. Each person is different; some people make certifications work for them, others are good programmers and contribute code, and some prefer to contribute to existing projects. The most important thing to know is to do what works best for you, and there is nothing wrong with trying something and failing or deciding you don't like it. It's all part of the process.
  • Vulnerable Sites Database - This is an interesting site that has been posting information about sites that contain web application vulnerabilities. They post the main URL to the site along with the vulnerability that was found, but no further information. This is a slippery slope in my opinion. On one hand, they are publicly pointing out vulnerabilities, which can be effective in getting things fixed. On the other hand, they are also giving attackers a way to easily find targets. Furthermore, there is no way to know if the owners of the sites are aware that their web application is vulnerable.

Related Articles

Cybersecurity News You Can Use

Enter your email and never miss timely alerts and security guidance from the experts at Tenable.

Tenable Vulnerability Management

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy.

Your Tenable Vulnerability Management trial also includes Tenable Lumin and Tenable Web App Scanning.

Tenable Vulnerability Management

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

100 assets

Choose Your Subscription Option:

Buy Now

Tenable Vulnerability Management

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy.

Your Tenable Vulnerability Management trial also includes Tenable Lumin and Tenable Web App Scanning.

Tenable Vulnerability Management

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

100 assets

Choose Your Subscription Option:

Buy Now

Tenable Vulnerability Management

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy.

Your Tenable Vulnerability Management trial also includes Tenable Lumin and Tenable Web App Scanning.

Tenable Vulnerability Management

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

100 assets

Choose Your Subscription Option:

Buy Now

Try Tenable Web App Scanning

Enjoy full access to our latest web application scanning offering designed for modern applications as part of the Tenable One Exposure Management platform. Safely scan your entire online portfolio for vulnerabilities with a high degree of accuracy without heavy manual effort or disruption to critical web applications. Sign up now.

Your Tenable Web App Scanning trial also includes Tenable Vulnerability Management and Tenable Lumin.

Buy Tenable Web App Scanning

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

5 FQDNs

$3,578

Buy Now

Try Tenable Lumin

Visualize and explore your exposure management, track risk reduction over time and benchmark against your peers with Tenable Lumin.

Your Tenable Lumin trial also includes Tenable Vulnerability Management and Tenable Web App Scanning.

Buy Tenable Lumin

Contact a Sales Representative to see how Tenable Lumin can help you gain insight across your entire organization and manage cyber risk.

Try Tenable Nessus Professional Free

FREE FOR 7 DAYS

Tenable Nessus is the most comprehensive vulnerability scanner on the market today.

NEW - Tenable Nessus Expert
Now Available

Nessus Expert adds even more features, including external attack surface scanning, and the ability to add domains and scan cloud infrastructure. Click here to Try Nessus Expert.

Fill out the form below to continue with a Nessus Pro Trial.

Buy Tenable Nessus Professional

Tenable Nessus is the most comprehensive vulnerability scanner on the market today. Tenable Nessus Professional will help automate the vulnerability scanning process, save time in your compliance cycles and allow you to engage your IT team.

Buy a multi-year license and save. Add Advanced Support for access to phone, community and chat support 24 hours a day, 365 days a year.

Select Your License

Buy a multi-year license and save.

Add Support and Training

Try Tenable Nessus Expert Free

FREE FOR 7 DAYS

Built for the modern attack surface, Nessus Expert enables you to see more and protect your organization from vulnerabilities from IT to the cloud.

Already have Tenable Nessus Professional?
Upgrade to Nessus Expert free for 7 days.

Buy Tenable Nessus Expert

Built for the modern attack surface, Nessus Expert enables you to see more and protect your organization from vulnerabilities from IT to the cloud.

Select Your License

Buy a multi-year license and save more.

Add Support and Training