Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Tenable Network Security Podcast - Episode 33

Welcome to the Tenable Network Security Podcast - Episode 33

Hosts: Paul Asadoorian, Product Evangelist & Kelly Todd, Compliance Analyst

Announcements



Stories

  • Why buffer overflow exploitation took so long to mature - I am a big believer in learning from history, otherwise you are doomed to repeat it. As we all know, buffer overflow exploitation is commonplace today, even bypassing some of the more advanced defenses against it such as ASLR and DEP. What troubles me is that there are all kinds of new attack tactics and methodologies that just haven't caught on yet (such as last week's network card firmware malware). Most people ignore these attacks until they are commonplace, but by then it's too late! Defenders need to start getting ahead of the curve, and as time goes on this is a heavy requirement for success in defending against the modern attacker.
  • Privilege Escalation Without Exploits - This mini-tutorial shows you how to use Metasploit to use the SA account on MSSQL to escalate privileges to SYSTEM. There are two critical mistakes made in the system configuration. One, the cleartext SA password is left in an ASP script, and two, MSSQL is running as SYSTEM. This is a common method of privilege escalation that proves that system hardening should not be a lost art.
  • ATM Rootkit to Appear at Blackhat - Barnaby Jack has done some testing with ATMs and found security vulnerabilities. He used to work for Juniper, who would not let him speak because the vendors had not patched the flaws. He now works for IOActive and they are happy to have him speak on the topic. A year has passed since being silenced, and he now has two working exploits for ATMs from different vendors. Jeff Moss has the best quote in the article: "Apparently you can make all the money come out".
  • Little Snitch - Little Snitch is a neat little program for Mac OS X that tells you which applications are making outbound TCP/IP connections. I believe it's important for users to be aware of this behavior and understand why an application is making a connection. I will caution that this is not for the average user, but advanced users should run this tool and keep tabs on what applications are doing. There is so much software out there that we cannot analyze all of its behavior, but if we split up the workload and share information, we can seek out evil or Trojaned applications and cut the malicious behavior short.
  • It Can Happen To Anyone - A well-executed phishing attack can be successful against even the most cautious users. It's scary to think that this is true, but it most certainly is. Even if you keep everything all patched and up-to-date, attackers are going after your credentials and the security of a web application is completely out of your control. For example, a persistent XSS attack is all I need to harvest user credentials on a web site (similar to the Apache breach last week).
  • Phpnuke compromised! - As if PHP security wasn't difficult enough, a content management system called "phpnuke" had its web site compromised. It was discovered to be distributing malware via a hidden iFrame. Scary quote of the week: "The downloaded executable is detected by 12% of antivirus products, according to VirusTotal."

Related Posts

Subscribe to the Tenable Blog

Subscribe
Try for Free Buy Now

Try Tenable.io

FREE FOR 60 DAYS

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Sign up now.

Buy Tenable.io

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

65 assets

$2,275.00

Buy Now

Try for Free Buy Now

Try Nessus Professional Free

FREE FOR 7 DAYS

Nessus® is the most comprehensive vulnerability scanner on the market today. Nessus Professional will help automate the vulnerability scanning process, save time in your compliance cycles and allow you to engage your IT team.

Buy Nessus Professional

Nessus® is the most comprehensive vulnerability scanner on the market today. Nessus Professional will help automate the vulnerability scanning process, save time in your compliance cycles and allow you to engage your IT team.

Buy a multi-year license and save

Try for Free Buy Now

Try Tenable.io Web Application Scanning

FREE FOR 60 DAYS

Enjoy full access to our latest web application scanning offering designed for modern applications as part of the Tenable.io platform. Safely scan your entire online portfolio for vulnerabilities with a high degree of accuracy without heavy manual effort or disruption to critical web applications. Sign up now.

Buy Tenable.io Web Application Scanning

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

5 FQDNs

$3,578.00

Buy Now

Try for Free Contact Sales

Try Tenable.io Container Security

FREE FOR 60 DAYS

Enjoy full access to the only container security offering integrated into a vulnerability management platform. Monitor container images for vulnerabilities, malware and policy violations. Integrate with continuous integration and continuous deployment (CI/CD) systems to support DevOps practices, strengthen security and support enterprise policy compliance.

Buy Tenable.io Container Security

Tenable.io Container Security seamlessly and securely enables DevOps processes by providing visibility into the security of container images – including vulnerabilities, malware and policy violations – through integration with the build process.

Learn More about Industrial Security

Get a Demo of Tenable.sc

Please fill out the form below with your contact information and a sales representative will contact you shortly to schedule a demo. You may also include a short comment (limited to 255 characters). Please note that fields with asterisks (*) are mandatory.