Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Tenable Network Security Podcast - Episode 56

Welcome to the Tenable Network Security Podcast - Episode 56

Hosts: Paul Asadoorian, Product Evangelist & Kelly Todd, Compliance Analyst

Announcements

Stories

  • SCADA Vendors Still Need Security Wake Up Call - Security researcher and member of the Tenable Research Team Jeremy Brown brings light to vulnerabilities in SCADA systems. I have been observing this behavior from vendors for quite some time (and not just in SCADA) and that is they don't want to admit there is a problem. You can look at this two ways: if I want to take over the world and cause mass hysteria and carnage, I could write exploits for control systems and take them over. Then again, finding a 0-day vulnerability in Windows XP and writing an exploit for it could have the same results. However, the general "feeling" I get from SCADA vendors is they are very distant from the security culture and processes. This has to change.
  • Cross-platform malware runs on Windows, Mac and Linux - This malware pretends to show you a video; it turns out it's a slide show from "Hot or Not" and in the background the malware installs a Java applet, asks you to trust it, and if you click "Allow" it downloads files to your computer and runs them. This is a very scary technique that has been most effective, both for penetration testers and evil bad guys alike.
  • iPhone, meet Wireshark - Capturing Traffic from Mobile Devices - You could really do this with any mobile phone. It could be fun to open multiple applications and see what data they are sending and receiving, and identify if encryption is or isn't being used.
  • BIOS Password Backdoors in Laptops - It really amazes me how vendors can just forget about security completely. According to this article, if you enter an incorrect BIOS password 3 times most systems will display a warning message that says "System Disabled" along with a checksum value. The checksum value can then be used to derive the real password via cracking methods published in several scripts released by the author.
  • Evilgrade gets an upgrade - There are now 63 modules in the Evilgrade framework, allowing attackers to intercept the update process of several popular applications and install software of their choosing. You do need to be "in the middle" to make this attack happen, however it can easily bypass antivirus and give you access to fully patched systems, or even turn a fully patched system in to a not-so-fully-patched-system.
  • [Insert Token Adobe Zero Day Vulnerability Warning Here] - End of message. No, seriously, there are more flaws being found in Adobe products, including Flash and Reader. My only suggestion is to take a look at FX's presentation from Black Hat 2010 called "Countering Flash Exploits". The overview is that they are working on software that looks at what an application does, such as Flash or a PDF document, then re-writing it and only allowing the functions that are being implemented. Think of it as a sandbox that is customized for every document and application. This technology has a good chance of creating a more secure computing environment for many.

Related Posts

Subscribe to the Tenable Blog

Subscribe
Try for Free Buy Now

Try Tenable.io

FREE FOR 60 DAYS

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Sign up now.

Buy Tenable.io

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

65 assets

$2,275.00

Buy Now

Try for Free Buy Now

Try Nessus Professional Free

FREE FOR 7 DAYS

Nessus® is the most comprehensive vulnerability scanner on the market today. Nessus Professional will help automate the vulnerability scanning process, save time in your compliance cycles and allow you to engage your IT team.

Buy Nessus Professional

Nessus® is the most comprehensive vulnerability scanner on the market today. Nessus Professional will help automate the vulnerability scanning process, save time in your compliance cycles and allow you to engage your IT team.

Buy a multi-year license and save

Try for Free Buy Now

Try Tenable.io Web Application Scanning

FREE FOR 60 DAYS

Enjoy full access to our latest web application scanning offering designed for modern applications as part of the Tenable.io platform. Safely scan your entire online portfolio for vulnerabilities with a high degree of accuracy without heavy manual effort or disruption to critical web applications. Sign up now.

Buy Tenable.io Web Application Scanning

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

5 FQDNs

$3,578.00

Buy Now

Try for Free Contact Sales

Try Tenable.io Container Security

FREE FOR 60 DAYS

Enjoy full access to the only container security offering integrated into a vulnerability management platform. Monitor container images for vulnerabilities, malware and policy violations. Integrate with continuous integration and continuous deployment (CI/CD) systems to support DevOps practices, strengthen security and support enterprise policy compliance.

Buy Tenable.io Container Security

Tenable.io Container Security seamlessly and securely enables DevOps processes by providing visibility into the security of container images – including vulnerabilities, malware and policy violations – through integration with the build process.

Learn More about Industrial Security

Get a Demo of Tenable.sc

Please fill out the form below with your contact information and a sales representative will contact you shortly to schedule a demo. You may also include a short comment (limited to 255 characters). Please note that fields with asterisks (*) are mandatory.