Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Tenable Network Security Podcast - Episode 73

Welcome to the Tenable Network Security Podcast - Episode 73

Hosts: Paul Asadoorian, Product Evangelist, Carlos Perez, Lead Vulnerability Researcher and Ron Gula, Tenable CEO/CTO

Announcements

Stories

  • Outbound SSH Traffic from HP Blade Servers - In this case it appears to be a bug, but what if it wasn't? I believe we need to keep close tabs on network connections in our environment. I'm a huge fan of Netflow analysis, largely because if you are attacking anything on the network, you need to make a connection. It's a difficult thing to get around (provided you do not have physical access to a medium that is not being monitored, such as 3G or some other wireless protocol). Also, it raises a scary situation where devices are pre-owned, meaning that during the manufacturing process attackers placed backdoors on the systems. Network monitoring can help identify these channels. For example, you should be able to spot your networking gear's management interfaces attempting to make connections out to the Internet.

  • Microsoft Internet Explorer Lets Remote Users Spoof the Address Bar - Quite a few years ago I was researching this type of vulnerability. It largely goes unnoticed, as we tend to pay attention to remote exploits, XSS and SQL injection. However, tricking the end-user can be very profitable (in more ways than one) by attackers. Presenting a web site that appears to go to a site that would be trusted by the user, such as Google, is a very powerful feature. The research I was doing pointed out several different flaws in popular browsers that allowed attackers to spoof the address and status bars. The vulnerability referenced here, according to the article, does not have a patch.

  • pwn2own Competition Will Be Harder Due to Patch Release for WebKit - The "pwn2own" competition always brings out some fun vulnerabilities and exploits. On one hand though, it does influence some people to find vulnerabilities, hold on to them (i.e. not tell the vendor), and then release them at CanSecWest. However, that is a showcasing of skills to find and maintain a vulnerability for a long period of time, and shows that vendors aren't doing the best job they can in finding flaws in their own software. Apple's WebKit, the browser engine that powers Safari and iTunes, typically falls victim during the contest, and likely will again even though they've patched.

  • Every Windows Security Event Log Documented - It's one thing to collect logs, but it's another to know what they actually mean. This post will help you better understand your Windows event logs using old-fashioned documentation. Let's get back to basics and start reading, and understand what our systems are doing rather than relying on magic or spiritual rituals.

  • Facebook Scam! BTW, follow us on Facebook - The whole Facebook thing is really funny. Facebook just keeps growing, and as it grows it breeds all new scams. This scam tries to lure you in by promising a video of a man who took a picture of his face every day for 8 years. Sounds interesting, but really just delivers you some malicious JavaScript. Oh, you can follow us on Facebook too, if you dare! Despite the dangers, people will still use Facebook! It happens at least a few times a month: one of my friends or family members sends out the message "please don't click any links from me, I got a virus". You can tell people, "don't use it", but chances are no one will listen, including your employees. I encourage all of us to use Facebook, and help come up with usable and creative ways of using it safely.

Related Posts

Subscribe to the Tenable Blog

Subscribe
Try for Free Buy Now

Try Tenable.io

FREE FOR 30 DAYS

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Sign up now.

Buy Tenable.io

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

65 assets

$2,275

Buy Now

Try for Free Buy Now

Try Nessus Professional Free

FREE FOR 7 DAYS

Nessus® is the most comprehensive vulnerability scanner on the market today. Nessus Professional will help automate the vulnerability scanning process, save time in your compliance cycles and allow you to engage your IT team.

Buy Nessus Professional

Nessus® is the most comprehensive vulnerability scanner on the market today. Nessus Professional will help automate the vulnerability scanning process, save time in your compliance cycles and allow you to engage your IT team.

Buy a multi-year license and save. Add Advanced Support for access to phone, email, community and chat support 24 hours a day, 365 days a year. Full details here.

Try for Free Buy Now

Try Tenable.io Web Application Scanning

FREE FOR 30 DAYS

Enjoy full access to our latest web application scanning offering designed for modern applications as part of the Tenable.io platform. Safely scan your entire online portfolio for vulnerabilities with a high degree of accuracy without heavy manual effort or disruption to critical web applications. Sign up now.

Buy Tenable.io Web Application Scanning

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

5 FQDNs

$3,578

Buy Now

Try for Free Contact Sales

Try Tenable.io Container Security

FREE FOR 30 DAYS

Enjoy full access to the only container security offering integrated into a vulnerability management platform. Monitor container images for vulnerabilities, malware and policy violations. Integrate with continuous integration and continuous deployment (CI/CD) systems to support DevOps practices, strengthen security and support enterprise policy compliance.

Buy Tenable.io Container Security

Tenable.io Container Security seamlessly and securely enables DevOps processes by providing visibility into the security of container images – including vulnerabilities, malware and policy violations – through integration with the build process.

Learn More about Industrial Security

Get a Demo of Tenable.sc

Please fill out the form below with your contact information and a sales representative will contact you shortly to schedule a demo. You may also include a short comment (limited to 255 characters). Please note that fields with asterisks (*) are mandatory.

Try for Free Contact Sales

Try Tenable Lumin

FREE FOR 30 DAYS

Visualize and explore your Cyber Exposure, track risk reduction over time and benchmark against your peers with Tenable Lumin.

Buy Tenable Lumin

Contact a Sales Representative to see how Lumin can help you gain insight across your entire organization and manage cyber risk.