Last week Dragos Ruiu described a new kind of malware that can spread without network connectivity. Named badBIOS, this malware supposedly uses ultrasonic communications through speakers to communicate with other hosts. This raised a lot of eyebrows, even among us jaded consultants at Anitian.
So, is badBIOS for real? Maybe not, but the origin of badBIOS could be very real.
“I told you this would happen!” The board room goes silent as the executive team contemplates the events unfolding before them. There has been a serious data breach and the situation is escalating. Everybody is tense. The security team’s warnings about server vulnerabilities were ignored…why?
The middle of a serious security breach is not the time to discover that management ignores you. Unfortunately, it is often a serious incident that uncovers this problem (as well as precipitating it.) The question arises then, how do you get management to listen to security teams, when all they seem to care about is budgets, strategic initiatives, and meetings? The answer to this challenge lies in understanding why people pay attention to anything.
The PCI –DSS 3.0 draft is out and the changes are significant. However, when we parse out the new standard, there are really only six new requirements (and one of those is a just a augmenting an existing requirement). Anitian analyzed these six new standards along with the supporting material and the results are promising.
The curriculum of business schools are filled with case studies of companies that took short cuts to become competitive and accomplished the exact opposite. For the information security world, there is a similar “penny-wise, pound-foolish” behavior in the notorious “Checkbox Assessment.” These are security or compliance assessments that have little basis in reality and are merely done to check off requirements and “get them out of the way.” This is a profoundly dangerous and deceptive approach to information security, yet it is extremely common.
Why is something so dangerous, with ample examples of that danger, so common? The answer, like so many business problems is a toxic stew of deception, ignorance, and greed. Continue reading
Today Cisco announced they are acquiring Sourcefire in what can be seen as an inevitable event. What does this mean to the security industry? It means the party is over for Snort while Cisco becomes a honest player in the security market.
Posted in Industry Analysis
Tagged Bluecoat, Checkpoint, Cisco, Cisco Aquistions, IDS, IDS/IPS, IPS, Juniper, McAfee, NGFW, Palo Alto Networks, Snort, Solara, Sourcefire, Thoma Bravo, TippingPoint, Tripwire, UTM
In my travels as a consulting network engineer, I frequently encounter system and network administrators who have never heard of Nmap. This surprises me since Nmap has been around a very long time and used everywhere. Nmap is one of the tools I use most frequently. However, with all of its power and flexibility, Nmap is not exactly user friendly. With WinMap, now Nmap can be easy to use.