The brute is back. By the brute, I mean the SSH brute force attack. In the last month we have noticed an upturn in SSH brute force traffic targeting hosts addressed in public IPv4 address space. The highest ranking attack sources we have seen include address allocations in KRNIC, APNIC, and RIPE. In the cases [...]
At this point in time, Your organization most likely uses its website to deliver key business data to your customers. This could include the delivery of product marketing information, contact information, or product support documentation. Your product may be your website if you deliver your application in a SaaS or cloud based distribution model. As [...]
“What do I do about the vulnerable open source components installed in my commercial products?” I have been asked that question many times, and I wish the reply I had to deliver was one with a better message. Unfortunately we often find vulnerable components embedded in commercial products. Vulnerabilities that can lead to the compromise [...]
Year Number of 802.11 packets required to crack WEP 2001 – 2004 5-10 million (FMS attack) 2004 – 2007 500k (unique IVs) on average for 128-bit WEP (Korek attack) 2007 – 2008 40k (ARP packets) using the PTW attack 2008 – Present 25k (replayed packets) using the ARP replay and/or chopchop replay, with combined PTW+Korek [...]
Research in Motion has just released security bulletin KB17118 that announces a new set of vulnerabilities in the Blackberry Attachment Service that runs on Blackberry Enterprise Server (BES). According to Blackberry, “these vulnerabilities could enable a malicious individual to send an email message containing a specially crafted PDF file, which when opened for viewing on [...]
Irving Popovetsky explains how to change the local Administrator account on all machines in a Windows Domain to a unique, strong password using VBscript scripting.
I was recently interviewed by Michelle Rafter for Inc. Technology about best practices for Administrative Passwords. Article link: Psst! Whats the Password?
Microsoft has released a security advisory (954462) warning users that automated SQL injection attacks against ASP and ASP.NET based sites are escalating. Unlike about 5 years ago, most web developers I talk to today understand what SQL injection is and how to defend against it. The new automated attacks are mostly focused on Content Management [...]
Last week, quite a few major vulnerabilities were discovered in some of our customer’s favorite products, namely: VMWare (all products, from ESX Server all the way down to VMware Player) Cisco PIX and ASA (versions 7.1, 7.2, 8.0 and 8.1) Mac OS X (Both Server and Client editions, 10.4 and 10.5 are affected) Quite a [...]