Security In Context

Bringing you news and commentary on solutions and strategies for protecting your critical IT infrastructure.

Archive for August, 2010

AFITC 2010

If your organization has never considered, or taken, IT security seriously, a keynote speech given by Maj. Gen. Richard Webbers at the Air Force Information Technology Conference 2010  in Montgomery, AL would have certainly changed your mind. The General went through a brief history of the 24th Air Command, its role in supporting cyber threats,…

Post by Morey Haber August 31, 2010
, , , , ,
BeyondTrust is the expert source of VMware Security LEARN MORE

When Your Vulnerability Scanner Breaks Your Compliance

At eEye Digital Security we strive to make sure our Retina Network Security Scanner technology not only has great auditing capabilities for missing patches and misconfigurations, but also for remotely exploitable server vulnerabilities. We have been a pioneer in the space of non-intrusive, unauthenticated, vulnerability checks for many years now. In fact, on more than…

Post by Marc Maiffret August 30, 2010
, , ,

DLL Preloading Attacks in the Wild

After several public discussions and the swift patching of Apple iTunes, Microsoft has issued the security advisory KB2269637  to address DLL Hijacking or Preloading vulnerabilities within all versions of Microsoft Windows. This advisory covers a 10 year old flaw within the Windows operating system and how it handles the loading of Dynamic Link Libraries (.DLL…

Post by The eEye Research Team August 24, 2010

The Importance of Web Application Scanning

The art of hacking a computer, operating system, and application has evolved over time. What was once seen as relatively simple hacks have been suppressed due to various intrusion prevention mechanisms developed by network security companies. Breaching a company’s perimeter to gain direct unauthorized access to an organization’s network is not as simple as it…

Post by Morey Haber August 23, 2010
, , ,

The Value of a Management Console

My background is in Network Management Systems (NMS). In the late 1990’s, the buzz words for NMS were around a “single pane of glass” management. This referred to a single CRT computer screen showing all of the relevant network management information in one view. The inherent value in this approach was the ability to see…

Post by Morey Haber August 18, 2010

The Concept of Universal Integration

CNN recently reported that cell phones in Europe will soon benefit from a universal charger format. That means that regardless of the cell phone vendor you purchase, there will be one standard connector that will work for all of them. Unfortunately, here in the United States, we have no such regulations and the concept of…

Post by Morey Haber August 16, 2010

Microsoft Patch Tuesday – August 2010

As everyone knows by now, this was a gigantic patch Tuesday with Microsoft delivering 14 security bulletins (in addition to the out-of-band bulletin from last week).  On top of that, Adobe patched Flash and ColdFusion.  It is once again going to be a long night for IT and security engineers everywhere. One important thing to note is…

Post by Chris Silva August 10, 2010
, ,