I've been in this business too long to be easily riled by hoaxes and semi-hoaxes, electronic Pearl harbours, rumours and gossip. But after enforced immersion into various aspects of the Win32/Stuxnet issue (from remediation-related discussion with SCADA sites to code analysis, to data mining from distribution data), I've become more than usually frustrated with articles and discussion threads adding two and two to make infinity. Here, briefly, is what we know. Stuxnet used an unusually rich selection of 0-day attacks, exploiting the LNK and print spooler vulnerabilities recently patched by Microsoft and a couple of Elevation of Privilege issues that... Read more →
« August 2010 | Main | October 2010 »
Posts from September 2010
26 September 2010
Stuxnet, Suxnet
Posted by David Harley on 26 September 2010 at 05:55 AM in IT Security, Malware | Permalink
|
Comments (1)
18 September 2010
SIEM ROI - How to prove it?
I received some emails lately asking me some advice on how to prove a SIEM Tool ROI to higher management (justify acquisition, prove that the solution helps, etc). If you focus only in the technical aspects, I admit thatlife becomes more difficult (world crisis, lack of technical knowledge from higher management, etc) and gets hard to prove the ROI. When I work with SIEM projects one of my major rules is to understand my customer business and not only the network/system security aspects. What they do? How they do? What facts can impact their revenue? What systems/devices are running their... Read more →
Posted by Alexandre Cezar on 18 September 2010 at 03:13 PM in IT Security, Network Security, Operations Security, Risk | Permalink
|
Comments (0)
15 September 2010
When Open means Closed
In conjunction with my friend Rob Slade, I'm currently researching and writing about a broad range of information security frameworks. There is no shortage of them! Right now, I'm interested in ISECOM/Pete Herzog's OSSTMM (Open Source Security Testing Methodology Manual) and the ISM3 Consortium/Vicente Aceituno Canal's ISM3 (Information Security Management Maturity Model) frameworks but have lucked out on both of them this morning. I respect both Pete and Vicente for the stirling work they have done but the fact is that neither framework is freely available at the moment, despite the 'open' banner. OSSTMM version 3 is only available to... Read more →
Posted by Gary Hinson on 15 September 2010 at 07:46 PM | Permalink
|
Comments (4)
Search
Categories
- (ISC)² Chapters (22)
- (ISC)² Events (159)
- Center for Cyber Safety and Education (52)
- Cloud Security (132)
- Cybersecurity Certifications (376)
- Cybersecurity Training (310)
- Cybersecurity Workforce (242)
- Digital Forensics (29)
- Ethics (52)
- Government (123)
- Insider Risk (56)
- IT Security (372)
- Legal (45)
- Malware (112)
- Network Security (175)
- Operations Security (140)
- Privacy (116)
- Ransomware (83)
- Risk (195)
- Software Development (44)
- Spotlight (71)