IBM and Facebook as well as others are starting to contribute to a massive big data based repository of threat related information.
I had an internal startup for some time that was targeting security as well as general operational data to point to trends that need attention such as disk series that are reaching failure points, apps that suddenly morph and such.
Another topic was cleansing the data from any personal or internal information by tokenizing it.
I stopped this startup since I got to meet someone who was doing the same and pointed to the fact that there’s already enough data on one hand (and now per this post we have got much more of that) and on the other hand companies would agree to share cleansed data but would not be able to do it due to regulations that take time to defuse.
In any case you have now lots of data too sip through if you are a hungry Data scientist…
While this may be an old news for you, I still see cases where it is overlooked. Intel’s processors supporting AES-NI standard can boost your encrypted data processes if the software you use utilizes the 7 processor encryption related built-in instruction set. It also includes DRNG (Dynamic Random Number Generator). So IT Managers want to make sure any server they have doing lots of encryption, has those new processors, while developers should make sure they use the AES-NI libraries for the encryption related code they create. Click here for info on AES-NI processors, software toosl and more.
Important for developers, and great for solutions ideas brainstorming.
Includes hacking examples and explanations as well as remediation techniques.
Checkout this comprehensive OAuth Vulnerabilities Checklist here:
The claim is they could quickly and easily expose session header data for compressed SSL sessions, by using a statistical based algorithm. They inject their own data into the session, then use statistics to analyze the resulting compressed web server response, to infer what the original session header data included.
This puts at risk any product that includes a web service which repeatedly communicates sensitive data, such as security tokens, cookie information and similar, in the session header information.
This seems as a massive issue due to those reasons:
Most Web servers use compressed response to avoid major performance hit
Many developers have been assuming they can allow repeat session security information responses in session headers, relaying on SSL to hide it
Researchers will disclose the exploit code to the public
There is no workaround expected in the near future, except for deep developers review and correction of their session header transmissions
Developers, be warned!
Users, better review your critical web app providers security awareness and responsiveness…
We can say one thing for sure about Amazon: Amazon is going through a constant continuous improvement cycle, complementing its cloud service portfolio. This surely is attractive for IT professionals looking for a restless innovative solution provider, understanding that in many cases, the active improvement process is much more important than the “static perfectness” state others try to reach.
On the other edge of the spectrum, take a look at the vSentry end-user threat protection solution from Bromium, and what’s interesting to me are their 2 core innovations:
Micro-Virtualization creating a transparent shield for any un-trusted application, which allows the user feel safe, and avoid irrelevant alerts, as the un-trusted application they use, can try and do harm, to find itself isolated, without any actual modification of user data. All the affects of the malware are cleaned up, as its virtual sandbox vanishes as soon as the application exits. That’s based on the Intel VT technology.
This also enables the second innovation – Task Introspection. Since applications can do anything they want, be it as malicious as they can, as they are getting virtual rather than actual access to the system’s resources, an attack can be recorded and reviewed, at will, saving forensics time and effort.
In this case as well, what’s important to note, is the rapid exploitation of the opportunity to innovate, using current tools (such as Intel VT). Sure, this solution is not perfect, and will be circumvented at some point, but it does offer a pain-killer type of remedy, which IT professionals are likely to quickly grab.
I believe there should be a new term for us to use – Time To Innovate (TTI) – which is about measuring how much time it takes you to innovate, as soon as an opportunity is presented.
Are you rapidly innovating as well, or endlessly trying to perfect your solution?
Note that both Backtrack and Kali Linux contain great tools such as Nessus and Metasploit, set for “labor-intensive” use. If you want it to automatically do the work for you, across many systems, through a workflow that will save you a LOT of time, you’ll have to pay for the “Professional” variations of those tools.
My answer on Quora to: Is Facebook’s new Graph Search Engine a danger to Google, LinkedIn,
Yelp & Foursquare: http://qr.ae/1Ur6u
I turned it into a general security related topic that’s fascinating to resolve…What do you think?