Security From The Clouds To Orbit
Sep 16,
2014
Last month I wrote about some current cybersecurity concerns about satellite ground stations. That may seem rather exotic to many readers, but all of us rely on reasonably accurate weather predictions. Satellite cybersecurity problems would hurt all of us, but we can draw useful lessons from this episode. The U.S. Commerce Department’s Inspector General is […]
Two Great Resources
Sep 27,
2013
Today I’d like to share a couple great resources with you. These are websites with information on categorizing and avoiding vulnerabilities. There is a lot of reading here, and to be honest, much of it is reference material, but it’s good to peruse so you are familiar with it. Build Security In This is a […]
Circles are Bad. OVAL is Good.
Jun 26,
2012
In information assurance, it is critical to have the best reporting about your vulnerabilities. Vulnerabilities, as you may recall from an earlier blog, are software flaws that may leave a system open to exploitation. There are tools that help identify and assess vulnerabilities. They are called vulnerability scanners, or VA tools. These are tools designed […]
Exploring Exploits
Jun 12,
2012
In security testing, studying and deploying exploits seems to be the most fun. Exploits provoke the most thought and reaction amongst learners, as well. So, what exactly is an exploit? Let’s take a peek under the hood. Anatomy of Exploits They run the gamut in terms of how they work and what they do. The […]
Exploit vs. Antivirus: It’s No Contest
Jun 7,
2012
In a recent blog, we talked about the recent Java vulnerability and how it was still kicking around. The flaw has been identified as CVE-2012-0507 in the Common Vulnerabilities and Exposures database. You might be thinking that you are still safe, as you have antivirus. Let’s find out how well it protects you. As of […]