ZDI Makes good on release of vuln information

Back in August the Zero Day Initiative, a program founded by HP’s TippingPoint, announced that they would be making changes to their process due to vulnerabilities which  seemed to hang around forever. Because the timeline for disclosure of vulnerabilities had been controlled by the vendors, some appear to drag their feet on patching them. Anyone who has seen the Stack of Shame over on HNN knows what they mean. To avoid this, the ZDI implemented a six month deadline, after which details of the vulnerability would be publicly disclosed.

Well, the six month birthday has hit for some vulnerabilities, and the ZDI has started releasing the information on vulnerabilities for some big name vendors such as Microsoft, CA, Novell, SCO and even TippingPoint’s parent, HP.

The details are available over at TippingPoint’s DVLabs blog.

Securabit Episode 75: Booze over IP

Securabit Episode 75:  Booze over IP
February 9, 2011

Hosts:
Anthony Gartner – @anthonygartner http://anthonygartner.com
Chris Gerling  – @chrisgerling
Christopher Mills – @thechrisam
Jason Mueller – @securabit_jay
Andrew Borel –  @andrew_secbit
Tony  (myne-us)  – @myne_us

Guests:
Mike Dahn
twitter:  @mikd

Joe Gottlieb
Twitter: joe_gottlieb

General topics:
Mike:Bsides origins and other.  http://chaordicmind.com/blog/
Joe: Open Security Intelligence http://www.opensecurityintelligence.com/

On Monday, February 14th, SIEM and log management vendor SenSage will introduce the Open Security Intelligence forum to the security community to become involved in. The concept of the community is to share best practices in open security analytics to improve our collective security defenses. Specifically, Joe Gottlieb, President and CEO of SenSage would like to discuss:
– Current challenges with today’s SIEM tools, which are a decade old
– Why security analytics needs to be ‘open’
– Why integrating business intelligence tools (i.e. Pentaho, Microsoft Exchange, Cognos, etc.) with SIEM tools can create useful dashboards that help security analysts mine huge data stores for the ‘needle in the haystack’ information they need
– Why ‘security quants’ (analysts that can look deep into the data and develop complex yet useful SQL queries) will become the next role in the SOC
– The benefits of joining the community and sharing best practices

The community will be hosted on a web portal – www.opensecurityintelligence.com – that is under development and will be discussed in our Feb. 14 release. Also, Joe is also giving a talk at Security BSides  SF on 2/14 at 3pm PT on this very topic.

–HBGary Federal
http://krebsonsecurity.com/2011/02/hbgary-federal-hacked-by-anonymous/

–Nasdaq
attack does not yet have reports of how they where attacked. The comment on the website was for the 1999 attack where someone defaced the nasdaq website.

Quotes from http://www.wallstreetandtech.com/technology-risk-management/229201267

The operator of the Nasdaq Stock Exchange said it found “suspicious files” on its computer servers, in a Web application called Directors Desk which is used by members of corporations’ boards of directors who want to share information and files.

“What seems most likely is that the web servers were compromised in an attempt to use them to inject malicious software into their clients,” commented one reader of the nakedsecurity.sophos.com blog.

–Bsides
http://www.securitybsides.com/w/page/12194156/FrontPage
to contact: info (at) securitybsides dot org -or- call 415-742-1739

–Exploit developers corner
Looking for exploit developers!

If you have recently published an exploit or have a previously published exploits you would like to talk about contact us at [email protected] or can contact Tony (myne-us) directly on IRC at freenode #securabit to have a small interview about your discovery.

List of common questions.

-How did you find the vulnerability?
-What is your goal in vulnerability research?
-How did you go about disclosing the vulnerability and how did the vendor respond?
-And more…

!!Caution!!:  No undisclosed vulnerabilities (0 day)! These vulnerabilities need to be reported to the vendor and patched or exceed a time period where vendor did not patch. If interested in releasing exploit on the show that is fine if can show proof you disclosed to vendor or see the proof of concept already posted on exploit-db or have a CVE.

Us:NetWitness Spectrum at RSA http://www.netwitness.com/products/spectrum.aspx

Upcoming events
RSA Conference 2011 (14 -18 Feb 2011)
#BSidesSanFrancisco (14 – 15 Feb 2011)
#BSidesCleveland (18 Feb 2011)
#BSidesHalifax (5 Mar 2011)
#BSidesGSO Greensboro, NC (9 Mar 2011)
CanSecWest2011 (9 – 11 Mar 2011)
#BSidesAustin (11 – 12 March 2011) http://www.keepsecurityweird.org/
BlackHat Europe 2011 (17 – 18 Mar 2011)
#BSidesChicago (16 – 17 Apr 2011)
#BSides London, (20 Apr 2011)
#BSidesROC Rochester, NY (21 May 2011)
#BSidesDetroit (3 – 4 Jun 2011)

Links:
http://securabit.com
Chat with us on IRC at irc.freenode.net #securabit
iTunes Podcast – http://itunes.apple.com/us/podcast/securabit/id280048405
iPhone App Now Available – http://itunes.apple.com/us/app/securabit-mobile/id382484512?mt=8

We want feedback!

Way back in May of 2008 a few of us banded together and launched this podcast and website.  It’s been something we’ve poured a lot of elbow grease and time into, and we absolutely love doing it.

That being said, there are a lot of lessons we’ve learned about podcasting and just being a part of the security community in general.  I don’t know why it took us this long, but we are very much interested in honest, constructive feedback (well, if you do want to throw a few f bombs our way in an nonconstructive manner, we’ve definitely had our share of f bombs on the podcast, so feel free) about the show, the website, and us.  In-between beers, we are striving to remember to come up with better organization, flow, and content for you guys without getting divorced along the way.

This year we want to make sure we get ourselves organized better, and that we present you with the best of what we’re capable of.  To help with that we are asking that you take a short survey regarding our show and website. I have embedded the survey into our site below. If that is not an option for you, please utilize this link: Click here to take survey

Create your free online surveys with SurveyMonkey, the world’s leading questionnaire tool.

SecuraBit Episode 74: Podcasting in the dark with Brian Krebs!

Securabit Episode 74: Podcasting in the Dark with Brian Krebs
January 26, 2011Hosts:
Anthony Gartner – @anthonygartner http://anthonygartner.com
Chris Gerling  – @chrisgerling
Christopher Mills – @thechrisam
Andrew Borel –  @andrew_secbit

Guests:
Brian Krebs – @briankrebs – http://krebsonsecurity.com/

General topics:

  • I recall reading about various greeting card based attacks over the years.  Do you think they’ve all been originated by the same folks who did this one?  Or at least, with the same goals in mind?
  • How prevalent do you think ATM skimmers are?  What are some ways the common person can look out for them?
  • Do you think financial institutions are getting better at educating their customers about the protections provided/not provided under Regulation E?
  • Do you anticipate payment processing centers becoming a bigger target for criminals vs the individual businesses?
  • Since many financials are under pressure from new reserve requirements, do you think new security requirements will force smaller financials to merge? How can they balance the need to offer more convenient services (such as mobile banking) with the need to improve security at the same time?
  • What do you think the top 3 stories for 2010 were? Why do you think they were the top stories?

Upcoming events
RSA Conference 2011 (14 -18 Feb 2011)
#BSidesSanFrancisco (14 – 15 Feb 2011)
#BSidesCleveland (18 Feb 2011)
#BSidesHalifax (5 Mar 2011)
#BSidesGSO Greensboro, NC (9 Mar 2011)
CanSecWest2011 (9 – 11 Mar 2011)
#BSidesAustin (11 – 12 March 2011) http://www.keepsecurityweird.org/
BlackHat Europe 2011 (17 – 18 Mar 2011)
#BSidesChicago (16 – 17 Apr 2011)
#BSides London, (20 Apr 2011)
#BSidesROC Rochester, NY (21 May 2011)
#BSidesDetroit (3 – 4 Jun 2011)

Links:
http://securabit.com
Chat with us on IRC at irc.freenode.net #securabit
iTunes Podcast – http://itunes.apple.com/us/podcast/securabit/id280048405
iPhone App Now Available – http://itunes.apple.com/us/app/securabit-mobile/id382484512?mt=8