Look Beyond the Exploit

January 25th, 2010 admin

The post One Exploit Should Not Ruin Your Day by Dino Dai Zovi made me think: Finally, the larger problem is that it only took one exploit to compromise these organizations. One exploit should never ruin you day. [sic] No, that is wrong. The larger problem is not that it “only took one exploit to compromise these organizations.” I see this mindset in many shops who aren’t defending enterprises on a daily basis. This point of view incorrectly focuses on exploitation as a point-in-time, “skirmish” event, disconnected from the larger battle or the ultimate campaign. The real “larger problem” is that the exploit is only part of a campaign, where the intruder never gives up. In other words, comprehensive threat removal is the problem. There is no “cleaning,” or…


Originally posted on TAOSecurity

Related Videos from Youtube

  • A Tiny Apartment Transforms into 24...
    In Hong Kong, because of the space, apartments are small and expensive. Gary Chang, an architect, decided to design a 344 sq. ft. apartment to be able to change into 24 different designs, all by just sliding panels and walls. He calls this the "Domestic Transformer." This video is not owned by me and I do not take any right of it. Visit us at jellywoo.com for more news related to tech and just life in general. Thanks to Lifehacker, OhGizmo, and all the other sites that mentioned this! Watch this video and many more at World's Greenest Homes on PlanetGreen.com (planetgreen.discovery.com
  • Band Of Horses - NW APT (on Later L...
    NW APT by Band Of Horses from the upcoming album 'Infinite Arms'
  • APT -"ABA" - World of Dan...
    APT Set Entitled "ABA" 1st Place winners of World of Dance 2010 Pomona Junior Division Taking the title two times in a row April 10, 2010 Director Patrick Cruz Choreographers (by pieces): 1. Bryan Subijano 2. Jeka Kalotkin 3. Patrick Cruz 4. Agnes Loyola 5. Patrick Cruz
  • Arbitrage Pricing Theory (APT)...
    APT is similar to CAPM but with several factors
  • phone security and cybersecurity ar...
    taosecurity.blogspot.com another of my two in one videos but this time i want to say to my subbers, that i will protect you guys from hackers, whenever i can in any form, cell phone security or pc i'm here for you guys and the youtube cominuty at large....
  • is prillo a nice security person or...
    geeks.pirillo.com i wouldn't mind if i got more subscribers who can watch my videos and i could help them in a friendly way and a good way, i'm not like prillo in any way i don't get mad at hateful comments etc taosecurity.blogspot.com
  • Zombie aware month.......avi...
    blog.fortinet.com come on join me and help in the fight against pc zombies..... i will deffend the youtube comminuty against hackers...... taosecurity.blogspot.com
  • AFCERT circa 2000...
    This video shows the United States Air Force Computer Emergency Response Team (AFCERT) in 2000. Kelly AFB, Security Hill, and Air Intelligence Agency appear. The colonel who leads the camera crew into room 215 is James Massaro, then commander of the Air Force Information Warfare Center. The old Web-based interface to the Automated Security Incident Measurement (ASIM) sensor is shown, along with a demo of the "TCP reset" capability to terminate TCP-based sessions. We have a classic quote about a "digital Pearl Harbor" from Winn Schwartau, "the nation's top information security analyst." Hilarious, although Winn nails the attribution and national leadership problems; note also the references to terrorists in this pre-9/11 video. "Stop the technology madness!" Incidentally, if the programs shown were "highly classified," they wouldn't be in this video!

More videos ...

 
  Related Posts
F-Secure’s Exploit Shield blocks the "Aurora" exploit
Microsoft recently announced a new vulnerability in certain versions of its Internet Explorer web browser. If exploited, the vulnerability (CVE 2010-0249) can allow remote code execution. Announcement of this vulnerability follows on the heels of last week’s targeted zero-day attacks against a number of companies. Since we are talking about... 
More Analysis of Case LNK Exploit
There’s a new threat that spreads via USB storage devices, by exploiting a previously unknown flaw in Windows shortcuts . We have added detection for the shortcut LNK exploit as Exploit:W32/WormLink.A. The shortcut file used in this case is 4.1 KB. Files associated with the trojan-dropper, backdoor, rootkit are detected as the Stuxnet family.... 
Singer’s Exploit Kit version CVE-2010-0806
Well, well… looks like someone has been singing along to one of Jay Chow’s songs while coding an exploit that corresponds to a vulnerability in Internet Explorer, which was addressed in Microsoft Security Bulletin MS10-018. The exploit that targets on the Peer Object component (iepeers.dll) in IE has been found in the wild, and today... 
Exploit Shield FTW
Microsoft published a Security Advisory on Monday for a vulnerability in Internet Explorer 6 and IE7 that could allow for remote code execution. IE8 is not affected. Currently, there are no reports of this vulnerability being exploited in-the-wild. Our Exploit Shield analysts have been looking into this case and based on their initial tests, the code... 
Code for Shortcut Zero-Day Exploit is Public
Code for Shortcut Zero-Day Exploit is Public
If you’re not following Mikko’s Twitter feed , you may have missed yesterday’s news that public proof of concept exploit code for the Windows shortcut (.lnk) vulnerability has been released on exploit-db.com. This further escalates the danger of the shortcut vulnerability. So far, only the authors of the Stuxnet rootkit have utilized... 
Let a Hundred Flowers Blossom
Let a Hundred Flowers Blossom
I know many of us work in large, diverse organizations. The larger or more complex the organization, the more difficult it is to enforce uniform security countermeasures. The larger the population to be “secure,” the more likely exceptions will bloom. Any standard tends to devolve to the least common denominator. There are some exceptions,... 
Exploit.PDF-Dropper.Gen
The lab is currently seeing a spam run pushing a PDF exploit. The emails look like this:  Read More →
All Aboard the NSM Train?
All Aboard the NSM Train?
It was with some small amusement that I read the following two press releases recently: First, from May, NetWitness® and ArcSight Partner to Provide Increased Network Visibility : NetWitness, the world leader in advanced threat detection and real-time network forensics, announced certification by ArcSight (NASD: ARST) of compliance with its Common... 
Gonzalez Accomplice Gets Probation for Selling Browser Exploit
Gonzalez Accomplice Gets Probation for Selling Browser Exploit
A computer security professional who sold Internet Explorer exploit code to credit card hacker Albert Gonzalez was sentenced Tuesday in Boston to three years probation and a $10,000 fine. Jeremy Jethro, 29, was paid $60,000 by Gonzalez for a zero-day exploit against Microsoft’s browser, “the purpose and function of which was to …... 
Why Would APT Exploit Adobe?
Why Would APT Exploit Adobe?
After reading this statement from Adobe , they seem to be using the same language that described the Google v China incident: Adobe became aware on January 2, 2010 of a computer security incident involving a sophisticated, coordinated attack against corporate network systems managed by Adobe and other companies. We are currently in contact with... 
  Related Tweets from Twitter

There was an error processing the Feed, if this is your page, please check the information provided in your profile.

  Related News from Digg
Leave a comment | Trackback
No comments yet.
You must be logged in to post a comment.
TOP