I never imagined we would be waiting for the release of a "0day" vulnerability, but I guess that's what happens if you're not a customer of an informediary in the growing market for software vulnerabilities -- growth in respect to, researchers, infomediaries and security vulnerabilities. Stay tuned for "Exploit Of Windows 2000 Zero-day To Hit In June", and take your time to appreciate that it's affecting "extended support" software. From the article :
"Symantec warned its enterprise customers Thursday that an unpatched vulnerability in Windows 2000’s file sharing protocol has surfaced, with details of an exploit expected to show next month. According to the Cupertino, Calif. company’s alert, an exploit for the zero-day bug in Windows 2000’s SMB (Server Message Block) protocol has been created by Immunity Security, the makers of the CANVAS exploit-creation platform. By Immunity researcher Dave Aitel’s account, the exploit leverages a flaw in the operating system’s kernel that can be triggered through SMB, and will give an attacker full access to the PC. Aitel claimed Immunity will make the exploit public in June. "Immunity is considered to be a reliable source and we are of the opinion that this information should be treated as fact," read Symantec’s warning. "An official security update from Microsoft will likely not be in development until after June when the information is released."
Well, how can they fix in such a way, even though their "sophisticated", quality-obsessed patch management practices. When working with vulnerabilities, or updating yourself with the dailypack of new ones, don't live with the false feeling of their uniqueness, but try figuring out how to be a step ahead of the vulnerabilities management stage. If Microsoft requested from Immunity Security to look up for possible security vulnerabilities, gave them a deadline, and secured a commission in case a vulnerability is actually found, it would have perfectly fited in the scenario in a previous post "Shaping the Market for Security Vulnerabilities Through Exploit Derivatives" -- reporting a vulnerability, let's not mention web application vulnerability is for the brave these days. Moreover, "Economic Analysis of the Market for Software Vulnerability Disclosure" quotes Arora et al. on the same issue from a vendor's point of view :
"developing an economic model to study a vendor's decision of when to introduce its software and whether or not to patch vulnerabilities in its software. They compare the decision process of a social-welfare maximizing monopolistic vendot, to that of a profit-maximizing monopolistic vendor. Interestingly, they observe that the profit-maximizing vendor delivers a product that has fewer bugs, than a social-welfare maximizing vendor. Howver, the profit-maximizing vendor is less willing to patch its software than its social-welfare maximizing counterpart." - The Price of Restricting Vulnerability Publications is indeed getting higher.
Reactive, Proactive, or Adaptive - what's your current security strategy?
Saturday, May 27, 2006
Delaying Yesterday's "0day" Security Vulnerability
Independent Security Consultancy, Threat Intelligence Analysis (OSINT/Cyber Counter Intelligence) and Competitive Intelligence research on demand. Insightful, unbiased, and client-tailored assessments, neatly communicated in the form of interactive reports - because anticipating the emerging threatscape is what shapes the big picture at the end of the day. Approach me at dancho.danchev@hush.com
Forgotten Security
It's one thing to expose a Pengaton conference's attendees list, and another Mr. Blair's security plans intended to protect the Prime Minister from a terrorist attack during the Labour Party conference".
From the article :
"Security plans intended to protect the Prime Minister from a terrorist attack during the Labour Party conference have been left in a hotel. The documents include a list of ways in which Mr Blair and members of his Cabinet could be killed as they attend the five-day conference at Manchester’s G-Mex Centre in September. Greater Manchester Police said that the dossier, found at the Midland Hotel, had been left by a member of hotel staff but insisted that the plans were not secret."
Every country has it's reputable think tanks, whether representing PhDs' with eyeglasses thick enough to have the sun burn their eyes, or plain simple analysts, worst case scenarios when protecting national leaders are among the top priorities. I think that even if the plans weren't secret, they reveal a lot of info on the security agency's thinking and hypotizing approach, still, no advantage could have been taken given the short timeframe -- thankfully.
From the article :
"Security plans intended to protect the Prime Minister from a terrorist attack during the Labour Party conference have been left in a hotel. The documents include a list of ways in which Mr Blair and members of his Cabinet could be killed as they attend the five-day conference at Manchester’s G-Mex Centre in September. Greater Manchester Police said that the dossier, found at the Midland Hotel, had been left by a member of hotel staff but insisted that the plans were not secret."
Every country has it's reputable think tanks, whether representing PhDs' with eyeglasses thick enough to have the sun burn their eyes, or plain simple analysts, worst case scenarios when protecting national leaders are among the top priorities. I think that even if the plans weren't secret, they reveal a lot of info on the security agency's thinking and hypotizing approach, still, no advantage could have been taken given the short timeframe -- thankfully.
Independent Security Consultancy, Threat Intelligence Analysis (OSINT/Cyber Counter Intelligence) and Competitive Intelligence research on demand. Insightful, unbiased, and client-tailored assessments, neatly communicated in the form of interactive reports - because anticipating the emerging threatscape is what shapes the big picture at the end of the day. Approach me at dancho.danchev@hush.com
Aha, a Backdoor!
Security precautions can indeed blur the transparency of a company's financial performance -- one that's extremely important in the post-Enron corporate world. Under fire over some of the biggest corporate scandals during the last decade, the Securities and Exchange Commission (SEC) has been trying to change the data standards to ensure greater accountability and support decision makers. On the other hand, the U.S's Intelligence Czar, John Negroponte remains in position to "exempt" publicly traded companies from reporting matters in relation to nothing else but national security.
From the article :
"Now, the White House’s top spymaster can cite national security to exempt businesses from reporting requirements President George W. Bush has bestowed on his intelligence czar, John Negroponte, broad authority, in the name of national security, to excuse publicly traded companies from their usual accounting and securities-disclosure obligations. Notice of the development came in a brief entry in the Federal Register, dated May 5, 2006, that was opaque to the untrained eye."
What the U.S government gets is stimulated to invest in homeland security publicly traded companies, given the benefits of the possible "exemption" and countless opportunities for profitable speculation. If the backdoor left gets used for purposes other than classifying some obvious defense contractors' accounting histories I wouldn't doubt seeing Coca Cola diversifying to take advantage of expanding the unaccountable R&D department. Moreover, today I came across to an independent research stating that classified and unaccountable military spending is at its peak.
It's fascinating to label something as top secret and let the world know about it 30 years later in order to lose the public effect of the discovery, still "excusing" companies to fuel growth would open up a great deal for corporate fraud schemes, but yes, investments too.
From the article :
"Now, the White House’s top spymaster can cite national security to exempt businesses from reporting requirements President George W. Bush has bestowed on his intelligence czar, John Negroponte, broad authority, in the name of national security, to excuse publicly traded companies from their usual accounting and securities-disclosure obligations. Notice of the development came in a brief entry in the Federal Register, dated May 5, 2006, that was opaque to the untrained eye."
What the U.S government gets is stimulated to invest in homeland security publicly traded companies, given the benefits of the possible "exemption" and countless opportunities for profitable speculation. If the backdoor left gets used for purposes other than classifying some obvious defense contractors' accounting histories I wouldn't doubt seeing Coca Cola diversifying to take advantage of expanding the unaccountable R&D department. Moreover, today I came across to an independent research stating that classified and unaccountable military spending is at its peak.
It's fascinating to label something as top secret and let the world know about it 30 years later in order to lose the public effect of the discovery, still "excusing" companies to fuel growth would open up a great deal for corporate fraud schemes, but yes, investments too.
Independent Security Consultancy, Threat Intelligence Analysis (OSINT/Cyber Counter Intelligence) and Competitive Intelligence research on demand. Insightful, unbiased, and client-tailored assessments, neatly communicated in the form of interactive reports - because anticipating the emerging threatscape is what shapes the big picture at the end of the day. Approach me at dancho.danchev@hush.com
Travel Without Moving - Korean Demilitarized Zone
Continuing the travel without moving series, the Korean Demilitarized Zone remains a hot spot with North Korea publicly stating its ambtions of joining the nuclear club. How big of a threat is the statement anyway? I believe it's a desperate move from the North Koreans' side, while trying to put itself on the world's map again -- and the news of course.
What they lost was the momentum, one that Iran greatly took advantage of. Think about it, as the U.S's War on Terror is like any"product concept", it inevitably passes through introduction, growth, maturity and decline stages in respect to public relations. Abu Ghraib's offensive PSYOPS case, a national disaster in between, Muhammad's cartoons, and NSA's fiasco seemed to further strenghten the momentum of announcing their intentions without fear of having the U.S in their backyard -- smart move fully taking advantage of the situation and definitely resulting in a future dimplomatic solution.
While North Korea is presumably hoping to improve the nation's dignity and reputation as scietifically sophisticated enough to be recognized, building nuclear weapons when the central statistical bureau releases reports of people dying out of starvation reminds of the best Cold War strategy game scenario I ever played.
No real army for the regime, but sneaky partisans everywhere, no roads, no buildings, but nuclear bombs and cruise missiles in every city, as well as income distribution model based on the "model of leftovers", thus, riots and lack of any production capabilities. I remember watching a documentary where a soldier was trying to broadcast over the border, and of course, North Korea's jammers in action. Censoring news, obsessive self-regulation practices, total denial of problems, and keeping everyone in a twisted reality for as long as necessary is a daily practice -- still, there are capitalists trying to operate business ventures there.
What the international community could possibly do is not to lose touch with these people, and constantly "ping" their diplomacy while trying to achieve bargain deals -- the problem is that even Asian countries find North Korea a spooky place. Kim Jong-il is not a mad man, but a man looking for attention, give him some without having him "envision" a conventional weaponry phrase in his country's history.
What they lost was the momentum, one that Iran greatly took advantage of. Think about it, as the U.S's War on Terror is like any"product concept", it inevitably passes through introduction, growth, maturity and decline stages in respect to public relations. Abu Ghraib's offensive PSYOPS case, a national disaster in between, Muhammad's cartoons, and NSA's fiasco seemed to further strenghten the momentum of announcing their intentions without fear of having the U.S in their backyard -- smart move fully taking advantage of the situation and definitely resulting in a future dimplomatic solution.
While North Korea is presumably hoping to improve the nation's dignity and reputation as scietifically sophisticated enough to be recognized, building nuclear weapons when the central statistical bureau releases reports of people dying out of starvation reminds of the best Cold War strategy game scenario I ever played.
No real army for the regime, but sneaky partisans everywhere, no roads, no buildings, but nuclear bombs and cruise missiles in every city, as well as income distribution model based on the "model of leftovers", thus, riots and lack of any production capabilities. I remember watching a documentary where a soldier was trying to broadcast over the border, and of course, North Korea's jammers in action. Censoring news, obsessive self-regulation practices, total denial of problems, and keeping everyone in a twisted reality for as long as necessary is a daily practice -- still, there are capitalists trying to operate business ventures there.
What the international community could possibly do is not to lose touch with these people, and constantly "ping" their diplomacy while trying to achieve bargain deals -- the problem is that even Asian countries find North Korea a spooky place. Kim Jong-il is not a mad man, but a man looking for attention, give him some without having him "envision" a conventional weaponry phrase in his country's history.
Independent Security Consultancy, Threat Intelligence Analysis (OSINT/Cyber Counter Intelligence) and Competitive Intelligence research on demand. Insightful, unbiased, and client-tailored assessments, neatly communicated in the form of interactive reports - because anticipating the emerging threatscape is what shapes the big picture at the end of the day. Approach me at dancho.danchev@hush.com
Subscribe to:
Posts (Atom)