Suggested Blog Reading – Tuesday June 19th, 2007

ReadOne round of golf and my back is shot. This getting old thing really sucks.

Here’s the list:

Mpack attack infects PCs on massive scale – I’m sure you’ve seen this all over the internet but why should I be the only one not mentioning the Mpack attack?

A malware distribution and attack kit sold commercially through underground channels on the Internet has compromised hundreds of thousands of systems in the past six months, including an epidemic of infections that hit Italian Web servers this past weekend, according to security and antivirus firms.

Known as Mpack, the kit consists of commercial-grade software components written in the PHP Web programming language and apparently sold by a group of Russian programmers. The software, which comes with a year of support, was first mentioned in an analysis penned by antivirus firm Panda Software. In mid-May, Panda stated that the software had compromised at least 160,000 computers.

How to get the most out of a SIM – OooOoOoOoo…I can’t wait until Bejtlich gets a hold of this article šŸ™‚

However, a SIM can bring tremendous value by providing total visibility into your security posture, and by leveraging security products you already have. Regulatory compliance has been a top driver for SIM purchases, but there are a number of less obvious advantages that should be considered when selecting a product. The key to realizing the full value of a SIM is to understand all of its advantages and leveraging the product in a way that brings maximum benefit.

AfterGlow Example – Visualizing IP Tables Logs – I love this idea of visualizing logs.

I am sitting in Seville, at the First conference, where I will be teaching a workshop on Wednesday. The topic is going to be insider threat visualization. While sitting in some of the sessions here, I was playing with my iptables logs.

Phishers and Malware authors beware! – Interesting release. I’ll leave it up to the developers of the world to comment on it’s usefulness.

OK, so it might be a little early to declare victory, but we’re excited about the Safe Browsing API we launched today. It provides a simple mechanism for downloading Google’s lists of suspected phishing and malware URLs, so now any developer can access the blacklists used in products such as Firefox and Google Desktop.

The API is still experimental, but we hope it will be useful to ISPs, web-hosting companies, and anyone building a site or an application that publishes or transmits user-generated links. Sign up for a key and let us know how we can make the API better. We fully expect to iterate on the design and improve the data behind the API, and we’ll be paying close attention to your feedback as we do that. We look forward to hearing your thoughts.

CA Mainframe Security Blacked Out Globally – “Sources say that the problem was so secret that they didn’t know how to fix it” šŸ˜›

Computer Associates’ Top Secret security product for the mainframe blacked out worldwide on June 16, staying dark for 19 hours and bringing down financial institutions such as banks and insurance systems.

CA said in a statement that the bug affected approximately 50 customers worldwide and did not introduce any security issues. “It prevented a subset of CICS users from signing on during a 19-hour period (from 6/16 to 6/17) because of an internal memory representation of the time/date value, which caused the host to deny the sign-on request,” according to the statement.

An Incident Handling Process for Small and Medium Businesses – From the SANS Information Security Reading Room

HP Acquires SPI Dynamics – Interesting move by HP. I wonder if they plan on extending the SPI offerings in their product lines?

Early this morning, so early that the cat was still snug beside me in bed on the west coast, HP announced its acquisition of security assessment firm SPI Dynamics, headquartered in Atlanta, GA.

HP already integrates SPI security technology into its software, and the acquisition is expected to add more quality management capabilities to HPā€™s software portfolio and strategy.

Scroll to top