Vulnerability Exploit for Snow Leopard
Today there was a brief discussion among a few Handlers regarding the vulnerability reported by Microsoft in March. The discussion was not so much on the fact that there was an exploit for a Mac OS, or that it was published by Microsoft. The discussion was focused on the sense of complacency that has seemed to develop around Mac products where security is concerned.
Looking back to 2001, Larry Ellison proudly proclaimed Oracle was ‘unbreakable’ (That statement proved to be untrue, and the hacking community gladly pointed that out to Oracle very quickly.) At the time he most likely based his statement on the fact that there were no known vulnerabilities in the database application at the time. And, at that moment in time, it may have been true. But time marches on....
While the Mac operating systems may not have the number of vulnerabilities that exist in other operating systems, they do exist, and it is only a matter of time before those vulnerabilities play out in the public. We as security professionals would be wise to look at the history of end-user platforms and plan accordingly. It is only a matter of time, as the exposure of these systems increases, the number of reported vulnerabilities will increase.
Thoughts?
tony d0t carothers - gmail
Vulnerability Assessment Program - Discussions
On a slow Saturday in May I thought I would open the forum for discussion here at the ISC on a topic. I am working on a project to update the Continuous Vulnerability Assessment (CVA) capability for a client, and I have found a lot of good information on the web. What I haven’t found a lot of is good experiences on the web. Guy Bruneau wrote a great article in October on CVA and Remediation for the Critical Controls discussed in October.
First off what is a vulnerability assessment? Wikipedia defines a vulnerability assessment as “the process of identifying, quantifying, and prioritizing (or ranking) the vulnerabilities in a system”. Vulnerability assessments are often confused with penetration testing, however these two functions serve different roles in a the organization and the overall security assessment. A CVA program, as a component of the overall enterprise systems management program, needs to consider the process for asset identification, vulnerability reporting and remediation.
Information I have collected runs the gamut of technical and marketing information. A great report on assessment tools is available here. Search the web for “Vulnerability Assessment”, “Continuous Vulnerability Assessment”, or “CVA” and the results range greatly. Technical, marketing, best practices, etc., but what is not abundant is experiences. What I’m asking of you today is input on experiences and challenges that you've encountered in your implementation or update of a CVA program. I’d love to hear about both the technical and environmental challenges encountered along the way. Ask yourself “If I had to do it differently, what would I change?”; that’s what I would like to hear.
tony d0t carothers - gmail
Comments
Anonymous
Dec 3rd 2022
10 months ago
Anonymous
Dec 3rd 2022
10 months ago
<a hreaf="https://technolytical.com/">the social network</a> is described as follows because they respect your privacy and keep your data secure. The social networks are not interested in collecting data about you. They don't care about what you're doing, or what you like. They don't want to know who you talk to, or where you go.
<a hreaf="https://technolytical.com/">the social network</a> is not interested in collecting data about you. They don't care about what you're doing, or what you like. They don't want to know who you talk to, or where you go. The social networks only collect the minimum amount of information required for the service that they provide. Your personal information is kept private, and is never shared with other companies without your permission
Anonymous
Dec 26th 2022
9 months ago
Anonymous
Dec 26th 2022
9 months ago
<a hreaf="https://defineprogramming.com/the-public-bathroom-near-me-find-nearest-public-toilet/"> nearest public toilet to me</a>
<a hreaf="https://defineprogramming.com/the-public-bathroom-near-me-find-nearest-public-toilet/"> public bathroom near me</a>
Anonymous
Dec 26th 2022
9 months ago
<a hreaf="https://defineprogramming.com/the-public-bathroom-near-me-find-nearest-public-toilet/"> nearest public toilet to me</a>
<a hreaf="https://defineprogramming.com/the-public-bathroom-near-me-find-nearest-public-toilet/"> public bathroom near me</a>
Anonymous
Dec 26th 2022
9 months ago
Anonymous
Dec 26th 2022
9 months ago
https://defineprogramming.com/
Dec 26th 2022
9 months ago
distribute malware. Even if the URL listed on the ad shows a legitimate website, subsequent ad traffic can easily lead to a fake page. Different types of malware are distributed in this manner. I've seen IcedID (Bokbot), Gozi/ISFB, and various information stealers distributed through fake software websites that were provided through Google ad traffic. I submitted malicious files from this example to VirusTotal and found a low rate of detection, with some files not showing as malware at all. Additionally, domains associated with this infection frequently change. That might make it hard to detect.
https://clickercounter.org/
https://defineprogramming.com/
Dec 26th 2022
9 months ago
rthrth
Jan 2nd 2023
9 months ago