Exploits feed on vulnerabilities. Vulnerabilities, in turn, pave the way for exploits. These closely related security concepts are often confused, but it’s key to understand the difference and how they each play out to make sure your systems are as airtight as they can possibly be. Read more “Vulnerabilities and Exploits: What You Need to Know”
One of the first things any security practitioner will tell you to do is keep your software up to date. It’s the number one way to protect against exploits targeting known vulnerabilities. In fact, most attacks these days don’t use new or novel attack methods, or even recently discovered vulnerabilities to succeed. They often use vulnerabilities that are years old!
Now while it’s simple to say that everyone should just run the most recent versions of operating systems and packages, actually implementing this quickly becomes painful for a number of reasons.
Recently, I had the opportunity to help build out our vulnerability detection feature here at Threat Stack. I stepped into this project as I had many others; trying to understand the problem, thinking about the scale, how to break up the problem, etc. This problem is something developers rarely think about: the operating system. Sure, we have all done our fair share of apt and yum, but have you ever really taken a look into what gets installed on your computer? Have you ever noticed that when you do a dpkg -l, what you see is actually some strange take on semantic versioning that doesn’t seem to line up with what you see when you look at the version of that program using its version command? Me either, and let me tell you, it was not what I was expecting.
You know that feeling you sometimes get after you’ve left the house for the day and suddenly fear you didn’t lock the door? You have two options: Turn back around to check, ensuring your home will be safe and secure while you’re gone, or leave it to chance, hoping you locked the door, but worrying all day that you didn’t…
The same situation presents itself when it comes to vulnerabilities within software-defined environments. The options? Embrace a “trust but verify” mindset by proactively monitoring for vulnerabilities, or do nothing, leaving to chance the security of company data, customer data and, as a result, the very existence of your business. Read more “Introducing Vulnerability Management at the Workload Layer”
Security is a major concern and potential road block for companies starting up in the cloud or considering a move into the cloud. Incidents such as the most recent high-profile attack on “online cheating site” Ashley Madison do little to assuage those fears as companies must consider how to best protect themselves from external and insider threats
Guest post by Chris Wysopal, CTO at Veracode
These last few weeks have been rough on Rails developers. Over the past few weeks there have been several vulnerabilities involving the parsing of Rails parameters, with one leading to arbitrary code execution (CVE-2013-0155, and CVE-2013-0156). Our friend Postmodern, the creator of Ronin (an excellent ruby platform for vulnerability and exploit development), wrote a great blog post explaining vulnerabilities with working PoC code.