Security Shifts to Data

February 15th, 2007

Eric Lundquist, in a February 5 eWeek article, tells a story that is near to my heart–it’s about the data, stupid.  For years security has been focused on system or device protection.  This must  change.

Our goal as security professionals is to protect the confidentiality, availability, and integrity of the data.  This means protecting it at rest and in motion.  Protecting your HR servers doesn’t do much good if your employees’ PII (personally identifiable information) is compromised through storage or LAN/WAN access control weaknesses.  Carrying this a bit further, IM and email transfer of sensitive information completely bypasses any device or perimeter security that isn’t specifically designed to filter and block/alert on sensitive information moving into insecure areas, like the Internet or internal systems at lower trust levels.

New ‘Drive-By’ Attack Is Remote

February 15th, 2007

In a February 15 Dark Reading article, Kelly Jackson Higgins reports on a proof of concept attack against broadband routers.  Called drive-by pharming, attackers can gain web access to home or business broadband equipment by using manufacturer default passwords.  This attack vector differs from war driving attacks because the attacker doesn’t have to be anywhere near the target device.  The best defense is to ensure all default passwords are changed when implementing broadband routing equipment.



Protect yourself from the byproducts of software piracy

February 15th, 2007

It isn’t news that software piracy is a big problem for software vendors.  Illegal use of applications has been going on since the first PC rolled off the line.  What might be news, however, is the negative impact piracy might have on the Internet and on your company network.

See the rest of the article here.



Check out my book, Just Enough Security, at

Additional security management resources are available at

My podcasts –>

Free security training –>

I’m Back

February 14th, 2007

After living several months at, I’ve returned to my original home.  I hope you’ll check in for daily security updates.

You might also want to check out my articles and security updates at


Public Instant Messaging Scanning Service

March 27th, 2006

By Cara Garretson, Network World, 03/20/06

“Web security company ScanSafe this week plans to announce a new service aimed at protecting instant-messaging channels from viruses, spam, and other threats, as well as enforcing policies across this increasingly popular communications mechanism.”

Read the rest of the article 

Listen to our Podcasts –> add to my PodNova

Free security training modules available at


Ransomware Password Revealed

March 27th, 2006

A trojan horse virus is spreading across the Internet that encrypts Word documents, spreadsheets, and databases.  It then leaves a file demanding $300 in return for the password necessary to decrypt the ransomed files.  However, Technicians at Sophos have extracted the password (yes, it looks like a path name):

C:\Program Files\Microsoft \Visual Studio\VC8

This kind of attack seems to be growing.  So keep those anti-virus and firewall programs up-to-date.


Author:  Tom Olzak

Listen to our Podcasts –> add to my PodNova

Free training modules available at



User Awareness Alert: IE Exploit Strikes, Installs Spyware

March 25th, 2006

“The unpatched CreateTextRange vulnerability in Internet Explorer is already being used by at least one Web site to install spyware on users’ machines, a security organization said Friday.

“‘We just received a report that a particular site uses the vulnerability to install a spybot variant,’ the SANS Institute’s Internet Storm Center (ISC) warned Friday in an alert. ‘It is a minor site with insignificant visitor numbers according to Netcraft’s ‘Site rank.’”

 Read the whole Story


Listen to our Podcasts –> add to my PodNova

Free security training available at


Writely: A great product with questionable security

March 17th, 2006

For those of you not familiar with Writely, it’s an online beta word processing service that provides the following services:

  1. Create documents online
  2. Upload documents from Word
  3. Publish to the web
  4. Post to your blog
  5. Participate in online collaboration with people you specify

Yes, it’s a great product with fantastic potential.  And now that Google has purchased the company, Upstartle, things could get very interesting.  There is just one catch; there are no safeguards to protect the content of documents during editing or viewing.

On February 27, 2006, in the Writely blog, Jen, an employee of Upstartle, responded to a thread in which users questioned why SSL protection was not provided. 

 [QUOTE=Jen]OK, now I have to reply ;-}

We don’t have SSL definitively planned as part of a premium service, although that’s certainly possible. SSL will definitely slow the service down, which is why we would likely not make it the default in the basic service. Yes, I know this response is vague, but it’s only because our plans are not final![/QUOTE]

As I posted to the Writely blog, it’s irresponsible for an organization to provide a tool like this without any apparent regard for safeguarding the activities of its users.  I hope that Google takes a different approach with this innovative and, in my opinion, much needed service.

 Author:  Tom Olzak

Listen to our Podcasts –> add to my PodNova

Free security training available at


DNS Cache Poisoning: Definition and Prevention

March 16th, 2006

The Internet would grind to a halt – would not be possible – without a Domain Name System (DNS).  As you’ll see in this paper, the proper operation of DNS is fundamental to the maintenance and distribution of the addresses for the vast number of nodes around the globe.  So it would be too much to hope for crackers (malicious hackers) to ignore DNS as they continuously look for new ways to circumvent your security.  There are several facets to DNS security. 

In this paper we focus on one of the most dangerous types of attack – DNS cache poisoning.  To provide a complete picture of this threat, we’ll explore how DNS works, two ways crackers facilitate cache poisoning, what impact this type of attack can have on your organization, and steps you can take to protect your information assets.

Download this paper

Author:  Tom Olzak 

Listen to our Podcasts –> add to my PodNova

Free security training available at


User Awareness Alert: Open source digital signatures might be vulnerable

March 13th, 2006

“A pair of security bugs in cryptography software could allow an attacker to insert content into a digitally signed message or forge signatures on files.

“The flaws lie in the open-source GNU Privacy Guard software, also known as GnuPG and GPG, the GnuPG group said in two alerts. The software, a free replacement for the Pretty Good Privacy cryptographic technology, ships with many open-source operating systems such as FreeBSD, OpenBSD and many Linux distributions” (By Joris Evers, CNET Published on ZDNet News: March 10, 2006, 2:38 PM PT).

Read the rest of the article

Listen to our podcasts –> add to my PodNova

Free Security Training available at