|
Description:
|
|
Welcome to the Tenable Network Security Podcast - Episode 67
Hosts: Paul Asadoorian, Product Evangelist, Carlos Perez Lead Vulnerability Researcher
Announcements
Stories
- Shmoocon Preview - Twice the Mobile (in)Security - The trend has been heating up for a while now, and its just about ready to boil over and send people screaming, panic stricken, as attackers take hold of their mobile devices. I believe Google's Android and Apple's iPhone have put the "smartphone" front and center in our lives as the most popular piece of technology we use in our everyday lives. For the attackers and the security community alike, this means we must find ways to hack it. The motives are of course different, the security community wants a safer place, and the attackers want to profit.
- Getting Started With Corporate iPad and iPhone Mobile Security - This is a great list of features in iOS that can really help you get a hold on the i in your environment. iOS supports remote wiping, AES encryption of the phone backups, and offers control on firmware updating and application installation and updates. Your organization must have a mobile computing policy and be
- Who's Who Of Bad Password Policies - It should come as no surprise, but many web sites do not do a good job of implementing good password policies. We're often so quick to blame the user, but many popular sites do not require SSL, allow special characters, limit length, and more. One site even displayed your password in clear-text on the web site!
- Apple Appoints David Rice as CSO - This is great news for Apple, its been a long time coming too. Apple really needs to step up its game when it comes to security. Random security updates, insecure architecture in OS X, and more have contributed to a ticking time bomb. As they gain market share, these issues will become important. David is a great great, extremely knowledgeable about information and software security, and may be just what Apple needs to improve its security posture.
- Brute Force Safe Cracking - I find that security leaks its way into almost every conversation, oh wait, maybe thats just me. In any case, someone made a robot that will try everyone possible combination on a safe. While thats great, most thieves know that if you can flip the safe over and hit the bottom with a sledge hammer, you win. Also, the doors on safes are typically really hard to break through, but the sides are sometimes flimsy and easy to cut through with the right tools. Of course, there is something to be said for getting into the safe and leaving to trace behind that you were even there.
- Nessus Plugin: HP OpenView Network Node Manager Remote Execution of Arbitrary Code - If you run HP Node Manager, use this plugin. If you think that you may have Node Manager installed somewhere, use this plugin. If you run a network, use this plugin to scan the network and look for instances of Node Manager! This vulnerability, well several actually, manifests itself as a command injection vulnerability in software that does not require authentication by default, and could lead to attackers gaining control of a system that manages the network. Just a bad combination!
Download Tenable Podcast Episode 67 |
.png)
More
Religion & Spirituality
Education
Arts and Design
Health
Fashion & Beauty
Government & Organizations
Kids & family
Music
News & Politics
Science & Medicine
Society & Culture
Sports & Recreation
TV & Film
Technology
Philosophy
Storytelling
Horror and Paranomal
True Crime
Leisure
Travel
Fiction
Crypto
Marketing
History
Comedy
Arts
Games & Hobbies
Business
Motivation