Information Security and Network Awareness

Hurricane Labs

Subscribe to Hurricane Labs: eMailAlertsEmail Alerts
Get Hurricane Labs via: homepageHomepage mobileMobile rssRSS facebookFacebook twitterTwitter linkedinLinkedIn

Top Stories by Hurricane Labs

I recently wrote a couple of to-be-published articles basically laying out all the reasons why we as security professionals should not be running away from so-called "new" technology. Essentially I am asking that we take the time to really understand what's so new about this stuff. SmartPhones, the "cloud", etc these are all repackaged versions of old technology. We're terrified of them because we think we don't understand them. The sad part is, we don't. We seem to be under the impression that all new technology is bad and inherently insecure, it isn't. It's not any more insecure than the stuff we have now. We need to consider what we sound like to users when we run around screaming how terrible the stuff they want is when we can't secure the stuff we think is okay to deploy. The truth is the new technology is no more vulnerable to attack than the systems we "bles... (more)

Hurricane Beacon 2011-01-31

----------------------------------Daily News 2011-01-31---------------------------------- ----------------CRITICAL----------------Google Chrome .replace DOS- [http://www.exploit-db.com/exploits/16079] IE MHTML XSS- [http://www.exploit-db.com/exploits/16071] Adobe ColdFusion- [http://seclists.org/fulldisclosure/2011/Jan/534] VLC Media Player- [http://www.videolan.org/security/sa1102.html] -----------------SECURITY-----------------Amazon Unlimited Streaming Video- [http://www.engadget.com/2011/01/29/amazon-rolling-out-netflix-like-video-streaming-for-prime-subscr] Open a Locked Suitcase- ... (more)

When the Cloud Breaks

By Bill Mathews This is the follow up to my award-winning post “Why the Cloud Matters” (okay so it hasn’t won any awards yet but it did win some enemies). This post is dedicated to all the DMs I received via Twitter (runs on the cloud) about that article. Many folks seemed to think that I was singing the cloud’s praises and speaking nothing of its many faults. This is patently untrue. As anyone who knows me will tell you, I pretty much dislike almost everything and find fault in nearly everything – the cloud is no different. A lot of applications in the cloud have many, many is... (more)

No Firewall, No Problem?

No Firewall, No Problem? By: Matt Yonchak In one of the more short-sighted, narrow-minded, and just downright inane articles that I’ve read in quite sometime Roger Grimes told us all about “Why you don’t need a firewall.“ His premise is that exploits and attacks are developing at a level as to surpass the capabilities of a conventional firewall and that firewalls aren’t used properly so why bother. We’ve all heard that before and I won’t even get into the muddled waters of the next-generation firewall concept, though I could. The worse part about the idea of the firewall being ... (more)

Why You DO Need a Firewall

Why You DO Need a Firewall By: Tom Kopchak This week, our office came across an article by Roger A. Grimes entitled “Why you don’t need a firewall”. As a security professional working for a company whose responsibilities include firewall management, I found the article to be extremely shortsighted, and borderline offensive. Normally, I’d encourage you to read the article in question, but your time is most certainly better spent doing nearly anything else. I would highly recommend learning home dentistry as a suitable alternative activity. Grimes argues that firewalls are becoming... (more)