Watering hole attack prevention

Watering hole attack prevention

A watering hole attack is an indirect attack on a victim. Rather than directly attacking the victim’s network, the attacker attacks a web site that the victim’s employees are likely to visit. Then the attacker attacks the victim’s network, via its own workstations, from that web site. A former colleague asked me how you protect against watering hole attacks, and I thought this was a good exercise. So here are some strategies for watering hole attack prevention.

Read more

Unchecky is another tool to help with staying out of trouble with malware

I found a mention of a tool called Unchecky as a minor point in a story about something else entirely. Unchecky helps to solve the problem with downloaded programs including a bunch of extra junk you don’t want.

I won’t be running it myself. But the next time I fix a computer, I’ll probably install it on that one.

Read more

Why every breach is different

I’ve grown used to being asked what unpatched vulnerability was used in the most recent breach, in an effort to make sure some other company is protected.

I appreciate the desire to learn from other companies’ mistakes and not repeat them. But there are several reasons why the answer to that question is complicated, and not necessarily helpful.

Read more

Time to update Flash again. This is a big one.

There’s an exploit in Flash, on all platforms, being actively exploited in the wild. Adobe rushed out an update. See more at Ars Technica. It allows remote code execution, so this one is as bad as it gets.

Installing EMET is a potential mitigation against Flash exploits, so if you’re running Windows, protecting Flash with EMET is an extremely good idea. Uninstalling Flash is an even better idea, but I don’t think HTML5 is quite ready to replace this scourge of computing security just yet.

I noticed that Secunia PSI automatically updated Flash on all of my machines, which was nice.

See, security doesn’t have to be painful.

 

WordPress Appliance - Powered by TurnKey Linux