Making Intelligence Actionable: Part 2
In addition to making malware and vulnerability intelligence actionable for the system administrator, there is also the problem of making intelligence actionable to victims and law enforcement. >
There are three different players in this scenario: the researcher, the victim, and the law enforcer.
This is nice and simple, right? Except that there are limitations in how these three players are allowed to communicate and cooperate. Researchers can only talk to law enforcers on a “intelligence only” basis. Law enforcers can’t build cases without victims. Victims don’t always know that they’re victims or that their case, when added to others’ can actually have an impact.
There are a few forums that attempt to link these three groups. They still need some development.
If you’re a home-user or small business, consider reporting to the Internet Crime Complaint Center (http://www.ic3.gov.) If you are a larger organization consider joining one of these information-sharing forums.
Day 30 - Applying Patches and Updates
Today's topic revolves around applying patches and updates as a response measure.
My first personal comment is that patching and updating is really a Preparation step and helps avoid incidents in the first place. But we all already knew that. :-) I'm interested in how your patching and updating process differs when you've had an incident before patches become available.
Reader comments to follow...
Chris: wants to remind us about Secunia's PSI inspector. I should also point out that we musn't forget the home-user scaled incident response.
Anonymous: wants to remind us to disable an unpatched service until the patche become available-- especially in the dreaded "zero day" scenario with exploits ongoing and patches still being developed/tested.
Opera 9.62 available - security update
Eagle-eyed reader Juha-Matti reports that Opera has released a security update to 9.62: http://www.opera.com/docs/changelogs/windows/962/
This update addresses the following issues:
Advisory: History Search can be used to execute arbitrary code: http://www.opera.com/support/search/view/906/
Advisory: The links panel can allow cross-site scripting: http://www.opera.com/support/search/view/907/
The latest version is available here: http://www.opera.com/download/
Vista updates (KB957200 and KB953155)
A few readers are writing in to ask about two recent updates appearing in their queue: KB957200 and KB953155.
KB957200 is listed as a reliability update and according to Microsoft: "this update resolves some performance and reliability issues in Windows Vista. By applying this update, you can achieve better performance and responsiveness in various scenarios. After you install this item, you may have to restart your computer."
KB953155 is a security update related to MS08-062 (not -067 as I previously wrote- thank's t.)
Comments
www
Nov 17th 2022
6 months ago
EEW
Nov 17th 2022
6 months ago
qwq
Nov 17th 2022
6 months ago
mashood
Nov 17th 2022
6 months ago
isc.sans.edu
Nov 23rd 2022
6 months ago
isc.sans.edu
Nov 23rd 2022
6 months ago
isc.sans.edu
Dec 3rd 2022
6 months ago
isc.sans.edu
Dec 3rd 2022
6 months ago
<a hreaf="https://technolytical.com/">the social network</a> is described as follows because they respect your privacy and keep your data secure. The social networks are not interested in collecting data about you. They don't care about what you're doing, or what you like. They don't want to know who you talk to, or where you go.
<a hreaf="https://technolytical.com/">the social network</a> is not interested in collecting data about you. They don't care about what you're doing, or what you like. They don't want to know who you talk to, or where you go. The social networks only collect the minimum amount of information required for the service that they provide. Your personal information is kept private, and is never shared with other companies without your permission
isc.sans.edu
Dec 26th 2022
5 months ago
isc.sans.edu
Dec 26th 2022
5 months ago