Tagged: diary-archives

Thumbnail 0

sed and awk will always rock, (Sun, May 18th)

Fresh off our discussion regarding PowerShell, now for something completely different. In order to bring balance to the force I felt I should share with you my recent use of sed , “the ultimate s tream ed itor” and awk , “an extremely versatile programming language for working on files” to solve one of fourteen challenges in a recent CTF exercise I participated in. The challenge included only a legitimate bitmap file (BMP) that had been modified via least siginficant bit (LSB) steganography and the following details

Apple Update for CVE 2014-1347, (Sat, May 17th) 0

Apple Update for CVE 2014-1347, (Sat, May 17th)

Apple has released an update to address CVE 2014-1347 (1) for iTunes which addresses a specific vulnerability in the permissions of files and folders of the system.  This vulnerability address a sitution, where “upon each reboot, the permissions for the /Users and /Users/Shared directories would be set to world-writable, allowing modification of these directories. This issue was addressed with improved permission handling”.  As always, please ensure that all changes are tested and deployed in compliance with enterprise change management standards :) (1)http://support.apple.com/kb/TS5434 tony d0t carothers –gmail (c) SANS Internet Storm Center

Heartbleed, IE Zero Days, Firefox vulnerabilities – What’s a System Administrator to do?, (Fri, May 9th) 0

Heartbleed, IE Zero Days, Firefox vulnerabilities – What’s a System Administrator to do?, (Fri, May 9th)

With the recent headlines, we’ve seen heartbleed (which was not exclusive to Linux, but was predominately there), an IE zero day that had folks over-reacting with headlines of “stop using IE”, but Firefox and Safari vulnerabilities where not that far back in the news either. So what is “safe”?  And as an System Administrator or CSO  what should you be doing to protect your organization? It’s great to say “Defense in Depth” and “The 20 Critical Controls”, but that’s easy to say and not so easy to do when you are faced with a zero day in the browser that your business application must have to run.  What can you do that’s quick and easy, that offers some concrete protection for your community of 20, 200, 2,000 or 20,000 workstations?