My Top 5 exploits of interest from the past weeks (July 29-Aug 6)
Here are my top five publicized exploits and vulnerabilities that have been in the news over the past week and a half.
Here are my top five publicized exploits and vulnerabilities that have been in the news over the past week and a half.
If your enterprise is running Microsoft XP with Service Pack 2, then I’ve got news for you: It’s now reached its end of support as of July 13, 2010.What does this actually mean? If you require a critical patch for your systems that are running XP SP2, you won’t be able to obtain one.
As you’re probably well aware, there has been a lot of news over the past month regarding a new Malware that is impacting Siemens WinCC SCADA systems. The Malware is known as Stuxnet. Looking closer at this Malware, there are really three key vulnerabilities that are exposed.
In Part I, I provided some background information on the OSI layer, some of the protocols and on security. In Part II, I’ll be discussing the different network security protocols: IPsec, TLS/SSL and SSH.
As an IT security professional, one of the areas where I gained a significant amount of knowledge and experience in is network security. Working for a telecommunications company, it’s pretty much a given that if you are working in security, you are dealing with network security protocols such as IPsec, SSL/TLS and SSH. I started off primarily working with IPsec and eventually was exposed to TLS and finally, SSH. One of the real issues that I first encountered was differentiating between these network security protocols. It took me time to be able to understand and explain the following:
“What is the difference between these network security protocols?”
“Which one shall I use?”