There has been a large amount of security information and recent attacks posted in the media. We have Mandiant’s report on China as well as several issues concerning Java. The pure volume of information over the past year has made it difficult to keep up without a combination sources. As a result InfoSecAlways has done a few modifications to the site. Please check out the new “Security Feeds” in the right column (4th Block Down). This is a combination of about 20 different security RSS feeds piping into the blog now. You can check the site daily to get the latest news and updates in the industry.
Also, check out the links page as there are several new Threat and Vulnerability links added. These are great if you are looking for specific attacks, breaches, or threats.
So it appears Gartner has something to say about MAC security too.Here is an interesting article building on the MAC security issue.It’s just a matter of time before a major attack happens that hits the MAC platform.Another interesting tidbit is that the article points out that “Mac’s generally have to be patched one at a time”.Don’t get me wrong using both Macs and PCs can be good if the overall strategy supports security, but the key here is not to have a false sense of security.
An article was recently published about the Army adding Macs to improve security. Although diversifying vendors will usually make you more secure if used to support a defense-in-depth strategy, the context of the article supports a lack of knowledge or evidence to support the statements made on the Army’s part.
There is one particular statement that is worrisome whereas the Army security spokesperson has been quoted “Apple’s version of Unix is inherently more secure than Windows”. Now I don’t claim to know all the facts but if you look at the links provided below the Mac OSx falls behind in 2007 and in the year 2004 has less advisories, but remains equally comparative percentage wise in regards to the number of critical vulnerabilities.
Fortunately the article has a counter argument by Charlie Miller at the end supporting the fact that the Army needs to step it up with more than Macs when it comes to security strategy. He comments about Mac being “behind the curve in security”. Also has a great reference stating “In the story of the three little pigs, did diversifying their defenses help? Not for the pig in the straw house.” On the other hand diversifying is good if you use one product to back up the function of another project in the event one fails. So even though the pigs straw house was destroyed if that third pig could get to the brick house it would still survive.
On strategic risk assessments not testing the anti-virus signatures before being deployed should be considered a vulnerability. Many of my customers believe this is ridiculous and not practical, however I report it anyway. Whatever the case, the organization has the decision to accept the risk, as I am only there to point it out. There is a great example published where a routine update caused serious problems forcing customers to have to re-install the operating system.
Its about time! Foundstone Professional Services has been added to the Avert Labs research blog. So now the makers of all the free hacking tools are accessible online. Check it out there are already some great posts.