Virtualization provides extraordinary benefits to organizations of all sizes. By moving multiple workloads into one physical server, companies have been able to optimize the usage of their data center infrastructure, minimize procurement and operational costs, and increase the overall efficiency of their operations. The growing number of organizations migrating mission-critical workloads to virtual environments has created a critical need to evolve infrastructure security to include these hybrid environments.
The hacker group Anonymous has been in the news recently for a variety of reasons, including WikiLeaks, the HBGary breach, and other things. One recent item was a relatively high-profile defection from the organization, the departure of SparkyBlaze for a variety of reasons, including being “fed up with anon putting people’s data online and then claiming to be the big heroes.”
I run the @CiscoSecurity Twitter feed, so I spend a lot of time on Twitter, and saw that @SparkyBlaze was an active user, so I pinged him with a DM in an effort to get his side of the story. I also wanted to get a glimpse into things on the other side – it is probably in the best interest of everyone in the security industry to have a better understanding of Anonymous and others in the underground hacker community. While the human factors were of some interest, I was also really curious about his take on the state of corporate security and wanted to see what he had in the way of concrete recommendations for organizations wanting to prevent breaches and break-ins.
Some might ask, are we giving an illegal hacker a platform? I would say, no. Sparky himself says it very clearly: “Stay away from black hat hacking. White hat hacking is a lot more fun, you get paid for it, it is legal. A conviction for hacking and leaking a database will affect you for the rest of your life.”
Recently sample code was posted publicly that exploits a denial of service vulnerability in the Apache HTTP Server. This particular vulnerability is receiving considerable industry attention given the popularity of Apache httpd and amid reports that exploitation has been seen in the wild. This vulnerability has been assigned CVE ID CVE-2011-3192 and currently scores a 7.8/6.3 using CVSS.
By combining inefficiencies inside the web server software with a protocol design peculiarity, an attacker could consume substantial server CPU and memory by issuing requests that contain many overlapping Range or Request-Range values. Successful exploitation would consume server resources to the point of starving those needed to field legitimate requests from other users.
This blog was originally published here.
I recently had the good fortune of having dinner with the chief security officers (CSOs) from five major healthcare providers. The CSOs weren’t shy about what was plaguing them.
The biggest headache? Managing consumer devices. Doctors love their iPads and want to use them for work. (It must be the form factor-a next-gen version of the metal-covered chart ubiquitous on medical drama TV shows.) The real life numbers tell the same story. According to Manhattan Research, a healthcare market research firm, just one year after the iPad hit the market, 30 percent of U.S. physicians had adopted the device and an additional 28 percent plan to purchase an iPad within the next six months.
Today, more than ever, an increasing number of Cisco employees and its extended workforce are connecting to Cisco’s corporate network using their devices of choice. The speed by which these devices are joining the network is not only staggering, but also significantly impacting the IT and security organizations’ approach to protecting the information assets and the services we deliver. The Apple iPad, as a prime example, actually appeared on the Cisco network the day before the technology was released to the general public, showing that IT and security professionals need to be aware, prepared, and nimble enough to keep pace with the speed of today’s innovation and change.