CoreTrace WhiteSpace

The Application Whitelisting and Security Weblog

Microsoft prepares for biggest patch Tuesday Ever – Endpoint security has never been worse

October 12, 2009 at 5:04 pm, by Toney Jennings

Microsoft prepares for largest patch tuesday everTomorrow Microsoft will release an operating system patch that represents the largest number of system fixes in Microsoft history. PCWorld gave the details in a post updated yesterday:

Microsoft says it will deliver its largest-ever number of security updates on Tuesday to fix flaws in every version of Windows, as well as Internet Explorer (IE), Office, SQL Server, important developer tools and the enterprise-grade Forefront Security client software. Continue reading this post…

Top Endpoint Security Stories – September 2009

October 6, 2009 at 7:56 am, by Toney Jennings

Last month I kicked off a post focusing on the top endpoint security stories in the past month. This month brought a number of endpoint security events ranging from the latest Microsoft zero-day vulnerabilities without a fix to botnet and phishing news. The theme of the month is that both individuals and corporations are simply losing the battle against online criminals when it comes to desktop security.

  • Sept 1, 2009 – IIS FTP flaw announced with exploit code
    Microsoft kicked off the month by confirming the publication of exploit code for the IIS FTP vulnerability that could allow remote code execution on affected systems. The vulnerability affected systems running the IIS web server and was particular dangerous to FTP servers that had anonymous accounts for uploads. Continue reading this post…

Observations from IANS ‘09 Information Security Forum – Day 1

October 1, 2009 at 6:20 am, by JT Keating

I’m here this week in Boston, MA attending the IANS 2009 New England Information Security Forum. It’s a great, interactive conference of security professionals sharing their experiences and observations of the current environment for enterprise security. Here are my thoughts from Wednesday’s sessions.

The IANS founders kicked things off with some into “keynote” observations.

  • Signs of economic recovery may bode well in the fight against crimeware. According to the founders (I am not sure I completely agree yet) economic indicators (using the Dow and NASDAQ) show that we are back to where we were this time last year. The founders made a point that a tough economy is correlated to an increase in crimeware. Continue reading this post…

A look at application whitelisting in control systems on Digital Bond

September 21, 2009 at 3:52 pm, by JT Keating

Jason Holcomb, from Digital Bond, recently attended a live implementation of CoreTrace’s award-winning BOUNCER application whitelisting product. He has a great post about his impressions on whitelisting in general, as well as his experience using BOUNCER on a control system server. His reaction?

“My overall impression: this is an elegant and effective solution to some of the security challenges we face with Windows servers and workstations in control systems.”

Jason hits on many of the reasons why application whitelisting has been so popular in the energy industry and why, more than ever, it is being used to protect critical SCADA and DCS systems as well as met NERC CIP requirements. Continue reading this post…

Power Grid Security Critically Important – Reactive Security Won’t Cut It

September 17, 2009 at 10:18 am, by Toney Jennings

The U.S. Department of Homeland Security takes the security of our power grid seriously and with good reason. A disruption to our power distribution systems could have devastating effects for our citizens, businesses and our economy. That is the driver behind the North American Electric Reliability Corporation (NERC) Critical Infrastructure Protection (CIP) regulations; keeping our national power grids safe.

Yesterday came the latest report of how fragile our power infrastructure can be. Continue reading this post…