- Innovation, regulation and research on tap at RSA 2008
- Researchers uncover 100 VoIP vulnerabilities
- Badware not pushing users offline
- Web attacks won't stop
- Most sites still hack-able
- Tips on employee monitoring
- Research: IT security maturing, but misaligned
- Clarke sharply criticizes Bush cyber-security plans
- Conference seeks to bridge risk, research
- Core finds new CEO
August 28, 2005 | Comments: (0)
Admonishing security vendors
Last month I had a chance to have a chat with hackers beetle and Bruce Potter of the self described "non-profit think-tank" Shmoo Group at the DefCon Conference in Las Vegas. If you're not familiar with the Shmoo Group, they're a cadre of guys who take a close look at security issues and present what they find to the security community -- and these guys are definitely passionate about security.
During the Shmoo presentation at this year's DefCon, Cazz, a member of the group, presented an interesting segment on exploiting the exploiters. Cazz showed several vulnerabilities in security software, including the popular open source Wi-Fi software, Kismet, where he talked about three remotely exploitable vulnerabilities and also showed ways to evade the popular Metasploit and Canvas attack and penetration toolkits.
Looks like Roger A. Grimes is expanding that discussion in this week's InfoWorld, and I couldn't agree with him more. If you haven't read his security column, now is your chance to see him take enterprise security vendors with poor security practices to task.
Posted by Victor R. Garza on August 28, 2005 04:41 PM
RATE THIS ARTICLE:
-
- COMMENTS
| ZERO DAY PODCAST |
| Listen to the latest podcast: |
MP3
•
•
•
Archive
•
![[VoiceIndigo Mobilize - Listen to podcasts on your mobile phone]](http://www.voiceindigo.com/ht/images/mobilize_logo_sm.gif){kind=logo}
|
TOP STORIES
Top 10 stories of the weekA new place to hide rootkits
Sun exec on OpenSolaris, Linux
AT&T: No free iPhone Wi-Fi info
MS to appeal E.U. fine
XP SP3 causes endless reboots
Vista as insecure as Win 2000
Google grilled on human rights
Java ubiquity an edge in RIA battle
The InfoWorld news quiz
ADDITIONAL RESOURCES
- Virtualization: A Step by Step Approach to Success
- Dialing up Agility with Business Transformation
- 5 Things You Need to Know About Storage Virtualization
- Virtual Test Lab Automation: Manage development infrastructure
- Improve Resource Utilization and Lower Operating Costs
- Protect Your Data with SSL
