- TraceSecurity talks about physically breaking into banks
- Cisco's new ASA 5505 and 5550
- Cisco talks about NAC 4.0 Appliance
- LifeLock proactively stops theft
- Deloitte expands on security survey
- Privaris' integrated authentication solution
- Sun tackles SOA security
- Cymphonix podcast on the Network Composer
- Protegrity podcast on AIG data breach
- Microsoft Antigen Podcast
April 26, 2007 | Comments: (0)
TraceSecurity talks about physically breaking into banks
In today's cast I had a chance to catch up with Jim Stickley, CTO, Vice President of Engineering, & Co-Founder at TraceSecurity, to discuss physically breaking into his one thousandth bank.
We talk about how TraceSecurity physically breaks into banks, financial institutions and other organizations. While Jim is always successful in the compromise of a target's data (except for maybe one), we talk about the best ways to protect your organization from professionals as well as opportunistic data thieves.
Listen to the interview with TraceSecurity now. 
LISTEN!
Posted by Victor R. Garza on April 26, 2007 10:33 AM
July 11, 2006 | Comments: (0)
In today's cast I had a chance to catch up with Tom Russell, Senior Director of the Security Technology Group at Cisco, to discuss new product announcements in the ASA product line.
In our talk we take a look at the newly released ASA 5505 and ASA 5550 from Cisco, and see how these new technology integrate with your remote and local infrastructure.
Check out the accompanying presentation here.
Listen to the interview with Cisco now. LISTEN!
Posted by Victor R. Garza on July 11, 2006 11:28 AM
July 10, 2006 | Comments: (0)
Cisco talks about NAC 4.0 Appliance
In today's cast I had a chance to catch up with Rohit Khetrapal, Director of the Clean Access division at Cisco to discuss a new network access control announcement.
In our talk we take a look at the newly released NAC 4.0 Appliance from Cisco, and how this new technology integrates with your infrastructure better than technologies from other vendors, at least if you've got a Cisco-based infrastructure, and maybe even if you don't.
Check out the accompanying PowerPoint here.
Listen to the interview with Cisco now. LISTEN!
Posted by Victor R. Garza on July 10, 2006 09:22 AM
June 30, 2006 | Comments: (0)
LifeLock proactively stops theft
In today's cast I had a chance to catch up with Todd Davis, CEO of LifeLock to discuss a way of stopping identity theft and fraud proactively.
In our short talk we discuss how LifeLock works and how it can save companies from employee productivity loss by preventing identity theft, and how lifelock backs up that claim with a million dollar guarantee.
Listen to the interview with LifeLock now. LISTEN!
Posted by Victor R. Garza on June 30, 2006 04:05 AM
June 29, 2006 | Comments: (0)
Deloitte expands on security survey
In today's cast I had a chance to catch up with Brain Geffert, partner at Deloitte and Touche, to talk about their recently released security survey, which I've included here.
The survey touches on a variety of topics and we talk about a number of them, including the security issues that you should be watching out for, even if you think you've got your infrastructure nailed down.
Listen to the interview with Deloitte now. LISTEN!
Posted by Victor R. Garza on June 29, 2006 03:48 AM
June 27, 2006 | Comments: (0)
Privaris' integrated authentication solution
In today's cast I had a chance to catch up with Barry Johnson, CEO of Privaris to discuss a new biometric device.
The Privaris plusID literally opens several types of doors, all with a push of a button and a swipe of a finger. This single personal authentication device allows an authenticated user access to multiple physical sites, computers and networks.
Follow along with the presentation here.
Listen to the interview with Privaris now. LISTEN!
Posted by Victor R. Garza on June 27, 2006 03:16 AM
June 26, 2006 | Comments: (0)
In today's cast I had a chance to catch up with Ross Altman, CTO for Business Integration Platforms at Sun and we have a leisurely conversation regarding Service Oriented Architecture or SOA security.
In our twenty minute conversation we discuss the fact that SOA security touches almost every part of your web infrastructure and what you don't know about SOA security can hurt you.
Listen to the interview with Sun now. LISTEN!
Posted by Victor R. Garza on June 26, 2006 03:50 AM
June 23, 2006 | Comments: (0)
Cymphonix podcast on the Network Composer
In today's cast I had a chance to catch up with Joe Lowry, a marketing engineer for Cymphonix. In our fifteen minute conversation we talk about the Cymphonix smart gateway appliance with layer 7 packet scanning.
You can follow along with my demo by going to their site to take a look at traffic from users, applications, and threats.
Listen to the interview with Cymphonix now. LISTEN!
Posted by Victor R. Garza on June 23, 2006 03:27 AM
June 22, 2006 | Comments: (0)
Protegrity podcast on AIG data breach
In today's cast I had a chance to catch up with Gordon Rapkin, CEO of Protegrity to discuss the recent AIG data breach and loss.
Gordon believes this type of data loss won't stop happening until a cultural shift occurs, and I tend to agree with him. Listen to this fifteen minute podcast to find out how I'm losing brain cells every time this kind of an event happens and how he's saving his.
Listen to the interview with Protegrity now. LISTEN!
In case you haven't heard:Insurance giant American International Group said it has lost personal identifying information on about 970,000 consumers through a burglary at an undisclosed office in the Midwest.
The insurer said the break-in occurred March 31 and that it alerted police to the loss of a laptop computer and a file server with insurance applicants' personal records. But the company acknowledged that it has not yet alerted consumers about their possible vulnerability to identity thieves. AIG said it plans to mail out advisories to the affected consumers by the end of this week.
Posted by Victor R. Garza on June 22, 2006 04:48 AM
June 20, 2006 | Comments: (0)
In today's cast I had a chance to catch up with Peter Eicher, Senior Product Manager from Microsoft to discuss Microsoft's newly released Antigen for Exchange, Antigen for SMTP Gateways, and Antigen Spam Manager.
In our thirty minute discussion we go over how these products can protect your enterprise from viruses using several simultaneous anti virus engines, and also protect against worms, spam, and inappropriate content.
Listen to the interview with Microsoft now. LISTEN!
The presentation can be found here.
Posted by Victor R. Garza on June 20, 2006 05:07 AM
June 07, 2006 | Comments: (0)
Symantec surveys the landscape
I had a conversation recently with Symantec's CTO Ajei Gopal at Symantec Vision in San Francisco to discuss the current threat landscape and find out what's on this CTO's mind.
Ajai talks about how the threats we deal with on a day to day basis have evolved from simplistic, graffiti type attacks to more sophisticated vectors from a different user base altogether.
Listen to the interview with Symantec now. LISTEN!
Posted by Victor R. Garza on June 7, 2006 06:45 PM
May 25, 2006 | Comments: (0)
A conversation on ISO 27001 and what it could mean to you
I took a call recently with Ken Peterson, President and CEO of Churchill & Harriman, to discuss his experiences helping customers implement ISO 27001.
Ken founded Churchill & Harriman in 1982, and the company helps clients develop and implement controls and procedures that identify, value, and mitigate business risk.
Listen to the interview with Churchill & Harriman now. LISTEN!
According to Churchill & Harriman, here are some of the benefits realized by ISO 27001:2005 certified organizations:
- Holistic, risked-based approach to security, privacy and compliance
- Provides a common framework for addressing legislative, regulatory and contractual compliance - Corporate Governance
- Demonstrates credibility, creates trust, improves satisfaction and confidence of stakeholders, partners, citizens and customers
- Demonstrates information security capability according to internationally accepted best practices
- Creates market differentiation due to prestige, image and external goodwill
- Reduces liability risk; demonstrates due diligence; lowers rates on cyber risk insurance premiums
- Demonstrates Certifiable, Proven, Defensible, Cost-Effective, Recognition of Best Practices
- Demonstrates due diligence by maintaining certification through semi-annual 3rd Party surveillance visits
- Reduced cost and business disruption from client risk assessments
- Assures policies & procedures are in accordance with internationally recognized criteria, structure and methodology
- Provides your organization with a continuous protection framework that allows for a flexible, effective, and defensible approach to security and privacy
- Certified Once ... Accepted Globally
Posted by Victor R. Garza on May 25, 2006 07:28 AM
May 19, 2006 | Comments: (0)
I stopped into the JavaOne 2006 conference for a few minutes and had a short conversation with splunk Chief Executive Splunker Michael Baum about splunk's newly released splunk version 2.
Seems like only yesterday that this product was in beta, and now it's already up to version 2. Time flies.
Listen to the interview with splunk now. LISTEN!
Posted by Victor R. Garza on May 19, 2006 06:40 AM
May 07, 2006 | Comments: (0)
LCDR Joseph L. Roth and I have an informal discussion regarding his idea of a wireless extension to Metcalfe's Law. Joe talks about his thesis at the Naval Postgraduate School on mobility and the value of wireless networks.
Listen to the discussion with Roth now. LISTEN!
Posted by Victor R. Garza on May 7, 2006 10:54 AM
May 03, 2006 | Comments: (0)
I was at CardTech/SecurTech 2006 recently and had a meeting with Cryptography Research, a company focused on securing smartcards. I spoke to Kit Rodgers, VP, and Ken Warren, Manager, about smartcard tamper resistance with differential power analysis countermeasures.
Listen to the interview with Cryptography Research now. LISTEN!
Posted by Victor R. Garza on May 3, 2006 02:35 PM
May 02, 2006 | Comments: (0)
I was at CardTech/SecurTech 2006 recently and had a meeting with Anteon, an integrator of government solutions. I spoke to Ray Donahue, VP of Operations at Anteon regarding Anteon's integration and testing of smartcards for Homeland First Responder credentialing, based on the Homeland Security Presidential Directive 12 (HSPD 12). We talk about common credentialing for federal employees and why this type of credentialing is important, and we discuss some recent disaster examples and how credentialing can be used to authenticate individuals in some of those environments.
Listen to the interview with Anteon now. LISTEN!
Posted by Victor R. Garza on May 2, 2006 04:07 PM
April 26, 2006 | Comments: (0)
Internet Security Systems will be announcing a hosted Security Event Manager and log archiving tool at Interop 06.
I spoke with John Wheeler, Director of Global Deployment and Integration for Managed Services from ISS to talk about their new offereing and how it can alleviate your security event log headaches. It seems that ISS will gather up all of your security device logs and present them via the Web as one intellegent web based interface. In addition to presenting your SEM data for slice and dice analysis, they will also store your logs for up to seven years - which can help with event log storage requirements mandated by compliance regulators.
Listen to the interview with ISS now. LISTEN!
Here's the PDF presentation that goes with the audio.
Posted by Victor R. Garza on April 26, 2006 11:51 AM
April 18, 2006 | Comments: (0)
Fujitsu's take on laptop security
I spent a good part of the day at Fujitsu attending a media day at their North America headquarters in Sunnyvale, Ca. Fujitsu announced three new laptops today and all had some interesting new functionality.
One of the laptops that really caught my eye is the ultra light 2.2 pound Q series shown above. Not only do these new laptops have spill-resistant keyboards but they also have several levels of security & encryption.
Features include:
- Fingerprint swipe scanner that doubles as a scroll
- TPM 1.2 support
- Smartcard support
- Pre-boot BIOS support (those four buttons on the left of the keyboard in the photo allow the user to type in their pre-boot security code)
- Dual level hard drive support
- Computrace and LoJack in the BIOS
- Physical lock support
- Hard drive parking accelerometers
Paul Moore from Fujitsu was nice enough to step me through the new security features in these notebooks.
Listen to the interview with Fujitsu now. LISTEN!
Posted by Victor R. Garza on April 18, 2006 05:20 PM
April 03, 2006 | Comments: (0)
PODCAST with BioPassword revisited
Spoke with Mark Upton and Gregory Wood from BioPassword again to talk about their new keyboard authentication solution.
Listen to the interview with BioPassword now. LISTEN!
Posted by Victor R. Garza on April 3, 2006 10:18 AM
March 28, 2006 | Comments: (0)
PODCAST: Wireless Vulnerabilities and Exploits Database
Met with Chris Waters from WVE to talk about wireless vulnerabilities and exploits presented in a fashion similar to Mitre's CVE list.
Listen to the interview with WVE now. LISTEN!
Posted by Victor R. Garza on March 28, 2006 03:05 PM
March 27, 2006 | Comments: (0)
PODCAST on IE and Sendmail vulnerabilities
I just spoke with Alain Sergile, Technical product manager for security content and X-Force R&D over at ISS and we discuss the new IE and Sendmail vulnerabilities.
The Microsoft Internet Explorer CreateTextRange Remote Code Execution Vulnerability is CVE-2006-1359 can cause serious problems if you happen to wander over to a site and get comprimized. There's more info over on the MSRC blog.
As well, Sendmail contains a vulnerability that allows an attacker to remotely compromise a machine running Sendmail. The vulnerability does not require authentication and can be run repeatedly without crashing the parent Sendmail process, leaving organizations and enterprises vulnerable.
Listen to the interview with ISS now. <LISTEN!
Posted by Victor R. Garza on March 27, 2006 01:00 PM
March 24, 2006 | Comments: (0)
Met with Andrew Graydon from Borderware to talk about a variety of security topics and their SIP firewall for VoIP in our twenty minute conversation.
Listen to the interview with Borderware now. LISTEN!
Posted by Victor R. Garza on March 24, 2006 10:12 AM
March 23, 2006 | Comments: (0)
Met with Rod Hodgman from Covergence to talk about their SIP security appliance.
Listen to the interview with Covergence now. LISTEN!
Posted by Victor R. Garza on March 23, 2006 08:55 PM
March 23, 2006 | Comments: (0)
Met with Mike McGowan from Corrent to talk about their security gateway for carrier class networks.
Listen to the interview with Corrent now. LISTEN!
Posted by Victor R. Garza on March 23, 2006 08:42 PM
March 23, 2006 | Comments: (0)
Met with Olle Westerberg from Ingate to talk about their SIP capable VoIP firewalls.
Listen to the interview with Ingate now. LISTEN!
Posted by Victor R. Garza on March 23, 2006 08:30 PM
March 23, 2006 | Comments: (0)
PODCAST from VON - Intrado and Rosum
and 
Met with Robin Erkkila and Jon Metzler from Intrado and Rosum, respectively, to talk about their E911 VoIP solutions.
Listen to the interview with Intrado and Rosum now. LISTEN!
Posted by Victor R. Garza on March 23, 2006 08:16 PM
March 23, 2006 | Comments: (0)
PODCAST from VON - Codenomicon
Met with Ari Takanen from Codenomicon, to talk about their automated security and robustness testing tools for VoIP.
Listen to the interview with Codenomicon now. LISTEN!
Posted by Victor R. Garza on March 23, 2006 07:59 PM
March 23, 2006 | Comments: (0)
PODCAST from VON - Ranch Networks
Met with Ram Ayyakad from Ranch Networks, to talk about their VoIP security solution for the Open Source PBX, Asterisk.
Listen to the interview with Ranch Networks now. LISTEN!
Posted by Victor R. Garza on March 23, 2006 07:49 PM
March 23, 2006 | Comments: (0)
Met with Yaniv Livneh from TeleData, to talk about their biometric voice verification product.
Listen to the interview with TeleData now. LISTEN!
Listen to the process of voice verification with TeleData now. LISTEN!
Posted by Victor R. Garza on March 23, 2006 07:23 PM
March 22, 2006 | Comments: (0)
ZeroDay Malware attack traced from start to (almost) finish
I met with Vlad Gorlick and Jeremy Pickett from Sana Security on the evening of March 21st to discuss their ZeroDay malware discovery. The twenty minute conversation goes into what happened and what was done to try and stop this malicious malware site from gathering any more financial information from unsuspecting individuals.
I've also attached a PDF provided by Sana of the events as they unfolded Monday, Tuesday and Wednesday of this week.
Listen to the interview with Sana now. LISTEN!
Posted by Victor R. Garza on March 22, 2006 03:23 PM
February 21, 2006 | Comments: (0)
POSTCAST from RSA - National Cyber Security Alliance
Met with Ron Teixeira from the National Cyber Security Alliance, to talk about their 2006 Emerging Internet Threat List.
Listen to the interview with National Cyber Security Alliance now. LISTEN!
Posted by Victor R. Garza on February 21, 2006 08:44 AM
February 20, 2006 | Comments: (0)
Met with Michelle Johnson Cobb from McAfee, to talk about their policy enforcement product.
Listen to the interview with McAfee now. LISTEN!
Posted by Victor R. Garza on February 20, 2006 04:34 PM
February 20, 2006 | Comments: (0)
POSTCAST from RSA - 8e6 Technologies
Met with Eric Lundbohm from 8e6 Technologies, to talk about their Web filtering product.
Listen to the interview with 8e6 now. LISTEN!
Posted by Victor R. Garza on February 20, 2006 04:18 PM
February 20, 2006 | Comments: (0)
POSTCAST from RSA - Crossroads
Met with Rob Sims from Crossroads, to talk about their database security product.
Listen to the interview with Crossroads now. LISTEN!
Posted by Victor R. Garza on February 20, 2006 04:10 PM
February 20, 2006 | Comments: (0)
Met with Chris Echelmeier from Webroot, to talk about their free enterprise spyware auditing product.
Listen to the interview with Webroot now. LISTEN!
Posted by Victor R. Garza on February 20, 2006 04:02 PM
February 20, 2006 | Comments: (0)
Met with Dr. Murray Mazer from Lumigent, to talk about their database security product.
Listen to the interview with Lumigent now. LISTEN!
Posted by Victor R. Garza on February 20, 2006 03:54 PM
February 20, 2006 | Comments: (0)
Met with Ken Rutsky from Workshare, to talk about their document security product.
Listen to the interview with Workshare now. LISTEN!
Posted by Victor R. Garza on February 20, 2006 03:48 PM
February 20, 2006 | Comments: (0)
POSTCAST from RSA - Network Intelligence
Met with Sean Armstrong from Network Intelligence, to talk about their data analysis product.
Listen to the interview with Network Intelligence now. LISTEN!
Posted by Victor R. Garza on February 20, 2006 03:42 PM
February 20, 2006 | Comments: (0)
Met with Paul Moroville from Arbor Networks, to talk about Arbor's integration with ISS' product.
Listen to the interview with Arbor Networks now. LISTEN!
Posted by Victor R. Garza on February 20, 2006 03:35 PM
February 19, 2006 | Comments: (0)
Met with Phil Neray from Guardium, to talk about their database security product.
Listen to the interview with Guardium now. LISTEN!
Posted by Victor R. Garza on February 19, 2006 06:35 PM
February 18, 2006 | Comments: (0)
POSTCAST from RSA - High Tower
Met with Dr. Eugene Schultz from High Tower, to talk about their security event manager product.
Listen to the interview with High Tower now. LISTEN!
Posted by Victor R. Garza on February 18, 2006 09:23 AM
February 18, 2006 | Comments: (0)
POSTCAST from RSA - Ounce Labs
Met with Jack Danahy from Ounce Labs, to talk about their automated source code analysis product.
Listen to the interview with Ounce Labs now. LISTEN!
Posted by Victor R. Garza on February 18, 2006 02:34 AM
February 18, 2006 | Comments: (0)
Met with Chris Schwartzbauer from Shavlik, to talk about their patch management solution.
Listen to the interview with Shavlik now. LISTEN!
Posted by Victor R. Garza on February 18, 2006 12:05 AM
February 17, 2006 | Comments: (0)
Met with Marc Boroditsky from Passlogix, to talk about Single Sign On and several other products.
Listen to the interview with Passlogix now. LISTEN!
Posted by Victor R. Garza on February 17, 2006 11:48 PM
February 16, 2006 | Comments: (0)
POSTCAST from RSA - BioPassword
Met with Gregory Wood from BioPassword, to talk about their fraud detection and two-factor authentication device.
Listen to the interview with BioPassword now. LISTEN!
Posted by Victor R. Garza on February 16, 2006 01:47 AM
February 16, 2006 | Comments: (0)
PODCAST From RSA - Mazu Networks
Met with Tom Corn from Mazu Networks, to talk about their network-based anomaly detection product.
Listen to the interview with Mazu Networks now. LISTEN!
Mazu has also recently put out the 2006 Mazu Networks Internal Threat Report, which shows a pronounced growth in the type, frequency, and vector of internal network attacks.
Posted by Victor R. Garza on February 16, 2006 01:40 AM
February 16, 2006 | Comments: (0)
PODCAST from RSA - Beachhead Solutions
Met with Jeffrey W. Asher from Beachhead Solutions, to talk about how they safeguard laptops by using data encryption and data destruction.
Listen to the interview with Beachhead Solutions now. LISTEN!
Posted by Victor R. Garza on February 16, 2006 01:33 AM
February 16, 2006 | Comments: (0)
Met with Peter Scheffler from Route1, the makers of MobiKEY, to talk about their remote virtual desktop product.
Listen to the interview with Route1 now. LISTEN!
Posted by Victor R. Garza on February 16, 2006 01:22 AM
February 16, 2006 | Comments: (0)
Met with J. Chandler Hall from Arxceo, the makers of the Ally product line to talk about their network anti-reconnaissance appliances.
Listen to the interview with Arxceo now. LISTEN!
Posted by Victor R. Garza on February 16, 2006 01:12 AM
February 15, 2006 | Comments: (0)
PODCAST from RSA - Guidance Software
Met with Brian Karney from Guidance Software, the makers of EnCase, to talk about Apple Mac OS X and AIX vulnerabilities.
You can also check out the recent review of the EnCase Enterprise 5 review that printed a little while ago.
Listen to the interview with Guidance now. LISTEN!
Posted by Victor R. Garza on February 15, 2006 09:28 AM
February 15, 2006 | Comments: (0)
PODCAST from RSA - Application Security
Met with Mark R. Trinidad from Application Security, Inc to talk about their database security solution here at the show.
Listen to the interview with Application Security, Inc now. LISTEN!
Posted by Victor R. Garza on February 15, 2006 04:37 AM
February 15, 2006 | Comments: (0)
PODCAST from RSA - iPolicy Networks
Met with Gajraj Singh from iPolicy Networks to talk about their Intrusion Prevention Firewall.
Listen to the interview with Lockdown Networks now. LISTEN!
Posted by Victor R. Garza on February 15, 2006 03:37 AM
February 15, 2006 | Comments: (0)
PODCAST from RSA - Microsoft Security Technology Unit
Met with Mark Griesi from Microsoft about their work with ISPs and how they help protect 200 Million customers every day.
Mark also goes on to discuss worst case senarios and how Microsoft prepares for those types of attacks.
Listen to the interview with Microsoft now. LISTEN!
And congratulations to the MSRC blog making it to the one year mark. Stephen Toulouse from Microsoft let me know that 02/14/06 marked the one year anniversary of his work on the blog.
Posted by Victor R. Garza on February 15, 2006 02:36 AM
February 15, 2006 | Comments: (0)
PODCAST from RSA - Author Dr. Gary McGraw
Met with Gary McGraw from Cigital to talk about his new book from Addison-Wesley titled 'Software Security'
We talk about why he wrote it and why you should read it.
Listen to the interview with Gary McGraw now. LISTEN!
ISBN: 0-321-41870-0
Posted by Victor R. Garza on February 15, 2006 01:35 AM
February 15, 2006 | Comments: (0)
PODCAST from RSA - Extreme Networks
Met with Herb Schneider from Extreme Networks to talk about the reason this switch vendor doesn't think that Network Access Control (NAC) is for them.
Listen to the interview with Extreme Networks now. LISTEN!
Posted by Victor R. Garza on February 15, 2006 12:34 AM
February 14, 2006 | Comments: (0)
PODCAST from RSA - Lockdown Networks
Met with Dan Clark from Lockdown Networks to talk about their network acces control device that I'll be reviewing in the near future.
Listen to the interview with Lockdown Networks now. LISTEN!
Posted by Victor R. Garza on February 14, 2006 03:57 PM
February 13, 2006 | Comments: (0)
Reconnex is out with a new Insider Threat Index
Reconnex, manufacturers of the network scanner iGuard, have come out with a new version of their Insider Threat Index.
Reconnex's appliance recently did very well in a head to head comparison against three other risk monitoring products that we reviewed.
I had a chance to spend some time at Reconnex, pronounced Ree-Con-Ex, recently to talk about their newest Insider Threat Index, out today. Don't mean to depress you on a Monday, but it's all bad news. Is your company vulnerable?
Listen to the interview with Reconnex now. LISTEN!
Later this week I'm going to see if I can swing by the Reconnex Customer Roundtable at RSA to speak with some Reconnex customers including H&R Block, Maimonides Medical Center and WebEx to see how they feel about these threats.
Posted by Victor R. Garza on February 13, 2006 12:58 AM
January 27, 2006 | Comments: (0)
Fujitsu shows palm based biometrics
While I wasn't able to meet with Fujitsu at CES earlier this month I did think that their biometric product based on veins in the hand sounded interesting. That's why I made my way over there to test out this contactless authentication method for myself and have a discussion with several of their product managers.
Seeing the vein pattern of your hand is actually quite disconcerting and wasn't quite what I was expecting. This image doesn't do it justice. Since this technology works on bloodflow in the hand it won't work with a cadaverous appendage, unlike some fingerprint systems. I hope the bad guys realize that fact before the cutting starts.
Just place you palm here and an image is taken of your unique palm pattern and verified with a database. Initial recording of my vein pattern was fast, about 20 seconds for three scans, and verification worked as expected on a test system.
Here's an Automated Teller Machine in Japan that uses the technology.
Listen to the interview with Fujitsu and check out this contactless biometric authentication technology.LISTEN!
Posted by Victor R. Garza on January 27, 2006 10:23 PM
January 24, 2006 | Comments: (0)
StillSecure releases Strata Guard Free
Well, StillSecure has just put out an alternative to other open-source IPS/IDS products called Strata Guard Free. Strata Guard Free supports traffic streams up to 5Mbps, has a web-based console and several other enhancements over the freely available Snort.
Strata Guard Free seems well suited for SMB and remote offices. If you ever wanted to get your feet wet with an IDS/IPS its also worth a peek. Take a look at it here.
I just had a conference call with Mitchell Ashley, CTO and VP of Customer Experience at StillSecure discussing Strata Guard Free. Take a listen to the interview and check out this cool technology.LISTEN!
Posted by Victor R. Garza on January 24, 2006 01:58 PM
January 15, 2006 | Comments: (0)
I saw this big black billboard advertisement as I was driving down the 101 freeway in the Silicon Valley the other night and in bold letters was the question: TIRED OF BACKUPS?
I'm thinking, humm, I wonder what kind of new product is out there to alleviate issues with data backup?
In the far right corner was this URL.
Well, I got a laugh out of it and I guess that answered my question. This points to the fact that everything I see is related to security in my mind in one way or another.
REV
While we're on the subject of backups, I had a nice conversation with iomega while I was at CES a week ago. Seems they have some interesting backup technology available that I wasn't aware of called REV. Later this year they're going to double the capacity of this storage media from 35 to 70 GB while keeping the price point around $50 per disk. They even have a 2U SCSI Autoloader carousel tape replacement unit. Take a listen to the interview and check out this cool technology. LISTEN!
Posted by Victor R. Garza on January 15, 2006 02:50 PM
January 06, 2006 | Comments: (0)
Citrix releases new version of GoToMyPC
Before the start of CES I had a chance to catch up with Citrix for a quick interview and discussion of some of the new features in GoToMyPC Version 5. I also found out that they have 3 different versions of the program geared towards different users from personal and prosumer to their corporate offering.
And yes, I've been using GoToMyPC to access some of my client's machines for quite some time now and I really do like it...
Take a listen to the interview and check out this cool technology.LISTEN!
Posted by Victor R. Garza on January 6, 2006 05:46 PM
December 31, 2005 | Comments: (0)
New Year's Eve and a new IM worm is on the prowl
A worm is on the loose utilizing the recent Microsoft WMF vulnerability / exploit combination. Right now it seems to be focused on MSN Instant Messenger with the file name "xmas-2006 FUNNY.jpg"
This viruslist.com entry also goes on to point out that the problem seems to be in gdi32.dll and not in shimgvw.dll as previously thought as it is possible to exploit a system where shimgvw.dll has been unregistered and deleted.
It's a good thing not too many people are in the office today or we'd probably be seeing a much more widespread effect.
Only in the computer world would I say a worm would be on the prowl.
Listen now to the audio companion for this blog. InfoWorld Zero Day Podcast: 30 Seconds to Zero.
Download file
Posted by Victor R. Garza on December 31, 2005 03:28 PM
December 30, 2005 | Comments: (0)
Microsoft's WMF screen door still open but small patch available
Earlier this week Microsoft announced a Zero-Day buffer overflow vulnerability in its Windows Metafile (WMF) graphics format affecting all version of Windows. Here it is days later and there's still no resolution.
Unfortunately, F-Secure is reporting that there are over seventy different dangerous WMF files capable of causing system damage in the wild so far using publicly available exploits.
Along with updating anti-virus signatures on your machines it is also suggested to update Intrusion Detection and Prevention System signatures and filter WMF files at HTTP proxies.
While Microsoft hasn't been able to stem the tide of malicious Web page images or HTML email causing problems, the main developer of the IDA Pro Disassembler & Debugger, Ilfak Guilfanov has a temporary fix for XP SP2 on his blog.
This patch should work for some Windows XP systems in the short term, at least until MS provides an alternative.
Listen now to the audio companion for this blog. InfoWorld Zero Day Podcast: 30 Seconds to Zero.
Download file
Posted by Victor R. Garza on December 30, 2005 05:30 PM
December 28, 2005 | Comments: (0)
Microsoft announces WMF vulnerability
There's a new Windows Metafile (WMF) image vulnerability and Zero-Day exploit in the wild and MS has this to say about it:
Microsoft is investigating new public reports of a possible vulnerability in Windows. Microsoft is also aware of the public release of detailed exploit code that could allow an attacker to execute arbitrary code in the security context of the logged-on user, when such user is visiting a Web site which contains a specially crafted Windows Metafile (WMF) image. An attacker would have no way to force users to visit a malicious Web site. Instead, an attacker would have to persuade them to visit the Web site, typically by getting them to click a link that takes them to the attacker's Web site.Microsoft will continue investigating these public reports and has published Security Advisory 912840 to provide guidance to customers on how to protect themselves.
The advisory can be found here. Upon completion of this investigation, Microsoft will take the appropriate action to help protect customers, which includes providing a security update through our monthly release process or providing an out-of-cycle security update, depending on customer needs.
What MS doesn't say is that not only can an unsuspecting user heading over to a malicious website be compromised but so can anyone with access to the infected WMF file via file share, or by receiving the file via an HTML email.
Listen now to the audio companion for this blog. InfoWorld Zero Day Podcast: 30 Seconds to Zero.
Download file
Posted by Victor R. Garza on December 28, 2005 08:51 PM
December 26, 2005 | Comments: (0)
USS Nimitz uses COTS technology
I had the good fortune to spend the day after Christmas with a good friend of mine and taking a tour of the recently returned USS Nimitz Aircraft Carrier at the Coronado Naval Air Station in San Diego, California.
The recently deployed Nimitz (along with my LCDR buddy) spent the past six months in the Pacific Ocean on the way to and from Iraq. After seeing how he spent working 16-hour days I got a chance to take a look at the networking bowels of the ship. Along with banks and banks of black encased cryptographic equipment was a lone Cisco router helping to keep information flowing on this incredibly large nuclear powered military airport.
While it's far from a secret that the military are using more and more Commercial off the Shelf (COTS) equipment (including the numerous Dell laptops I saw) to augment specialized communications hardware, I still found it interesting to see the familiar Cisco rack mounted chassis helping to move data around.
I will say that after seeing how much copper cabling was winding its way inside the ship I can see why the move towards fiber optics cabling is underway. The newer USS Ronald Regan has over 7 million feet of fiber optics cable to reduce cable bulk and enhance data security.
All in all an interesting trip and after seeing the cramped working condition inside this behemoth I definitely have an even greater respect for our armed forces and what they have to deal with on a day to day basis.
Here I'm standing on the almost five acres of deck with an F-18 off to the right out of the frame.
Listen now to the audio companion for this blog. InfoWorld Zero Day Podcast: 30 Seconds to Zero.
Download file
Posted by Victor R. Garza on December 26, 2005 10:33 PM
December 22, 2005 | Comments: (0)
Guidance Software Hack: No Comment
The hacker that perpetrated the recent Guidance Software attack is either a genius or a complete idiot. Considering that Guidance makes, in my mind, one of the premiere computer forensic toolkits on the planet, the recent hack is akin to someone stealing a police car from in front of the police station.
Which means that this whole event gives Guidance a really big black eye, but as a hacker there are quite a few other companies I'd want to piss off well before Guidance. I mean, come on, Guidance employees testify in court as computer forensic experts and many of them are ex-law enforcement. The government and law enforcement use Guidance's EnCase toolkit to conduct computer forensic investigations and perform incident response. As my recent review of EnCase points out, Guidance is no slouch when it comes to finding the bad guys.
So, I'll admit that this may have been a decent, or even a great hack, depending on the level of expertise or luck on the part of the attacker. The attack also gives the hacker bragging rights as he or she did get into Guidance Software's systems and steal credit card numbers. But who do those credit cards belong to? Could it be law enforcement officials? Uh, bad move on your part Mr or Miss Attacker, as it's only a matter of time before you're found and nailed to a wall.
I just got off the phone with Guidance Software's Product Manager Brian Karney, who I worked with on this latest EnCase review. Unfortunately, he couldn't tell me about the on-going investigation, but did say that Guidance responded quickly, notified the authorities and followed the law.
As this chronology of data breaches since the ChoicePoint incident early in '05 points out, no one can be complacent about network security. If this type of event can happen to a security software company, how safe is your company's data?
Listen now to the audio companion for this blog. InfoWorld Zero Day Podcast: 30 Seconds to Zero.
Download file
Posted by Victor R. Garza on December 22, 2005 11:51 AM
December 21, 2005 | Comments: (0)
McAfee and Symantec are suffering from issues
Symantec's AntiVirus product line for both enterprise and home (Under the Norton brand) suffers from a buffer overflow vulnerability when decompressing RAR (Roshal Archive) files that could lead to a Denial of Service (DoS) or remote code execution. A large number of Symantec products are affected and no fix exists yet, but Symantec has posted a signature for Bloodhound.Exploit.55 that should mitigate
the issue.
McAfee is also dealing with an ActiveX DLL problem in its Security Center and VirusScan products that can allow the product to be compromised.
These issue are also known as CVE-2005-4438 and CVE-2005-3657.
Listen now to the audio companion for this blog. InfoWorld Zero Day Podcast: 30 Seconds to Zero.
Download file
Posted by Victor R. Garza on December 21, 2005 11:21 PM
December 15, 2005 | Comments: (0)
I spent this past weekend at a holiday party which turned out to be much tamer than parties of yore (ala Enron). Seems that holiday parties just aren't what they used to be.
I couldn't help thinking that while I was out enjoying the overly merry and slightly inebriated karaoke singers that people were out there spamming corporate networks, creating viruses and trying to penetrate perimeters.
And as circumstances would have it a phone call came in that required a partygoer to leave and attend to business. Luckily, this time it wasn't me. As we go about our merry holiday duties people with malicious intent out there know that we're not quite on our game, and are distracted as vacation days approach.
So my question to you is - When that call comes will you have all your ducks in a row?
As the year ends it's a great time to assess where your network and organizational vulnerabilities lie and make sure they're shored up as we progress into the New Year. Plan to make the highest necessity security projects the ones you and your team get to first. As we all know, once the third week in January comes around all bets are off for keeping resolutions. Make sure you keep those regarding your network security posture high on the list.
Listen now to the audio companion for this blog. InfoWorld Zero Day Podcast: 30 Seconds to Zero.
Download file
Posted by Victor R. Garza on December 15, 2005 10:48 AM
December 13, 2005 | Comments: (0)
Should you spend your holidays at the office?
I know that I've spent way too many holidays and Christmas parties in either a datacenter or at my computer solving a problem or leveraging the relatively quiet time to initiate network or security changes at one enterprise or another.
Of course I know exactly where I was December 31st, 1999, along with most of you reading this -- in a datacenter or Network Operations Center, waiting for the Intranet, and subsequently the Internet, to melt down. Well, luckily, that didn't happen. But what about this holiday season, what do we have to look forward to? Hackers and miscreants, intent on -- you guessed it, taking down your Intranet, and subsequently, the Internet.
I made a bet last month with an associate that there would be a new worm or large virus outbreak by the middle of January '06 akin to a Sasser or Melissa. Why did I make this wager? Because most kids and people with too much time on their hands are taking/getting time off from work. I'm not saying that there's a correlation, but I'm putting dinner on the line that something unfortunate will happen because too many people won't have anything to do as we move into '06.
I wouldn't mind if my prognostication turns out to be wrong, but I'm betting vittles that something big this way comes.
So, should you be at your desk for the holidays? Not everyone celebrates this season, and while many of us are braving the holiday crowds to get the new Nintendo DS for the kids, others will be figuring out ways to circumvent network security at your organization.
This is one bet I wouldn't mind losing, but is your organization ready if I don't?
Listen now to the audio companion for this blog. InfoWorld Zero Day Podcast: 30 Seconds to Zero.
Download file
Posted by Victor R. Garza on December 13, 2005 11:07 PM
December 10, 2005 | Comments: (0)
It was only a matter of time. A 'security researcher' named fearwall has tried to sell a Zero-Day vulnerability for Microsoft Excel on eBay. Seems that he or she only got to $60 before the auction site pulled the plug on the whole deal.
Microsoft is supposed to be looking into the Excel issue and the auction.
Listen now to the audio companion for this blog. InfoWorld Zero Day Podcast: 30 Seconds to Zero.