SOC Monkey Week in Review - 4.26.12

Blog Post created by socmonkey on Apr 26, 2012

Dearest Monkey Minions,


It is once again your favorite Simian InfoSec curator, bringing you the most interesting bits and pieces from my App, that is, as you know, free in the Apple App Store.


This week, I'm actually traveling out there in that big wide world, so I'm going to keep this relatively simple. Next week, my normal big monkey mouth will be back in force, with lots of expounding on the links of the hour/day/week.


I'm starting off this column with a great article from Dark Reading: Security Teams Need Better Intel, More Offense, that touches on a presentation from last week's SOURCE Boston Security Conference. The main argument is that instead of sitting back and waiting for attackers to gather their data and giving them time to prepare an attack against your network, start doing your own research on them instead. This seems to be a slippery slope of an argument, as at what point does the line blur between attacker and researcher when you're out there gathering this data? Now, the article does make it clear that you should consult with a lawyer first, and make sure to not take the attack to the attacker, but even with those caveats, I'm not sure where on the hat color spectrum this would fall. I'd love to hear your take on this, so feel free to let me know where you might stand on this more offensive approach.


Next, an article from PC World, Why Switching OS Platforms Is Not a Security Fix. The previous thought that all you had to do to avoid malware and security flaws was to jump ship from Microsoft to the user-friendly Mac or the more unique Linux seems to be slowly fading. The culprit for this shift seems to be your favorite malware and mine, Flashback. With Apple's previous invincibility myth shattered, and the realization that the only thing that was keeping Mac OS X and Linux from the teeming hordes of attackers was its limited adoption, it seems that the benefit of obscurity is also one of security. Still, as the article points out, this is not truly secure, as thousands of Mac owners now realize.


My last big link of interest this week is an article defining the 7 steps you need to take to avoid, "failure panic," once you've been breached. Now, I've got my tail crossed that most of you won't ever need this information, but this read as one of those lists that is a quick review, that allows you to make sure you're in the mindset of planning for a breach. It's not the Breached Guide For Dummies, but the more you read on the subject, the more you know, and knowing is half the battle to quote a favorite 80's cartoon of mine.


Here's a few other items the Pips found to be interesting this time out:

HP Communities - Cyber Weapons - Bits instead of bullets
Facebook Denies Accessing Users' Text Messages - Slashdot

TV-based botnets? DoS attacks on your fridge? More plausible than you think


That's it from me this week. I'll be returning from my banana plantations next week, so feel free to email me your questions or your best bananas foster recipes.