Commentary

Credit to Author: dmitryc| Date: Mon, 21 Dec 2015 22:07:07 +0000

I’m going to start blogging more about detection of protocol/app anomalies, detection of lateral movement and/or data exfiltration, and more. For many years I have been watching users and applications furrow their way across networks and I’m gonna start data-dumping that info here 🙂 But…first…I manage a web server for a friend. It occurred to … Continue reading Using Machine Learning To Detect Anomalies

Credit to Author: dmitryc| Date: Tue, 11 Aug 2015 16:34:29 +0000

The internet (or at least twitter) is exploding regarding this, now deleted, post : Mary Ann Davidson blog post Let me start by saying that she is right. Yes, she’s right. Breaking the EULA is against the law. You can’t argue about that. You can’t argue that they should be paying a bug bounty. You … Continue reading Oracle CSO is right

Credit to Author: dmitryc| Date: Tue, 04 Aug 2015 14:33:59 +0000

Hi there. Long-time-no-blog 🙂 If you haven’t already, go read this: https://t.co/d2hwhmzzuz Note: this blog applies to Corporate networks. If you’re a coffee shop or a college, you’re on your own 🙂 I’ve been a network defender for many years. I currently work for a software company that builds network software which helps companies gain … Continue reading Play some D!

Credit to Author: SSD / Noam Rathaus| Date: Thu, 09 Jul 2015 14:12:03 +0000

A new vulnerability has been recently patched in OpenSSL: During certificate verification, OpenSSL (starting from version 1.0.1n and 1.0.2b) will attempt to find an alternative certificate chain if the first attempt to build such a chain fails. An error in the implementation of this logic can mean that an attacker could cause certain checks on … Continue reading OpenSSL ACCF Vulnerability (CVE-2015-1793)

Credit to Author: eyalestrin| Date: Thu, 07 May 2015 18:30:34 +0000

This document explains the process of installation, configuration and hardening of Tomcat 8.x server, based on RedHat 6.5 default installation (IPTables and SELinux enabled by default), including support for TLS v1.2 and protection from BEAST attack and CRIME attack. Some of the features explained in this document are supported by only some of the Internet … Continue reading Hardening guide for Tomcat 8 on RedHat 6.5 (64bit edition)