ISDPodcast Episode 190 for August 11, 2010. Tonight’s podcast is hosted by Rick Hayes and Keith Pachulski. In this episode we will discuss Amazon, AV vendors, Chinese Knockoffs & HIPPA.
Announcements:
MyHardDriveDied.com:
- MHDD Data Recovery Class current dates and locations:
- Dallas, TX – October 11th – 15th
- SANS: Drive and Data Recovery Forensics September 20th – 24th (https://www.sans.org/registration/register.php?conferenceid=21967)
- Washington, DC – December 6th – 10th
- Cost is $3500 for all classes to reserve and register, call (678) 445-9007, email: smoulton@nicservices.com or go to http://www.myharddrivedied.com Use the Discount Code: isdpodcast for a $300 discount.
SANS Mentoring Program:
- Jason Lawrence will be teaching the SANS Forensics 508 – Computer Forensics and Investigations course in Sandy Springs starting Tuesday, October 12, 2010 – Tuesday, December 14, 2010 (http://www.sans.org/mentor/details.php?nid=21538). Use the Discount Code: isdpod15 for a 15% discount.
- Adrian Sanabria will be teaching the SANS Security 504 – Hacker Techniques, Exploits & Incident Handling in Knoxville, TN starting Tuesday, October 12, 2010 – Tuesday, December 14, 2010 (http://www.sans.org/mentor/details.php?nid=22258). Use the Discount Code: isdpod15KY for a 15% discount.
Atlanta ISSA:
- ISSA International Conference – September 16, 2010 (http://www.issa.org/page/?p=105)
SANS Community:
- SANS Security 560: Network Penetration Testing and Ethical Hacking – September 17th – 22nd, 2010 (http://www.sans.org/atlanta-2010-cs2/description.php?tid=3142)
9am-5pm US ET
Hilton Atlanta Airport Hotel
1031 Virginia Avenue
Atlanta, GA 30354
- Use the Discount Code: isdpod15 for a 15% discount.
The Louisville Metro InfoSec Conference:
- Thursday, October 7th, 2010 at Churchill Downs (http://www.louisvilleinfosec.com).
Use the Discount Code: IGK-0726 when you and register for $30 off the $99 ticket price ($69), until Sept. 1st. This discount will expire on that date.
DerbyCon 2011:
- Louisville, KY September 29th – October 2nd – Details coming soon (http://www.derbycon.com)
ShoeCon 2011:
- Atlanta, GA September 18th
- The September DC404 meeting will be held at the Con
- Details coming soon, but keep in mind that all the proceeds will go towards Matthew’s wife and children. We are exact location, but will be opening a call of presenters shortly. Of course we also need volunteers, donations of swag, time, etc.
- The isdpodcast website has made it easy for you to donate to the Matthew Shoemaker Memorial Fund. Anything you can spare would certainly be appreciated.
Stories of Interest:
News Item 1: http://www.infoworld.com/d/cloud-computing/amazon-enterprises-should-adjust-cloud-expectations-661
[Notes: Rick - The notion that Amazon is not interested in Enterprise customers is strange to say the least. I do think that all parties need to be willing and able to walk away from a deal if certain issues can't be resolved. Liability is certainly not a trivial issue.]
The reported problems Amazon had last week in negotiating a contract with Eli Lilly point to a disconnect between what cloud providers offer and what large enterprises expect — though some analysts say they also reflect a lack of flexibility at Amazon.
Last week reports surfaced indicating that Eli Lilly, a marquee customer of Amazon’s Web Services, had decided against expanding its use of the hosted services after the companies failed to agree on liability terms. Some analysts have concluded that Amazon is essentially unwilling to negotiate contract terms and may not be serious about targeting enterprise customers.
David Snead, a lawyer who negotiates contracts on behalf of hosting providers, said that Amazon Web Services contracts are presented as non-negotiable and almost like an appliance. “You just get their cloud services as they are. They aren’t presented as something like enterprise-level hosting where you’d expect it to be presented as a contract and negotiate,” he said. “I have a bunch of clients who have enterprise-grade cloud services. They have contracts that are much different than AWS and they expect them to be negotiated.”
The situation points to a larger issue in cloud and hosted computing. “The specifics of legal obligations haven’t been figured out and put into best practices,” said Michael Cote, an analyst with RedMonk. “This is a stumbling block.”
News Item 2: http://searchsecurity.techtarget.com/news/article/0,289142,sid14_gci1518130,00.html
New data released by security vendor McAfee Inc. shows that the amount of malware in the wild has never been higher, and while a large portion of it is being thwarted successfully, Mac users may face an increased risk. In its McAfee Threats Report: Second Quarter 2010, McAfee Inc. notes that the first half of 2010 has been McAfee’s most active six-month period for malware protection updates, and in this past quarter alone, malware in the wild reached its highest levels ever, with 10 million new pieces of malware discovered, up from 1 million in Q1.
Further discussion on the failure of AV discussed in the Cyveillance report
News Item 3: http://www.darkreading.com/vulnerability_management/security/antivirus/showArticle.jhtml?articleID=226600013&subSection=Antivirus
“Even after 30 days, many AV vendors cannot detect known attacks, making it critical for enterprises to take a more proactive approach to online security in order to minimize the potential for infection,” said Panos Anastassiadis, COO of Cyveillance. “To increase protection, users can’t forget the basics – avoid unknown or disreputable websites, increase security settings on their web browser and leverage supplemental malware block lists to increase security on their devices. Only through both proactive and reactive tools can a solid security platform be achieved.”
Moral of the story,automated security mechanisms must not be relied upon for the sole maintenance of endpoint security.
News Item 4: http://www.zdnet.co.uk/news/security-threats/2010/08/03/fake-components-hit-military-suppliers-40089713/?s_cid=938
[Notes: Rick - I'm not really surprised about hearing this as it seems that one would think this has been an issue for quite some time.]
The UK Electronics Alliance (UKEA) has reported that in the past year military equipment manufacturers had detected an unspecified number of counterfeit electronic components coming into their supply chain.
“Military grade counterfeit components have been found by military equipment manufacturers,” said UKEA alliance executive Roger Rogowski. “We are not aware of any components finding their way into military systems, but we are aware of instances where components have been received by equipment manufacturers and identified as counterfeit.”
The organization said in an annual report that while the problems of fake electronic equipment were well known, the risks of counterfeit components in genuine equipment were less well recognized. Counterfeit components such as erasable programmable logic device the Altera EP610 DM-35, which have both commercial and military applications, may be found in a wide variety of hardware. There were commercial and military versions of Altera, so they could be used in almost anything from household appliances to fighter planes.
News Item 5: http://www.darkreading.com/database_security/security/attacks/showArticle.jhtml?articleID=226600307
[Notes: Keith - HIPAA is still considered to be in its infancy, due to lack of enforcement breaches in PII continue to rise and in my opinion will continue until the OCR/HHS being levying operational penalties and not just fines onto health care providers and clearinghouses.]
Healthcare data breaches have swollen in 2010: Identity Theft Resource Center reports show that compromised data stores from healthcare organizations far outstrip other verticals this year. According to figures updated last week, healthcare organizations have disclosed 119 breaches so far this year, more than three times the 39 breaches suffered by the financial services industry.
No comments
Trackbacks/Pingbacks