Hackin9

I know weve talked about NoScript here before, however it is something worth discussing on a regular basis, as it is a simple, solid product that works. Whenever I build a new desktop or laptop, one of the first things that goes in is Firefox and NoScript as a solid browser combo to continue safely building out and running a system. The choice of browser software is probably more a matter of personal choice, but a solid security addon for the browser is a must these days, and I have found NoScript to be a solid addon for Firefox. It is stable, updated constantly (for which I am reminded on a regular basis when I open Firefox) and a product with a very long, proven track record. One of the solid aspects of NoScript has been the always block by default approach, deny all/permit by exception philosophy that stops all scripts, and allows me to permit only the content I want or need.

Take a look at NoScript, let us know what you think in the comments, as well as any other addon musts for browsers.

tony d0t carothers --gmail

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
 
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
 

Building automation Networks are very common today for intelligent buildings. They interconnect several type of devices like escalators, elevators, power circuits, heating, ventilating and air conditioning (HVAC) to the main control center. Since those devices are in the same location as computers and all other corporate devices, some companies place them in same network segments with all other users devices. This could lead to a serious security problem, as it is wide known that many industrial protocols does not require the clients to authenticate for issuing commands or requesting data. If companies combine BACnet devices inside network segments with regular users, they will be able to attack the BACnet devices with no difficult. Only new version of those protocols are beginning to support authentication, confidentiality and integrity. It">47808/udp open bacnet| bacnet-discover:| Vendor ID: BACnet Stack at SourceForge (260)| Vendor Name: BACnet Stack at SourceForge| Instance Number: 260001| Firmware: 0.8.2| Application Software: 1.0| Object Name: SimpleServer| Model Name: GNU| Description: server">Manuel Humberto Santander Pelez
SANS Internet Storm Center - Handler
Twitter: @manuelsantander
Web:http://manuel.santander.name
e-mail: msantand at isc dot sans dot org

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
 

Li-Fi fantastic - Quocirca's report from Infosec 2015
ComputerWeekly.com (blog)
As with any trade show, Infosec (Europe's biggest IT security bash) can get a bit mind-numbing, with one vendor after another going on about the big issues of the day - advanced threat detection, threat intelligence networks, the dangers of the ...

 
Internet Storm Center Infocon Status