Recently, I was onsite at a vendor’s office as part of the Bandolier project and ran into a situation where the Win2k3 firewall was not enabled or configured. After the onsite visit and a little Firewall enabling, I started to think about how much the Windows Firewall has changed since WinXP/Win2k3. Specifically, I [...]

Fuzzing is growing up.  From the academics of the late 80s throwing random data at unix command line tools, to the early work by researchers and commercial groups in the last 90s and early 2000s, to the explosion of fuzzing topics at conferences around the world about 5 years ago its come a long way.
As [...]

There’s a great write-up on building and maintaining a Windows tiered patching infrastructure over at Ars Technica today. It sets up like this:
Windows updates have historically been a constant annoyance for IT staff. Manual updates were a huge pain, and, while the advent of the Automatic Update feature improved the situation, it brought with it [...]

Normally we would not comment on a marketing press release, but this is Cisco and even a marketing effort from a giant like that can have a big impact.
Recently Cisco announced that their services group announced grid security services, hat tip: Matt Franz, @frednecksec. These services included cyber and physical security services and even mentioned [...]

Onto a few more highlights from Blackhat.  Dowd, Smith, and Deweys presentation on The Language of Trust was excellent, and the bug highlighted in the presentation, MS09-035, is going to be around for a very long time.  This bug was the result of a typo, an ‘&’ where one shouldn’t have been.  An interesting and [...]

Yes, you read the title correctly. There is a new and improved security driven version of Windows being distributed. The National Institute for Standards and Technology, the Defense Information Systems Agency and the Center for Internet Security consulted on this product to help create the most secure configuration of Windows yet. It [...]

Two researchers from Microsoft’s Security Engineering Center (MSEC) gave an interesting presentation at the CanSecWest conference last week.  The researchers detailed a project created by MSEC that is supposed to help detect exploitable software.  The project, !exploitable (pronounced “bang exploitable”) Crash Analyzer, is a tool that helps automate the detection of bugs in an application [...]

Even while some engineers are still dealing with Windows NT (or much older) servers and workstations, Windows Vista and Server 2008 are making their way into control system environments. It doesn’t seem that long ago that I was heading up a committee on whether to upgrade to Windows 2000 or XP, but I digress.
I’ve been [...]

I missed the afternoon sessions of the 2nd day, but covered the morning in my tweets on Feb 3. Probably the most informative session for me was the NERC CIP session with Mike Assante. He is going to make an expanded slide deck available which lays out the plan for enhancements of the CIP standards.
A [...]

I’ve been tweeting on the SANS SCADA Security Summit. You can see a recap of all the tweets.
A few general conclusions:

AMI was the hot topic. So many talks went back to Smart Grid, power meters, … The attendance is skewed to electric, but still surprised by this emphasis.
The hardware hacking of wireless, again with emphasis [...]