Security Advisories Videos
newest 100 security advisories videos / security advisories widgets / media rss:

If you re using DNS, and we all are, prepare to patch every system you have. Not just your name servers, but any and all systems using DNS, which means virtually everything! This is a flaw discovered by Dan Kaminsky that affects the basic technology underlying DNS and effects all vendors. Dan took the road of responsible disclosure and worked with a large group of vendors to coordinate this patch. This may be one of the first successful examples of a large multivendor patch, and if ever there was a need for it, this is it. Rich was able to get an interview in anticipation of today s announcement and you can hear about it straight from Dan himself. There are not a lot of technical details concerning the vulnerability in the interview and every effort is being made to give us as much time to patch before reverse engineering gives the bad guys the secret sauce to make this a weaponized vulnerability. Check the show notes for the CERT advisory and additional information. Network Security Podcasdt, Episode 111, July 8, 2008

At RSA Michael Santarcangelo and I had a chance to attend a seminar on the Jericho Forum briefly.  Neither of us had heard much about the Jericho Forum before so we invited them to participate in a podcast with us.  And since I didn t know much about Jericho, I found someone who does:  Chris Hoff.  We were joined by one of the founders of the Jericho Forum, Paul Simmonds, and the CEO of Rohati Systems, Shane Buckley.  You can find the full show notes on the Security Roundtable blog.

Rich and I got a chance to talk to Ron Gula, CEO of Tenable Network Security about the changes that were made today the the changes in the Nessus licensing model. This is a follow up to the post I wrote this morning and explains the reasoning behind the changes straight from the man in charge.