Posted by: dlupisella
on Feb 02, 2012
Foreground Security's Sr. Incident Handler and Malware Analyst, Curt Shaffer, co-presented this past weekend at the Shmoocon 2012 Security Conference with Chris Cuevas from Secure Ideas. The research came from two discussing how crazy the marketing was on this newer technology. They decided to test out three popular choices for application whitelisting and see if the hype was true. We do want to mention that Foreground and the researchers believe application whitelisting is a step in the right direction, the implementation has flaws and it should only be used as part of a strong defense in depth solution.
The results are in and they found that Application Whitelisting is nothing more than a small road block much like current Anti-Virus. They found that there are some very easy ways to get around this type of software due to lack of features, lack of understanding the current threat landscape and in some cases vulnerabilities in the software that allow complete bypass. They took the audience through their testing methodology and findings. They tested Bit9 Parity 6.0.x, Microsoft AppLocker and McAfee Application control on both Windows XP and Windows 7.
Posted by: dlupisella
on Nov 13, 2011
============================================================
FOREGROUND SECURITY, SECURITY ADVISORY 2011-004
- Original release date: November 10, 2011
- Discovered by: Jose Carlos de Arriba - Senior Security Analyst at Foreground Security
- Contact: (jcarriba (at) foregroundsecurity (dot) com, dade (at) painsec (dot) com)
- Severity: 4.3/10 (Base CVSS Score)
============================================================
I. VULNERABILITY
-------------------------
Infoblox NetMRI 6.2.1 (latest version available when the vulnerability was discovered), 6.1.2 and 6.0.2.42 Multiple Cross Site Scripting - XSS (prior versions have not been checked but could be vulnerable too).
Posted by: dlupisella
on Nov 08, 2011
============================================================
FOREGROUND SECURITY, SECURITY ADVISORY 2011-003
- Original release date: Nomvember 9, 2011
- Discovered by: Jose Carlos de Arriba (Sr Security Analyst at Foreground Security)
- Contact: (jcarriba (at) foregroundsecurity (dot) com, dade (at) painsec (dot) com)
- Twitter: @jcarriba
- Severity: 4.3/10 (Base CVSS Score)
============================================================
I. VULNERABILITY
-------------------------
Joomla ALFContact 1.9.3 Extension Multiple Cross-Site Scripting (XSS) vulnerabilities - (prior versions have not been checked but could be vulnerable too).
