the State of Insecurity

Press Coverage September 2011

Sat, 10 Sep 2011 20:18:49 -0400

Apple criticised for not blocking stolen SSL certificates
by unknown
Security and forensics analyst Paul Henry, from Arizone-based Lumension, said: “We're looking at some very serious issues about trust on the web and it doesn't help matters when Apple is dragging its feet.” Unlike Microsoft, which updated ...
Add starLikeShareShare with noteEmailKeep unreadAdd tags
1:16 PM (6 hours ago)

Apple criticised for not blocking stolen SSL certificates | Hitech ...
by unknown
Security and forensics analyst Paul Henry, from Arizone-based Lumension, said: “We're looking at some very serious issues about trust on the web and it doesn't help matters when Apple is [...] View full post on National Cyber Security ...
Add starLikeShareShare with noteEmailKeep unreadAdd tags
1:16 PM (6 hours ago)

Apple e i 531 certiicati SSL DigiNotar rubati ~ The Apple for you
by appleforyou
Tanto da spingere Paul Henry, un analista forense di Lumension, a denunciare pubblicamente la cosa: Siamo di fronte a problemi molto importanti [di sicurezza sul Web] e Apple col suo ciondolare sulla vicenda non aiuta di certo. ...
Add starLikeShareShare with noteEmailKeep unreadAdd tags
2:07 AM (17 hours ago)

Apple Criticized For Not Blocking Stolen Certs | www.dotnetz.net
by Automated Bob
'We're looking at some very serious issues [about trust on the Web] and it doesn't help matters when Apple is dragging its feet,' said Paul Henry, a security and forensics analyst with Lumension. Unlike Microsoft, which updated Windows on ...
Add starLikeShareShare with noteEmailKeep unreadAdd tags
2:07 AM (17 hours ago)

Apple Finally Pulls the Plug on DigiNotar Certificates, Adobe to ...
by Brian Prince
“Déjà vu - Remembering the Comodo issue, Apple was nearly a month behind other browser vendors in providing a patch to address the issue for their customers,” Lumension security and forensic analyst Paul Henry complained in Sept. ...
Add starLikeShareShare with noteEmailKeep unreadAdd tags
Sep 9, 2011 (yesterday)

Apple так и не отозвала фальшивые SSL-сертификаты DigiNotar ...
by admin
Исследователь в области безопасности, работающий на компанию Lumension, Пол Генри (Paul Henry) раскритиковал Apple за то, что компания до сих пор не выпустила обновления для Mac OS X. В отличие от компании Microsoft, ...
Add starLikeShareShare with noteEmailKeep unreadAdd tags
Sep 9, 2011 (yesterday)

Researcher raps Apple for not blocking stolen SSL certificates ...
by Mark
“We're looking at some very serious issues [about trust on the Web] and it doesn't help matters when Apple is dragging its feet,” said Paul Henry, a security and forensics analyst with Arizona-based Lumension. Unlike Microsoft, which updated ...
Add starLikeShareShare with noteEmailKeep unreadAdd tags
Sep 9, 2011 (yesterday)

Bezpieczeństwo użytkowników Mac OS zagrożone przez ...
by Szymon Barczak
Paul Henry, właściciel firmy zajmującej się bezpieczeństwem Lumension, zaleca użytkownikom Mac OS tymczasowe przejście na Firefoksa lub Operę. Jak podaje Computerworld, Henry ostrzega również użytkowników smartfonów, gdyż do ...
Add starLikeShareShare with noteEmailKeep unreadAdd tags
Sep 9, 2011 (yesterday)

Apple e i 531 certiicati SSL DigiNotar rubati
by aWilito
Tanto da spingere Paul Henry, un analista forense di Lumension, a denunciare pubblicamente la cosa: Siamo di fronte a problemi molto importanti [di sicurezza sul Web] e Apple col suo ciondolare sulla vicenda non aiuta di certo. ...
Add starLikeShareShare with noteEmailKeep unreadAdd tags
Sep 9, 2011 (yesterday)

Researcher raps Apple for not blocking stolen SSL certificates
by TechData
“We're looking at some very serious issues [about trust on the Web] and it doesn't help matters when Apple is dragging its feet,” said Paul Henry, a security and forensics analyst with Arizona-based Lumension. Unlike Microsoft, which updated ...
Add starLikeShareShare with noteEmailKeep unreadAdd tags
Sep 9, 2011 (yesterday)

Apple Criticized For Not Blocking Stolen Certs
by Michelle Le Comber
... to quickly update Mac OS X to protect users. 'We're looking at some very serious issues about trust on the Web and it doesn't help matters when Apple is dragging its feet,' said Paul Henry, a security and forensics analyst with Lumension.
Add starLikeShareShare with noteEmailKeep unreadAdd tags
Sep 9, 2011 (yesterday)

Apple Criticized For Not Blocking Stolen Certs | RobProto
by admin
'We're looking at some very serious issues [about trust on the Web] and it doesn't help matters when Apple is dragging its feet,' said Paul Henry, a security and forensics analyst with Lumension. Unlike Microsoft, which updated Windows on ...
Add starLikeShareShare with noteEmailKeep unreadAdd tags
Sep 9, 2011 (yesterday)

Microsoft Plans Patches for 15 Bugs in September Patch Tuesday ...
by skndr
September vulnerabilities are rated critical, administrators should still quickly deploy the patches, Paul Henry, a security and forensic analyst for Lumension, told eWEEK. Organizations can “gain a false sense of security” during light months ...
Add starLikeShareShare with noteEmailKeep unreadAdd tags
Sep 9, 2011 (yesterday)

Apple Criticized For Not Blocking Stolen Certs | iPhone 2 die 4
by iphone-robot
'We're looking at some very serious issues [about trust on the Web] and it doesn't help matters when Apple is dragging its feet,' said Paul Henry, a security and forensics analyst with Lumension. Unlike Microsoft, which updated Windows on ...
Add starLikeShareShare with noteEmailKeep unreadAdd tags
Sep 9, 2011 (yesterday)

Apple Criticized For Not Blocking Stolen Certs | IT Professionals ...
by ITPDbot
'We're looking at some very serious issues [about trust on the Web] and it doesn't help matters when Apple is dragging its feet,' said Paul Henry, a security and forensics analyst with Lumension. Unlike Microsoft, which updated Windows on ...
Add starLikeShareShare with noteEmailKeep unreadAdd tags
Sep 9, 2011 (yesterday)

Inter5.Org Research » Apple Criticized For Not Blocking Stolen Certs
by samzenpus
'We're looking at some very serious issues [about trust on the Web] and it doesn't help matters when Apple is dragging its feet,' said Paul Henry, a security and forensics analyst with Lumension. Unlike Microsoft, which updated Windows on ...
Add starLikeShareShare with noteEmailKeep unreadAdd tags
Sep 9, 2011 (yesterday)

Apple Criticized For Not Blocking Stolen Certs | Maine Social ...
by samzenpus
'We're looking at some very serious issues [about trust on the Web] and it doesn't help matters when Apple is dragging its feet,' said Paul Henry, a security and forensics analyst with Lumension. Unlike Microsoft, which updated Windows on ...
Add starLikeShareShare with noteEmailKeep unreadAdd tags
Sep 9, 2011 (yesterday)

Apple Criticized For Not Blocking Stolen Certs | MX510
by samzenpus
'We're looking at some very serious issues [about trust on the Web] and it doesn't help matters when Apple is dragging its feet,' said Paul Henry, a security and forensics analyst with Lumension. Unlike Microsoft, which updated Windows on ...
Add starLikeShareShare with noteEmailKeep unreadAdd tags
Sep 9, 2011 (yesterday)

Apple Criticized For Not Blocking Stolen Certs | Cat5 Wiring ...
by CableEngineer
He is urging the company to quickly update Mac OS X to protect users. 'We're looking at some very serious issues and it doesn't help matters when Apple is dragging its feet,' said Paul Henry, a security and forensics analyst with Lumension.
Add starLikeShareShare with noteEmailKeep unreadAdd tags
Sep 9, 2011 (yesterday)

Whats Happening in Technology This Week » Blog Archive ...
by megatech
... Mac OS X to protect users. “We're looking at some very serious issues [about trust on the Web] and it doesn't help matters when Apple is dragging its feet,” said Paul Henry, a security and forensics analyst with Arizona-based Lumension. ...
Add starLikeShareShare with noteEmailKeep unreadAdd tags
Sep 8, 2011 (2 days ago)

Microsoft will release five security bulletins « eComBiz
by admin
Even though none of the September vulnerabilities are rated critical,administrators should still quickly deploy the patches,Paul Henry,a security and forensic analyst for Lumension,told eWEEK. Organizations can “gain a false sense of ...
Add starLikeShareShare with noteEmailKeep unreadAdd tags
Sep 8, 2011 (2 days ago)

Microsoft will release five security bulletins « eComTech
by Robert
Even though none of the September vulnerabilities are rated critical,administrators should still quickly deploy the patches,Paul Henry,a security and forensic analyst for Lumension,told eWEEK. Organizations can “gain a false sense of ...
Add starLikeShareShare with noteEmailKeep unreadAdd tags
Sep 8, 2011 (2 days ago)

Microsoft will release five security bulletins « Freedom Marketing
by admin
Even though none of the September vulnerabilities are rated critical,administrators should still quickly deploy the patches,Paul Henry,a security and forensic analyst for Lumension,told eWEEK. Organizations can “gain a false sense of ...
Add starLikeShareShare with noteEmailKeep unreadAdd tags
Sep 8, 2011 (2 days ago)

Microsoft Plans Patches for 15 Bugs in September Patch Tuesday ...
by admin
September vulnerabilities are rated critical, administrators should still quickly deploy the patches, Paul Henry, a security and forensic analyst for Lumension, told eWEEK. Organizations can “gain a false sense of security” during light months ...
Add starLikeShareShare with noteEmailKeep unreadAdd tags
Sep 8, 2011 (2 days ago)

Apple Silent on DigiNotar Certificates Hack
by TechData
Lumension security and forensics analyst Paul Henry explains in a blog post, “It is difficult to place trust in a company's certificates when the company itself perhaps lacks trust,” adding, “When your business is supposed to be entrusted to keep ...
Add starLikeShareShare with noteEmailKeep unreadAdd tags
Sep 8, 2011 (2 days ago)

News Apple Silent on DigiNotar Certificates Hack | ipad ebook
by ipads-ebooks
Lumension wellbeing and forensics analyst Paul Henry clarifies in a blog post, “It is hard to place trust in a company's certificates when the company itself perhaps lacks trust,” adding, “When your business is supposed to be entrusted to keep ...
Add starLikeShareShare with noteEmailAdd tags
Sep 8, 2011 (2 days ago)

Today's News September 8, 2011 | myTechDeal.com
by admin
“We're looking at some very serious issues [about trust on the Web] and it doesn't help matters when Apple is dragging its feet,” said Paul Henry, a security and forensics analyst with Arizona-based Lumension. Survey: Value of the cloud, ...
Add starLikeShareShare with noteEmailAdd tags
Sep 8, 2011 (2 days ago)

[+]d'ZheNwaY's Blog[+]: Researcher raps Apple for not blocking ...
by d'ZheNwaY
"We're looking at some very serious issues [about trust on the Web] and it doesn't help matters when Apple is dragging its feet," said Paul Henry, a security and forensics analyst with Arizona-based Lumension. [ Also on InfoWorld: Debacle ...
Add starLikeShareShare with noteEmailAdd tags
Sep 8, 2011 (2 days ago)

Why Hasn't Apple Blocked Harmful Digital Certificates? | Technology ...
by TechnologyNews
“Remembering the Comodo issue, Apple was nearly a month behind other browser vendors in providing a patch to address the issue for their customers,” Paul Henry, an analyst with Lumension, wrote in a blog post. “Apple has remained ...
Add starLikeShareShare with noteEmailAdd tags
Sep 8, 2011 (2 days ago)

Why Hasn't Apple Blocked Harmful Digital Certificates? | Cool ...
by admin
“Recall the Comodo issue, Apple was nearly a month behind other browser vendors in as long as a patch to take up the issue for their customers,” Paul Henry, an analyst with Lumension, wrote in a blog post. “Apple has remained moderately ...
Add starLikeShareShare with noteEmailAdd tags
Sep 8, 2011 (2 days ago)

Why Hasn't Apple Blocked Harmful Digital Certificates? » Sowftware ...
by administrator
“Remembering the Comodo issue, Apple was nearly a month behind other browser vendors in providing a patch to address the issue for their customers,” Paul Henry, an analyst with Lumension, wrote in a blog post. “Apple has remained ...
Add starLikeShareShare with noteEmailAdd tags
Sep 8, 2011 (2 days ago)

Why Hasn't Apple Blocked Harmful Digital Certificates?
by TechData
“Remembering the Comodo issue, Apple was nearly a month behind other browser vendors in providing a patch to address the issue for their customers,” Paul Henry, an analyst with Lumension, wrote in a blog post. “Apple has remained ...
Add starLikeShareShare with noteEmailAdd tags
Sep 8, 2011 (2 days ago)

Researcher raps Apple for not blocking stolen SSL certificates ...
by admin
“We're looking at some very serious issues [about trust on the Web] and it doesn't help matters when Apple is dragging its feet,” said Paul Henry, a security and forensics analyst with Arizona-based Lumension. kate gosselin amy adams ...
Add starLikeShareShare with noteEmailAdd tags
Sep 8, 2011 (2 days ago)

Researcher raps Apple for not blocking stolen SSL certificates ...
by unknown
“We're looking at some very serious issues [about trust on the Web] and it doesn't help matters when Apple is dragging its feet,” said Paul Henry, a security and forensics analyst with Arizona-based Lumension. View full post on Security – ...
Add starLikeShareShare with noteEmailAdd tags
Sep 8, 2011 (2 days ago)

Researcher raps Apple for not blocking stolen SSL certificates ...
by admin
"We're looking at some very serious issues [about trust on the Web] and it doesn't help matters when Apple is dragging its feet," said Paul Henry, a security and forensics analyst with Arizona-based Lumension. Read more here. Posted in ...
Add starLikeShareShare with noteEmailAdd tags
Sep 8, 2011 (2 days ago)

HANGAR DO VINNA: Engenharia reversa em patch da Microsoft pode ...
by Alina Stewart
O especialista em segurança Paul Henry, da Lumension, vai mais longe ao dizer que “estamos trabalhando com uma janela de 24 horas [após a liberação dos patches] para que comecemos a ver códigos de exploit em campo”. ...
Add starLikeShareShare with noteEmailAdd tags
Sep 6, 2011 (4 days ago)

New Zero Day Exploit Impacting Microsoft FTP Server | Optimal ...
by Paul Henry
Optimal Security : the Lumension Blog. Subscribe. New Zero Day Exploit Impacting Microsoft FTP Server. Author: Paul Henry Date: Friday, September 4th. Categories: Patch Tuesday | Security Insights | Vulnerability Management · Tweet ...
Add starLikeShareShare with noteEmailAdd tags
Sep 5, 2011 (5 days ago)

Microsoft misery and the labor day blues | Bird On A Wireless
by Courtesy
... from their systems”, Kandek added. Paul Henry, security and forensic analyst for Lumension, noted that Patch Tuesday is not the only massive patch update with which IT administrators are grappling. …more (http://www NULL.infosecurity-us ...
Add starLikeShareShare with noteEmailAdd tags
Sep 4, 2011 (6 days ago)

形势严峻五个措施帮助你防范黑客攻击_IT运维网_新浪博客
by IT运维网
Lumension安全公司的取证调查和安全分析师Paul Henry说："在我看来，美国安全公司HBGary遭黑客攻击是个转折点。这起事件绝对引起了我的注意：这表明，与互联网相连接的任何人都有可能成为受害者。" Karim Hijazi是Unveillance这家安全新兴公司的首席执行 ...
Add starLikeShareShare with noteEmailAdd tags
Sep 3, 2011 4:44 PM

Microsoft misery and the labor day blues | Bird On A Wireless
by Courtesy
... from their systems”, Kandek added. Paul Henry, security and forensic analyst for Lumension, noted that Patch Tuesday is not the only massive patch update with which IT administrators are grappling. …more (http://www NULL.infosecurity-us ...
Add starLikeShareShare with noteEmailAdd tags
Sep 1, 2011 8:49 PM

Engenharia reversa em patch da Microsoft pode ajudar hackers em ...
by admin
O especialista em segurança Paul Henry, da Lumension, vai mais longe ao dizer que “estamos trabalhando com uma janela de 24 horas [após a liberação dos patches] para que comecemos a ver códigos de exploit em campo”. ...
Add starLikeShareShare with noteEmailAdd tags
Sep 1, 2011 12:10 PM

Microsoft misery and the labor day blues | Bird On A Wireless
by Courtesy
... from their systems”, Kandek added. Paul Henry, security and forensic analyst for Lumension, noted that Patch Tuesday is not the only massive patch update with which IT administrators are grappling. …more (http://www NULL.infosecurity-us ...

Most Powerful Voices In Security Sys-Con Media

Sat, 10 Sep 2011 11:25:12 -0400

I made the list of the 100 Most Powerful Voices In Security at number 27
http://www.sys-con.com/node/1974029

Rank
Most Powerful Voices In Security
MPV Score
1
Darrell Issa
1,405,336
2
William Lynn III
1,168,351
3
Bruce Schneier
371,731
4
Brian Krebs
261,450
5
Reuven Cohen
257,846
6
Eugene Kaspersky
226,808
7
Graham Cluley
224,717
8
Susan Collins
212,000
9
Werner Vogels
210,574
10
Christofer Hoff
122,306
11
Jeremiah Grossman
104,862
12
Richi Jennings
100,294
13
James Hamilton
80,600
14
Jeff Jones
75,658
15
Richard Stiennon
73,186
16
Stephen Foskett
72,678
17
Kevin Poulsen
72,158
18
Dana Gardner
67,704
19
Robert McMillan
66,140
20
Sramana Mitra
59,920
21
Richard Bejtlich
59,761
22
David Harley
57,098
23
Paul Miller
56,050
24
Dino A. Dai Zovi
53,015
25
Bret Hartman
49,820
26
Lenny Zeltser
48,171
27
Paul Henry
43,185
28
Brian Gracely
42,800
29
Alex Williams
42,105
30
Chris Wolf
41,252
31
Simon Crosby
40,124
32
Enrique Salem
38,520
33
Kim Zetter
37,496
34
Dan York
37,474
35
Krishnan Subramanian
35,901
36
Lori MacVittie
35,661
37
Todd Gebhart
35,330
38
Tyler Shields
34,912
39
David Kravets
33,481
40
Andrew Hay
33,136
41
Jay Radcliffe
32,285
42
Neil MacDonald
32,000
43
Branden Williams
31,810
44
Rich Mogull
31,131
45
Dr Anton Chuvakin
31,088
46
Dave Hansen
30,900
47
John Pescatore
29,650
48
Tim Wilson
29,430
49
David DeWalt
28,930
50
Scott Stewart
28,295
51
David Lacey
28,020
52
Bernard Golden
27,181
53
Patrick Murray
27,010
54
Dan Goodin
25,880
55
Derrick Harris
25,251
56
Avivah Litan
25,180
57
Matt Flynn
24,314
58
Abhishek Singh
23,610
59
Mac Thornberry
22,950
60
Tom Ritter
22,310
61
Scott Charney
21,850
62
Siobhan Gorman
21,120
63
Ellen Rubin
20,862
64
W. Mark Brooks
20,730
65
Greg Young
20,666
66
George Kurtz
20,615
67
Andrew Storms
19,130
68
Bob Blakley
18,540
69
Joe Sullivan
18,120
70
Mike Murray
17,922
71
Brian Babineau
17,913
72
Jessica Davis
17,790
73
Rob Rachwald
17,590
74
Dustin Amrhein
17,116
75
Mike Rothman
17,047
76
Luther Martin
16,910
77
Steve Ragan
16,790
78
Jon Oltsik
16,723
79
Tony Palmer
16,510
80
Eric Hall
16,204
81
Ian Glazer
15,884
82
Robin Wilton
15,644
83
Jim Reavis
15,584
84
Colin Watson
15,560
85
Phil Wainewright
15,551
86
Lauren Whitehouse
15,237
87
Kevin L. Jackson
15,130
88
Tom Cross
15,030
89
Earl Perkins
14,530
90
Ignacio M. Llorente
14,429
91
Mark Diodati
13,910
92
Barton George
13,898
93
Chirag Mehta
13,808
94
Eva Chen
13,600
95
Dan Blum
13,180
96
Jay Heiser
13,120
97
Mark McLaughlin
13,050
98
Byron Acohido
13,026
99
Nikolay Grebennikov
11,360
100
Kevin Kampman
9,600

Interesting New “Beta” Cellebrite Physical Analyzer Features

Fri, 19 Aug 2011 11:41:04 -0400

With the large number of lab derived cell phone images in my collection occasionally I get to try out a new Beta version of the Cellebrite Physical Analyzer. The latest version I received this morning has a new feature I thought others would be interested in. It automatically decrypts and assembles account credentials for several services that the iPhone was using i.e. email, chat, WiFi access points and various Apple services. The passwords appear under a new “Password” icon in the Project Tree and can be viewed within the GUI or exported to Excel, CSV, HTML or XML. See Figure 1 below

A few other items worth noting:

For those locked iPhones using a simply code the Physical Analyzer does a great job of brute forcing the password so a physical image can be decrypted. Even without the password you can still capture the physical image but the password is needed to decrypt it.

Another feature that I Tweeted about last week that I am very happy to see is the decryption and presentation of Apple .mac / .me emails ! I can now provide all Mac related emails stored on the phone including those that were deleted. This is a huge capability for me personally as I worked a case recently where the iPhone was unused for a considerable period of time and in discussions with Apple they were unsure if they would be able to provide the “retained” records of the emails do to the time lapse. We literally were able to recover the “smoking gun” evidence directly off the phone without having to “roll the dice” on data retention at Apple. See Figure 2 below

Patch Tuesday Video Brief For June 2011

Thu, 16 Jun 2011 15:25:35 -0400

Patch Tuesday video briefing:

http://www.youtube.com/watch?v=7VghfhSka1A&feature=player_embedded#at=61

Patch Tuesday June 2011 Coverage

Thu, 16 Jun 2011 15:22:49 -0400

Patch Tuesday news pick up / interviews:

eWeek, Microsoft Plans 16 Security Bulletins for June’s Patch Tuesday, By Fahmida Rashid, June 9, 2011

Redmond Magazine, Microsoft Planning 16 Fixes for Patch Tuesday, By Jabulani Leffall, June 9, 2011

CRN, Microsoft To Issue 16 Updates for Patch Tuesday Release, By Stefanie Hoffman, June 10, 2011

eWeek, Adobe Preps Quarterly Security Update for Reader, Acrobat, By Fahmida Rashid, June 10, 2011

IT Business Edge, Another Significant Patch Tuesday from Microsoft This Week, By Paul Mah, June 13, 2011

Government Computer News, Windows admins to get a heavy Patch Tuesday load, By Jabulani Leffall, June 13, 2011

InfoSecurity, Just in time for Father’s Day – some Microsoft Patch Tuesday overtime for IT administrators, By Staff Writer, June 13, 2011

PC World, Patch Tuesday Fixes Dangerous Flaws with Exploits Imminent, By Tony Bradley, June 14, 2011

Network World, Microsoft issues first patch for IE9 amidst 34 holes closed today, By Julie Bort, June 14, 2011

SC Magazine, Patch Tuesday sees 16 fixes, by Greg Masters, June 14, 2011
CRN, Microsoft ‘Patch Tuesday’ Fixes 24 Flaws in 16 Updates, By Stefanie Hoffman, June 14, 2011

InformationWeek, How To Prioritize Microsoft Patch Bonanza, By Matthew J. Schwartz, June 15, 2011