Recently in MSSP Category

This document covers the People's Liberation Army conceptual framework for delivering "integrated Network Electronic Warfare". This includes Space and Satellite warfare and EMP attacks. The document also points out the the U.S. Military NIPRET are a high priority of attack. The article mentions that organizations are still not doing enough to use analyzer tools like SIEM products. While the article sites that SIEM products may rely on signature based solutions, nFX One products correlate events beyond IDS/IPS based signature events from a number of disparate Operating Systems, Netflows, and other host and network security devices to alert on abnormal behavior and provides built-in Incident Response Management work flow and integratrion with ITIL uCMDB processes.

The document provides a graphic on the "Timeline of Significant Chinese Related Cyber Events 1999-Present, including pointers to the very public GhostNet cyber espionage events as well as information on the National University of Defense Technology (NUDT)."

Reference:
US-China Economic and Security Review Commission Report on the Capability of the People's Republic of China to Conduct Cyber Warefare and Computer Network Exploitation
National University of Defense Technology

If you're finding that protecting your organization's network and data is becoming increasingly challenging, you may want to consider outsourcing your security. Managed Security Service Providers (MSSPs) can offer a cost effective alternative to trying to manage the security yourself. There are four primary reasons to consider using a MSSP:

1) MSSPs have the security expertise that many companies lack. MSSPs can provide guidance on what types of defenses you need and how those defenses should be deployed. Not only are they security experts, but in may cases they can also provide assistance with any regulatory mandate that you may be trying to comply with.

2) MSSPs can be less expensive than trying to bring all your security needs in-house. MSSPs achieve economies of scale that smaller organizations simply cannot reach.

3) MSSPs offer 24/7 monitoring of your network.

4) In the event there is some type of security incident, the MSSP can provide forensic help determining how the attack happened, what was compromised and how to avoid being attacked in the future.

So if your company's security is keeping you up nights, consider using an MSSP and let them be the ones losing sleep. That's what they're good at.

Georgia Tech Information Security Center Hosted the Global DNS Security, Stability, Resiliency Symposium. " The first of its kind to bring together cross-functional stake holders to address DNS Risk.

DNS ( DOMAIN NAME SERVICES ) is the glue that binds internet resolution, so when a user types in the browser https://www.isc.org/solutions this naming convention magically works without the user have to maintain ip addresses.

Last summer, Dan Kaminsky's DNS Vulnerability really started to point out the weaknesses in the system.

The DNS Symposium points out some major flaws in domain registration, DNS Security Usability ( DNSSEC ).

The Symposium has posted some solutions and possible actors:

The creation of a DNS CERT - An organization devoted to security and resiliency of DNS act as a clearing house for DNS. Capacity Building Programs. Training and Testing, Information exchange, Raising Stakeholder Awareness.

There were concerns about the scability of IPV6 DNSSEC, and IDN's.

Kolkman, Olaf - NLNetLabs
"A Perspective on Categorizing Problems"
Supporting Material: http://www.nlnetlabs.nl/downloads/publications/se-consult.pdf

DNS is certainly the target for "INFO WARS" and Social E Protest"
The people that maintain this vast infrastructure in the public and private sector don't believe enough is being done to protect this global resource and there is a global controversy about who should be the top authority on strategic leadership ( ICANN )

Cisco Security recommends changing the default behavior of the IOS CA to use SHA-1 hashing instead of the default MD5 hashing for certificates. Although the ASA CA may not be vulnerable to attacks as is the IOS CA, Cisco still recognizes the weakness in MD5 and plans to change the default behavior for the generation of end Certificates.
Cisco Security Response: MD5 Hashes May Allow for Certificate Spoofing

Verisign has stated that it fixed their CA's and even their Rapid SSL CA from using MD5. Versign's Blog on MD5 attacks as you can see from the comments users are concerned about the certificates online that were generated with a MD5 Hash.

MD5 considered harmful today in this publication released in Berlin on Dec. 31st 2008 by Alexander Sotirov, Arjen Lenstra, Dave Molnar, Dag Arne Osvik, Benne de Wegner. Their attack takes advantage of what was a theoretical scenario known as MD5 Collisions which is a weakness in the cryptology of the hash function.
attack.bmp They recommend stronger encryption offered by SHA1 and SHA2 to help prevent a Rogue CA server from being from being the authority of trust.

There maybe other concerns besides just the browser and the web server such as code signing certificates or emai certificates.