Researchers have shown that it’s possible to compromise DNA analysis systems with synthethic DNA. They caution that this is not an easy attack today, but it shows that there is a possibility that this might cause problems in the future.
Don’t kneejerk to every vulnerability announcement
Brian Krebbs makes good points about assessing vulnerability announcements. But in addition to looking deeper into the claims, organizations must also determine how much risk actually exists based on administrative, technical, and physical controls. In this example, the annoucement only required a simple review of how an organization might submit suspicious files…
PowerShell script for helping with vulnerability management
This paper, by Colm Kennedy, presents a PowerShell script useful for managing vulnerabilities.
The goal of this paper is to show how a small script in PowerShell can aid in the investigation of many systems and report information in an organized manner that will help streamline investigations of possible false positives. The script in this paper will assist in identifying missing patches or old versions of software installed. The PowerShell script in this paper sends the results to a CSV file that lists the system name, the operating system installed, the number of missing critical and important patches, last boot time of the system, Chrome version, Firefox Version, Java Version, Adobe Flash Version, and Adobe Reader Version. The format of the CSV file makes it easy to browse over all systems scanned to make a quick determination if more investigation needs to take place for each system. An important part of this script is that it needs to be transferrable to any environment with little effort.