Collaborate Disseminate
I know seccomp (secure computing) is a way to restrict a process from making particular system calls.
While linux capabilities provides a way to give privileges to specific user or process.
So if I want to disable a process from making raw… Continue reading Difference between linux capabities and seccomp
Leverage Bromium Threat Cloud intelligence for real-time malware family and severity classifications Enjoy safe native browsing using Mozilla Firefox with risky sites isolated in Bromium Secure Browser Securely isolate the latest versions of Microsoft … Continue reading Bromium Secure Platform 4.1.4 Adds Threat Intelligence, Firefox Browsing, and More
According to Wikipedia (https://en.wikipedia.org/wiki/Confused_deputy_problem):
In information security, the confused deputy problem is often cited as
an example of why capability-based security is important, as
capab… Continue reading Why do capability-based security systems protect against the confused deputy problem?
Docker seems to support both apparmor and seccomp. Docker also allows to drop capabilities when running a container.
However I couldn’t find any documentation or guideline on when to use which approach.
There seems to be a significant ov… Continue reading Docker: when to use apparmor vs seccomp vs –cap-drop
“Capability URLs are a lot more secure than people give them credit for” and W3C has an excellent overview of the pros and cons of the approach. One thing that isn’t quite clear to me is where this leaves Multi-Factor Authent… Continue reading What is the relationship between Capability URLs and MFA?
In the Enterprise News this week, VMWare launches Blockchain project, lacework raises new funds to extend Cloud Security capabilites, Minerva Labs achieves certified integration with McAfee ePO, CrowdStrike helps advance malware searches on hybrid anal… Continue reading Minerva Labs, CrowdStrike, & VMware – Enterprise Security Weekly #104
If you examine an S/MIME-signed file with
$ openssl cms -in file.sgn -noout -cmsout -print
you see that S/MIME capabilities are also included in the signature:
…
object: S/MIME Capabilities (1.2.840.113549.1.9.15)
value.set:… Continue reading Use of S/MIME capabilities attribute
Microsoft Teams and Skype for Business are heading towards a merger within Teams that will put what Microsoft calls “Intelligent Communications” into the collaboration service.
read more Continue reading Ignite 2017: The Microsoft Teams and Skype for Business Communications Merger
The U.S. military’s reported inability to effectively “drop cyber bombs” on the Islamic State is raising new questions about the military’s existing “cyber weapons arsenal,” a loosely defined collage of digital warfare capabilities shrouded in secrecy. Computer network attacks have been conducted by operators within the National Security Agency and U.S. Cyber Command, the military’s top cyber warfare unit, under the order of Joint Task Force Ares. While the two organizations are inherently aligned, the NSA and Cyber Command follow different missions and employ different capabilities. Very little is publicly known about either the intelligence community or U.S. military’s ability to conduct offensive cyber operations; the subject matter is generally considered classified if not highly sensitive. A leaked CIA document published by WikiLeaks in March and identified by CyberScoop provides a rare window into how analysts conduct cyber warfare operations; describing one instance in which an operator worked to remotely disrupt a […]
The post Why the U.S. is struggling with their digital war on ISIS appeared first on Cyberscoop.
Continue reading Why the U.S. is struggling with their digital war on ISIS
In Linux, do sudo and su belong to Capability-based security ?
For example, when editing a system file, we usually need sudo or su to temporarily switch to user root. Does this example belong to capability-based security, or to protection… Continue reading Do `sudo` and `su` belong to capability-based security?