There has to be a better way

IT Security Insider

Subscribe to IT Security Insider: eMailAlertsEmail Alerts newslettersWeekly Newsletters
Get IT Security Insider: homepageHomepage mobileMobile rssRSS facebookFacebook twitterTwitter linkedinLinkedIn


Top Stories

Over the next few weeks, we'll investigate how the expression "An ounce of prevention is worth a pound of cure" could also be applied to the IT world, and what are the tools to foster preventive security through behavior modification. When looking at IT security, it seems that most of the security solutions today are based on Defensive Security. Technologies such as AntiVirus, Firewalls, Intrusion Detection Systems and Intrusion Prevention Systems, Anti-Trojan, Anti-Worms, and Anti-Spyware belong in this category. The primary focus of these technologies is defending against security attacks in progress. Other categories of security exist of course, such as Proactive Security (including Vulnerability Management) and Remediation Security (e.g. Patch Management), but the industry focus these past few years has been on Defensive Security. It is amazing that despite a... (more)

Rajaratnam Wants Jury Verdict Overturned

Convicted hedge fund felon Raj Rajaratnam wants the presiding judge in his months-long trial on insider trading charges to throw out the verdict that could send him to jail for a very long time. On Wednesday his lawyers renewed a motion to have him acquitted and his slate wiped clean after a federal jury found him guilty of all 14 counts of conspiracy and securities fraud on May 11. The defense tried the same thing after the government rested its case and again after all the evidence was presented. This time his lawyers claim that despite the massive wiretap evidence against him the prosecution failed to prove his guilt beyond a reasonable doubt on at least five of the 14 counts. Rajaratnam, 53, is supposed to be sentenced July 29. The tens of millions he was found to have illegally garnered were almost exclusively amassed in brand-name tech stocks from tips by corr... (more)

Post Exploitation Using Metasploit Pivot and Port Forward

The Metasploit Framework is a penetration testing toolkit, exploit development platform, and research tool. The framework includes hundreds of working remote exploits for a variety of platforms. Payloads, encoders, and nop slide generators can be mixed and matched with exploit modules to solve almost any exploit-related task. A very nice feature in Metasploit is the ability to pivot through a Meterpreter session to the network on the other side. This tutorial walks you through how this is done once you have a Meterpreter session on a foreign box. We begin right after a client side exploit has been achieved from an attacker machine running Ubuntu Linux to the victim machine running Windows XP. 1. Introduction The Metasploit Project is an open-source, computer security project which provides information about security vulnerabilities that assist in performing a penet... (more)

Victim-nomics: Estimating the “Costs” of Compromise

Since launching ThreatConnect.com, Cyber Squared's Intelligence Support Team has become more effective in managing, analyzing and sharing our Threat Intelligence. While understanding the threat remains one of our core requirements, we have also begun to fill a key gap that, we feel, many within the industry are failing to address. Providing effective Threat Intelligence requires more than just characterizing the threat from a technical perspective.  Instead, you must strike a balance between providing technical context as well as non-technical relevancy to the victim.  Industry report authors will often admire the cyber espionage problem all the while promoting their technical talents.  Unfortunately, these overly technical threat details are not easily interpreted or acted upon by today's non-technical business leaders.  So, ultimately, this shortcoming often over... (more)

Time to Ditch Cryptographic Keys?

What is the most secure way to authenticate electronic data? Until recently, many technical people would have answered ‘cryptographic keys' without blinking. But recent headline events - and a ‘biggie' last year - have raised serious doubts about the ability of cryptographic keys to protect vital government and corporate data. Here are two examples from February that should make CIOs, CTOs and CSOs tremble in their boardrooms: McAfee revoking keys for signing apps on the Apple store; and stolen keys from Bit9 being used to sign malware. In the McAfee case, a McAfee administrator revoked (by mistake) the digital key for certifying desktop apps that run on Apple's OS X, thereby creating serious problems for customers who wanted to install or upgrade Mac antivirus products. The original Arstechnica article (McAfee revoking keys) noted that the administrator intended ... (more)

The New Standard: Intelligence-Driven Security

In a recent blog post, Art Coviello, the executive chairman at RSA, posed an important question. How do we move from traditional security to intelligence-driven security? In his answer he described that the quickly interdependent exchanges between parties (B2C, B2B, B2P, etc) have grown beyond the traditional means of securing the enterprise: “IT organizations have continued to construct security infrastructures around a disintegrating perimeter of increasingly ineffective controls.” He described a new-model of cyber-security that includes five concepts: A thorough understanding of risk The use of agile controls based on pattern recognition and predictive analytics The use of big data analytics to give context to vast streams of data to produce timely, actionable information Personnel with the right skill set to operate the systems Information sharing at scale I hav... (more)

Best Practices to Ensure Security in the Private Cloud

As regulatory oversight across the financial landscape continues to drive greater transparency and stricter penalties, outsourcing to the private cloud has become an integral resource for hedge fund and private equity managers. Cloud infrastructure services are now synonymous with increased efficiency, decreased costs and added security. However, security in particular remains a key concern for many financial services firms. The costs a cloud services provider can incur in dealing with a security breach, both financially and to its reputation, can be devastating. Infrastructure providers, particularly those catering to financial services firms such as hedge funds, must have strict policies in place and employ best practices to ensure that their clients receive the same level of security as they would achieve with an on-site network. While most participants in the f... (more)

Layered Security Is Key to Avoiding Heartbleed

While organizations spend the next few days and weeks patching OpenSSL vulnerabilities, the realization is setting in that we may never know the full extent of the damage caused by Heartbleed. Although Heartbleed was only announced in early April, it has actually been present in OpenSSL versions dating back to March 2012. This means hackers have had ample time to steal certificates and other sensitive information. Making matters worse, it's nearly impossible for companies to know whether their web communications have indeed been compromised. What exactly is being exposed? When exploited by a hack, Heartbeat (the name of the transport layer security extension where the bug was found) dumps whatever data might reside in the memory of client/server communications in small 64k chunks. Normally this traffic is encrypted, but the bug actually compromises the secret keys, ... (more)

Test All Apps to Keep Hackers from Penetrating Castle Walls

Despite all the news about hackers infiltrating major corporations, most businesses continue to leave themselves woefully unprotected. Some surveys estimate more than 70% of businesses perform vulnerability tests on less than 10% of their cloud, mobile and web applications. A majority also confess they have been hacked at least once in the last two years. While most large businesses have begun application vulnerability testing, there is still a long way to go. After all, you are only as strong as your weakest link; hackers will undoubtedly find and attack any application without sufficient defenses. Although testing and creating protection for high-value and mission-critical applications is better than not doing anything at all, leaving low-priority applications unprotected is still a major risk. If hackers can exploit just one application, that means they can then ... (more)

Conquering the Top Five Enterprise Data Protection Challenges

Click Here to Download Whitepaper Now! Today's datacenters face a gauntlet of challenges including protection of physical and virtual environments, fast recovery of data, reducing backup times and storage requirements, server consolidation, and disaster recovery. How are savvy CIOs conquering these types of challenges? Find out how in this white paper by expert David Davis. Click Here to Download Whitepaper Now! ... (more)

The Major Cloud Security Threat By @Intermedia_Net | @CloudExpo [#Cloud]

The Major Cloud Security Threat Most IT Departments Overlook Eighty-nine percent of knowledge workers retain access to the sensitive corporate applications and files of former employers. Earlier this year, a member of the team at Site-Eye, one of the top time-lapse film companies in the UK, noticed a disturbing problem with one of its client's feeds. A deeper investigation revealed that of the 200 cameras it had installed at construction sites around the world, 120 had been remotely disabled. In order to restore service to these cameras, engineers needed to be dispatched to each location, setting Site-Eye back $80,000. The cause behind the problem? A single disgruntled former employee who walked away from his job with the passwords to the company's services in-hand. This is an issue that is far from isolated to the time-lapse film industry: it's actually a risk for an... (more)