There has to be a better way

IT Security Insider

Subscribe to IT Security Insider: eMailAlertsEmail Alerts newslettersWeekly Newsletters
Get IT Security Insider: homepageHomepage mobileMobile rssRSS facebookFacebook twitterTwitter linkedinLinkedIn


Top Stories

Vancouver-based ENC Security Systems, which is supposed to make "un-hackable" Encrypt Stick flash drive software, has released an Encrypt Stick 5.0 Private Browser, a digital privacy browser that it claims is the safest way to browse the Internet. Its timing couldn't be better considering the Federal Trade Commission is now backing the development of a Do-Not-Track system for web that's got the online ad people worried about their $23 billion sector and claiming it will mean the end of free content and Firefox revisiting a Do-Not-Track mechanism after Mozilla, pressured by an ad exec, killed such a tool a few months ago for fear Madison Avenue would come up with something sneakier, the Wall Street Journal says. Anyway, the Encrypt Stick Private Browser runs from the user's flash drive and applies polymorphic encryption, which creates unique encryption algorithms ... (more)

BIOS: Overview and Security

Computer security has become much harder to manage in recent years, and this is due to the fact that attackers continuously come up with new and more effective ways to attack our systems. As attackers become increasingly sophisticated we as security professionals must ensure that they do not have free rein over the systems that we are hired to protect. An attack vector that many people forget to consider is the boot process, which is almost completely controlled by the BIOS. The BIOS is a privileged piece of software that is generally ignored by day-to-day users and thus they are usually unable to comprehend the importance of it in our computers. The Basic Input/Output System was first invented by Gary Kildall for use in his operating system CP/M and this became what we now know as the conventional BIOS system. The BIOS appeared in IBM-compatible PCs around 1975 an... (more)

Benefits and Economics of Strong Two-Factor Authentication Platforms

Click Here to Download Whitepaper Now! Recent high profile security breaches at major online websites tell us static passwords are not the answer. Even recent SMS security additions to consumer websites do little to address the issue. Fortunately, a more secure authentication system is available for consumer websites that takes advantage of the two-factor authentication (2FA) process long used for security by the financial industry and Fortune 500 enterprise employees. A rigorous 2FA process frees users from creating and maintaining easily deciphered static passwords in favor of randomly generated One Time Passwords (OTPs) combined with a personally selected PIN. These systems can be easily deployed and managed in the cloud with no new hardware using only the customer's existing smartphone, tablet or laptop. In addition to providing a secure online experience, 2FA e... (more)

Cyber Security Alliance Helps Small Businesses Address Security Risks

Across all industries, small businesses are increasingly facing new threats related to cyber security. Whereas some have taken minimum steps to address these threats but most have not. New security threats and incidents are reported every day in news reports and a many remain unreported. This underscores the need for cyber security education of small business owners and managers. These threats have potentially serious consequences and could lead to unrecoverable damage to small businesses. What are some consequences of the lack of basic cyber security controls? Loss or stolen customer data Loss of intellectual property Decreased productivity Legal liability Regulatory sanctions and fines Computer systems downtime Loss of reputation and customer confidence Loss of revenue Banking Fraud Could this happen to you? It is very important to understand that neither size nor i... (more)

Preventive Security Through Behavior Modification - Part 2

Last week, we saw that Defensive Security is not enough to solve the $1 trillion Intellectual Property and IT theft and cybercrime problem. This week, more about Preventive Security. Preventive Security is a set of technologies and processes used to prevent security incidents from even being attempted. These include awareness and training programs, establishment of proper policies and procedures and the use of technology solutions in support of existing laws. In fact, this is not very different from "regular" crime and how we deal with it. We arm ourselves with the means to catch the bad guys, we severely punish crimes and we let people know that crime is bad, that jail is also bad and that if they try and commit the crime they will be caught. This prevents most people from getting into trouble. So how severe are punishments for IT crimes? In a case tried in March o... (more)

Victim-nomics: Estimating the “Costs” of Compromise

Since launching ThreatConnect.com, Cyber Squared's Intelligence Support Team has become more effective in managing, analyzing and sharing our Threat Intelligence. While understanding the threat remains one of our core requirements, we have also begun to fill a key gap that, we feel, many within the industry are failing to address. Providing effective Threat Intelligence requires more than just characterizing the threat from a technical perspective.  Instead, you must strike a balance between providing technical context as well as non-technical relevancy to the victim.  Industry report authors will often admire the cyber espionage problem all the while promoting their technical talents.  Unfortunately, these overly technical threat details are not easily interpreted or acted upon by today's non-technical business leaders.  So, ultimately, this shortcoming often over... (more)

Shadow IT – The Reality Is Here

A recent survey has shown that security policies and rules set down by IT departments are not just being ignored but having a bus driven through them by staff and senior executives, who wish to bring their own device to work so that they can do more, work smarter and be in touch all of the time. The survey shows that almost three-quarters of respondents would not bet against their own organization having a data breach within the next 12 months. This along with other responses shows that the IT Department of 2013 is a long way from the IT Department of just five years ago, where what they said may not have been liked but was generally adhered to and, if it was not, sanctions could come into effect. Today's rise in BYOD means that every user is in effect his or her own IT department, able to bring in and out of the office just about any file they see fit. Even if an... (more)

Layered Security Is Key to Avoiding Heartbleed

While organizations spend the next few days and weeks patching OpenSSL vulnerabilities, the realization is setting in that we may never know the full extent of the damage caused by Heartbleed. Although Heartbleed was only announced in early April, it has actually been present in OpenSSL versions dating back to March 2012. This means hackers have had ample time to steal certificates and other sensitive information. Making matters worse, it's nearly impossible for companies to know whether their web communications have indeed been compromised. What exactly is being exposed? When exploited by a hack, Heartbeat (the name of the transport layer security extension where the bug was found) dumps whatever data might reside in the memory of client/server communications in small 64k chunks. Normally this traffic is encrypted, but the bug actually compromises the secret keys, ... (more)

Windows Least Privilege Management and Beyond

Click Here to Download This Whitepaper Now! For Windows environments, it is critical that organizations can delegate administration and establish granular privileges quickly and efficiently to restrict administrators so they only access the servers and resources required to perform their job and only during the approved times to perform specific tasks. This white paper examines the security, compliance and efficiency issues surrounding least privilege management for Windows servers, and explains where native Windows tools fall short. It then describes how Centrify's DirectAuthorize component for Windows eliminates the problem of too many users having broad and unmanaged administrative powers by delivering secure delegation of privileged access and granularly enforcing who can perform what administrative functions. Click Here to Download This Whitepaper Now! ... (more)

Conquering the Top Five Enterprise Data Protection Challenges

Click Here to Download Whitepaper Now! Today's datacenters face a gauntlet of challenges including protection of physical and virtual environments, fast recovery of data, reducing backup times and storage requirements, server consolidation, and disaster recovery. How are savvy CIOs conquering these types of challenges? Find out how in this white paper by expert David Davis. Click Here to Download Whitepaper Now! ... (more)

Post Exploitation Using Metasploit Pivot and Port Forward

The Metasploit Framework is a penetration testing toolkit, exploit development platform, and research tool. The framework includes hundreds of working remote exploits for a variety of platforms. Payloads, encoders, and nop slide generators can be mixed and matched with exploit modules to solve almost any exploit-related task. A very nice feature in Metasploit is the ability to pivot through a Meterpreter session to the network on the other side. This tutorial walks you through how this is done once you have a Meterpreter session on a foreign box. We begin right after a client side exploit has been achieved from an attacker machine running Ubuntu Linux to the victim machine running Windows XP. 1. Introduction The Metasploit Project is an open-source, computer security project which provides information about security vulnerabilities that assist in performing a penet... (more)