There has to be a better way

IT Security Insider

Subscribe to IT Security Insider: eMailAlertsEmail Alerts newslettersWeekly Newsletters
Get IT Security Insider: homepageHomepage mobileMobile rssRSS facebookFacebook twitterTwitter linkedinLinkedIn

Top Stories

What is the most secure way to authenticate electronic data? Until recently, many technical people would have answered ‘cryptographic keys' without blinking. But recent headline events - and a ‘biggie' last year - have raised serious doubts about the ability of cryptographic keys to protect vital government and corporate data. Here are two examples from February that should make CIOs, CTOs and CSOs tremble in their boardrooms: McAfee revoking keys for signing apps on the Apple store; and stolen keys from Bit9 being used to sign malware. In the McAfee case, a McAfee administrator revoked (by mistake) the digital key for certifying desktop apps that run on Apple's OS X, thereby creating serious problems for customers who wanted to install or upgrade Mac antivirus products. The original Arstechnica article (McAfee revoking keys) noted that the administrator intended ... (more)

BIOS: Overview and Security

Computer security has become much harder to manage in recent years, and this is due to the fact that attackers continuously come up with new and more effective ways to attack our systems. As attackers become increasingly sophisticated we as security professionals must ensure that they do not have free rein over the systems that we are hired to protect. An attack vector that many people forget to consider is the boot process, which is almost completely controlled by the BIOS. The BIOS is a privileged piece of software that is generally ignored by day-to-day users and thus they are usually unable to comprehend the importance of it in our computers. The Basic Input/Output System was first invented by Gary Kildall for use in his operating system CP/M and this became what we now know as the conventional BIOS system. The BIOS appeared in IBM-compatible PCs around 1975 an... (more)

Windows Least Privilege Management and Beyond

Click Here to Download This Whitepaper Now! For Windows environments, it is critical that organizations can delegate administration and establish granular privileges quickly and efficiently to restrict administrators so they only access the servers and resources required to perform their job and only during the approved times to perform specific tasks. This white paper examines the security, compliance and efficiency issues surrounding least privilege management for Windows servers, and explains where native Windows tools fall short. It then describes how Centrify's DirectAuthorize component for Windows eliminates the problem of too many users having broad and unmanaged administrative powers by delivering secure delegation of privileged access and granularly enforcing who can perform what administrative functions. Click Here to Download This Whitepaper Now! ... (more)

Enhance Your Security Posture

With this post I would like to provide some personal thoughts on the key things organizations should be doing to enhance security, privacy and functionality of their IT.  This includes some specific recommendations for security solutions, including solutions I’m on advisory boards for (read the disclaimer).  So I better caveat this by saying “please use your own judgement!”   I associate myself with firms because I believe they are world class best and that is why I’ve mentioned the specific capabilities here. With that, here are my views of the top five things every government organization should be doing to reduce risk in cyberspace: 1.  Adopt an fully implement a program centered around the Consensus Audit Guidelines.  Details on this effort are at This program is a well coordinated, well thought out list of controls and metrics that eve... (more)

Preventive Security Through Behavior Modification

Over the next few weeks, we'll investigate how the expression "An ounce of prevention is worth a pound of cure" could also be applied to the IT world, and what are the tools to foster preventive security through behavior modification. When looking at IT security, it seems that most of the security solutions today are based on Defensive Security. Technologies such as AntiVirus, Firewalls, Intrusion Detection Systems and Intrusion Prevention Systems, Anti-Trojan, Anti-Worms, and Anti-Spyware belong in this category. The primary focus of these technologies is defending against security attacks in progress. Other categories of security exist of course, such as Proactive Security (including Vulnerability Management) and Remediation Security (e.g. Patch Management), but the industry focus these past few years has been on Defensive Security. It is amazing that despite a... (more)

Post Exploitation Using Metasploit Pivot and Port Forward

The Metasploit Framework is a penetration testing toolkit, exploit development platform, and research tool. The framework includes hundreds of working remote exploits for a variety of platforms. Payloads, encoders, and nop slide generators can be mixed and matched with exploit modules to solve almost any exploit-related task. A very nice feature in Metasploit is the ability to pivot through a Meterpreter session to the network on the other side. This tutorial walks you through how this is done once you have a Meterpreter session on a foreign box. We begin right after a client side exploit has been achieved from an attacker machine running Ubuntu Linux to the victim machine running Windows XP. 1. Introduction The Metasploit Project is an open-source, computer security project which provides information about security vulnerabilities that assist in performing a penet... (more)

Ventana New Media Sweeps Up Three Awards at Golden Bridge Awards Ceremony

Ventana New Media has earned the prestigious Golden Bridge Awards titles for their Ventana New Media Engine. The coveted annual Golden Bridge Awards program encompasses the world’s best in organizational performance, products and services, executives and management teams, women in business and the professions, innovations, case studies, product management, public relations and marketing campaigns and customer satisfaction programs from every major industry in the world. Organizations from all over the world are eligible to submit nominations including public and private, for-profit and non-profit, largest to smallest and new start-ups. Winners were honored in New York on Wednesday, August 10, 2011 during the 3rd annual awards dinner and presentations. Ventana New Media was established to give companies vastly greater control over their corporate message and audienc... (more)

Rajaratnam Gets 11 Years

Raj Rajaratnam, 54, the convicted ringleader of one of the largest insider trading schemes ever, was sentenced Thursday to a record 11 years in prison, fined $10 million and ordered to forfeit $53.8 million. There's no parole in the federal system although Reuters says federal prisoners have to serve 85% of their sentence before they can be considered for release. That would be nine years three months. Government prosecutors had asked for 19½-24½ years; Rajaratnam's defense attorneys, arguing that he's sick, asked for 6½-eight years. It was disclosed at the sentencing that Rajaratnam is suffering from an advanced case of diabetes and may need of a kidney transplant. The judge said it tempered his sentence. He will recommend Rajaratnam be incarcerated in the North Carolina prison where Ponzi schemer Bernie Madoff is serving a life sentence. It has a hospital. Rajara... (more)

Lessons Learned from LinkedIn

Users are making it too easy for hackers. If we take a closer look at the 6.5 million hashed LinkedIn passwords that leaked we find a large swath of the user population are ignoring warnings of overly simplistic and obvious passwords. Would you believe the most common word or phrase found in a 160K sampling of the list was “link”? And would you further shake your head in disbelief that “1234” and “12345” followed close behind. Rounding out the top 10 were “work,” “god,” “job,” “angel,” “the,” “ilove,” and “sex.” More so than Facebook, LinkedIn is the social media of choice for business. So it is likely to be used by the users in your enterprise as part of their SaaS profile. This makes their problem, your problem. If we learn anything from this debacle, it is that password management should be a priority for any organization that allows its users unfettered access t... (more)

Victim-nomics: Estimating the “Costs” of Compromise

Since launching, Cyber Squared's Intelligence Support Team has become more effective in managing, analyzing and sharing our Threat Intelligence. While understanding the threat remains one of our core requirements, we have also begun to fill a key gap that, we feel, many within the industry are failing to address. Providing effective Threat Intelligence requires more than just characterizing the threat from a technical perspective.  Instead, you must strike a balance between providing technical context as well as non-technical relevancy to the victim.  Industry report authors will often admire the cyber espionage problem all the while promoting their technical talents.  Unfortunately, these overly technical threat details are not easily interpreted or acted upon by today's non-technical business leaders.  So, ultimately, this shortcoming often over... (more)

Why Is Cloud Security Such a Big Challenge?

For many enterprises, moving business processes and data to the cloud has become a next step for improving both operational and technological capabilities. The cost savings and efficiencies created by utilizing cloud applications continue to increase, including opportunities for more business functions to be put on the cloud. For those currently using the cloud or planning to begin or expand cloud adoption, a growing concern is cloud security and specifically this question - "Why is cloud security such a big challenge?" The Various Challenges of Cloud Security The challenges of cloud security begin with an enterprise's need to keep control over their data and to ensure that their data is kept private and protected. Whether it is outsourced data storage or the use of popular cloud SaaS applications, putting more data in the cloud inherently means more opportunity fo... (more)