Casino

Security show for Dec19

NewsofDay: On CMS systems review from this post: http://securityintelligence.com/cms-hacking-2014-by-the-numbers/

Also for TipofDay: PCI compliance the new page created at Oversitesentry (My blog)

http://oversitesentry.com/pci-compliance/

Fixvirus Security show – Red team versus Blue Team

Today’s show discusses News of day in the Threatpost blog about Coolreaper:

A backdoor is when software runs a piece of code that you are not aware of, and so CoolReaper phones seem to have malware built into the phones, which unknowingly install apps on their own.

The Tip of Day has a segment on the Red team versus Blue team concept as well as what scanning consists of in the OSI layer representation of the network stream.

We perform Alpha scans and Sigma scans and where they consist in the OSI layer.

Contact us for help scanning your computers and network.

Fixvirus Security Show – NextGen FireWall (NGFW)

We are discussing in news of day – the sad story of retailers not having proper cyber security from Sophos survey: http://www.sophos.com/en-us/press-office/press-releases/2014/12/72-percent-of-uk-retailers-not-cyber-secure.aspx  A lot of retailers do not know or have not for some reason implemented up-to-date cyber security implementations,

 

Here are some startling statistics.

 

  • 87 per cent of UK retailers are confident that they have adequate cyber security in place to prevent malicious data breaches
  • 72 per cent of UK retailers admit they have not implemented basic encryption security to safeguard business and consumer data
  • 14 per cent of UK retailers admit to not having the expertise necessary to implement basic cyber security measures
  • 40 per cent of UK retailers acknowledge they don’t know why they haven’t implemented basic cyber security measures
  • Only 2 per cent have a comprehensive unified threat management capability in place
  • 77 per cent rely only on perimeter-based protection such as firewalls and 33 per cent on anti-virus
  • Only 67 per cent of those who have fallen victim in the past have plans in place to further secure their IT system in the future

 

It is no wonder that the quote is:

“It won’t happen to me”  Mr. Ostrich says as it buries head in sand.

 

We can help with a new cyber strategy for 2015.

Contact Us

 

 

Fixvirus Security show Dec15 – explain red team role in computer security

Here is the news link discussed in the news of day:

http://dealbook.nytimes.com/2014/12/13/small-bank-in-kansas-is-a-financial-testing-ground/?_r=0

Hopefully they will review the security implications of this development.

 

At the tip of Day segment – we are reviewing what the red team does in the security of the network.

They test the network defenses by uncovering vulnerabilities – hacking in, and then exploiting the penetrations.

as discussed in video.

 

SVAPE&C  Scan , Vulnerability Assessment, Penetrate – Exploit & Control.

 

We can help you by acting as your red team tester.

 

fixvirus show – PCI compliance discussion, patch rollback

Threatpost blog post: http://threatpost.com/microsoft-recalls-patch-tuesday-exchange-update/109844

about the exchange server patch rollback (uninstall).

 

The TipofDay is about PCI compliance – security policy must be created.

some parts of the PCI DSS3.0 standard is not very specific (since there are many different types of environments.

video log will return Saturday –

Am working on the next video…

In meantime here are some interesting links:

Kerberos Hack of MS14-068 and then one can add themselves as Domain admin

https://www.trustedsec.com/december-2014/ms14-068-full-compromise-step-step/

Kerberos_2v

How about Alienvault vulnerabilityalienvault-logo-nav-green

http://www.zerodayinitiative.com/advisories/ZDI-14-295/

Has an interesting remote code execution on a company that should be protecting your systems.

 

fixvirus Show Keurig2.0 hack – Hacker explanation, SVAPEC

hacker process explained:

Don’t get SVAPEC’d

Criminal Hackers use this method:

Scan-> Vulnerability Assessment –> Penetrate and Exploit –> Control = SVAPEC

 

You should do the SVA – Scan–> Vulnerability Assessment –> Mitigate the vulnerability or fix the problem.

 

we can help you with SVA Contact US

Why perform your own vulnerability analysis?

 

Why do hackers want to hack you? To steal your data and reputation, so they can make money. (a criminal in Romania – $10000 is a lot of money)  or Russia – please add all countries with lax laws and legal systems.

fbi-criminals  fbi-russianexpansionintocrime

(images from black hat 2014)   My blog post at OversiteSentry  This all started with some Russian criminals figuring out they can make money using hacker techniques in the late 1990’s

How do hackers attack you?

  1. Assess first – what systems are there?
  2. What is vulnerable? (vulnerability analysis)
  3. Figure out what to attack (what will make most money/achieve goals)
  4. Exploitation – attack and go on system – steal the information
  5. Control the system leave behind programs to come back- allows the ability to use your system

Russian criminal organizations as well as other criminal organizations have automated attacks to find weak spots. If you have a weak spot it will be found.

attacklifecycle

Mandiant has developed an attack lifecycle diagram with China’s Attack hacker section of the PLA

My blogpost http://oversitesentry.com/easier-to-steal-technology-than-create-your-own-says-china/

Essentially – it is very easy for a hacker once they learn how to attack one computer, to attack a thousand computers.  If you have a vulnerability they will find it. and then exploit, so the only thing you can do is to employ your own hacker – an ethical hacker like us. at Fixvirus.com – check our scan solutions:   http://oversitesentry.com/solutions/

 

 

 

Vpost – POODLE resurfaces – physical hacks with raspberryPi

 

 

2nd show Fixvirus Security Show

NewsofDay:

POODLE(Padding Oracle On Downgraded Legacy) resurfaces –

i.e. Not just the original issue https://www.openssl.org/~bodo/ssl-poodle.pdf

But the new one: https://www.imperialviolet.org/2014/12/08/poodleagain.html

F5 has issued a list of products needing patches

You can scan your website (to see if vulnerable) from Qualys free Server test: https://www.ssllabs.com/ssltest/

Video:

 

Tipofday:

raspberry-fixvirusshow  Here is the screenshot of raspberry+ with wifi the hack of day: what if one of these devices is in your network (dropped off by a hacker to steal your network information)

it is a good idea to audit your network to uncover any devices that you may not be aware of. All IP addresses need to be accounted for. 

We would help your IT department in the audit process, or audit using open source security(hacker) tools, then inform you and your IT department.

 

 

The Inaugural Fixvirus Security Show is uploaded

We will set up a daily(M-F) Tip-of-day and News-of-day segment

Here is the first one – about tomorrows Patch Tuesday and plan for next year – replace old machines/ AV software replace/upgrade.

Always better to replace the AV software engine rather than just renewing the service agreement.

 

If you have questions, or need help with decisions to be made, we can help you – Contact Us  Tony Zafiropoulos – 314-504-3974 tonyz”@”fixvirus.com