Casino

Prioritize exploitable Bash Shellcode systems

(this post is in reference to the 6 CVE’s created from a Bash shellcode vulnerability family)

 

First review any Linux or Unix system that has cgi-bin in the URL ( you can search for this in Google – just like the hackers)     search for  “filetype:sh inurl:cgi-bin site:yoursite.com ”  or just remove filetype:sh.

Find any system with cgi-bin even Microsoft Windows and OS X systems.

In these systems with cgi-bin technologies short-term review patching options

Long-term think about changing to another technology, as this issue will not leave us, it is a complex issue and will be with the IT world for a while.  Minimally change any bash calls to another scripting language. be careful that PHP or other techniques do not call bash in an indirect manner.

This problem will vex the IT security field for a while, and the sooner we mitigate this issue and go back to a less dire state the better.  test, patch and implement. Re-test to ensure no vulnerability is still there.

 

Contact us for help on your remediation strategies.

 

Bash Shellcode Vulnerability

Contact us to review if you are vulnerable to  the current Bash code issue Common Vulnerability and Exposure’s CVE-2014-6271 and CVE-2014-7169

I have posted on my blog (oversitesentry.com) where I review the test and some of the fixes.

 

Each company has to review their vulnerability and remediation plans for their Internet facing computer systems.

Contact us to discuss this 314-504-3974 – tonyz”@”fixvirus.com

 

What changed in the new PCI DSS compliance standards(Nov 2013) v3.0?

Here is the 11.3 Section PCI Data Security Standard v3.0  requirements:

  • 11.3 Implement a methodology for penetration testing that includes the following:
    Is based on industry-accepted penetration testing approaches (for example, NIST SP800-115)
    Includes coverage for the entire CDE perimeter and critical systems
    Includes testing from both inside and outside the network
    Includes testing to validate any segmentation and scope-reduction controls
    Defines application-layer penetration tests to include, at a minimum, the vulnerabilities listed in Requirement 6.5
    Defines network-layer penetration tests to include components that support network functions as well as operating systems
    Includes review and consideration of threats and vulnerabilities experienced in the last 12 months
    Specifies retention of penetration testing results and remediation activities results. Note: This update to Requirement 11.3 is a best practice until June 30, 2015, after which it becomes a requirement. PCI DSS v2.0 requirements for penetration testing must be followed until v3.0 is in place.

 

Penetration testing??  yes we do that:  Our Sigma test and Report

And Testing Procedures include the following in the report.

  • 11.3 Examine penetration-testing methodology and interview responsible personnel to verify a methodology is implemented that includes the following:
    Is based on industry-accepted penetration testing approaches (for example, NIST SP800-115)
    Includes coverage for the entire CDE perimeter and critical systems
    Testing from both inside and outside the network
    Includes testing to validate any segmentation and scope-reduction controls
    Defines application-layer penetration tests to include, at a minimum, the vulnerabilities listed in Requirement 6.5
    Defines network-layer penetration tests to include components that support network functions as well as operating systems
    Includes review and consideration of threats and vulnerabilities experienced in the last 12 months
    Specifies retention of penetration testing results and remediation activities results.

 

 

Independent review of your IT Security

What is the reason one hires an independent CPA to check your financial books?

fixvirus-logo-small

Unfortunately even where employees are trustworthy and capable, it makes sense to periodically review their work.

Even the PCI Security Standards Council has the following as “Testing Procedures”

6.1.b Interview responsible personnel and observe processes to verify that:
 New security vulnerabilities are identified.
 A risk ranking is assigned to vulnerabilities that includes identification of all “high” risk and “critical” vulnerabilities.
 Processes to identify new security vulnerabilities include using reputable outside sources for security vulnerability information.

Are you really performing this function with internal personnel? Can you ensure that it is done with accuracy and efficiency over the long term?

For an independent review to occur by definition it must be “Independent”

That is why we have developed a basic Alpha Security scan  to give information to the IT department and management so they can run more efficiently and with higher security.

We should be reviewing our IT departments

 

 

 

 

IT departments  have too much to do

Session_Hijacking__from_owasp.org

They have to keep up with new technologies, all of the new security potential vulnerabilities are frequently too difficult to keep up with unless that is your full-time job is security. Also the concept of attacking one’s network with multiple “pairs of eyes” is also a good thing.

Most IT departments get burned out and after some time just “soldier on” with the environment as it is.  “Damn the torpedoes – full speed ahead” .

One thing I have learned is that the attackers are already here – they have infiltrated your network, and are attacking non-stop looking for your weaknesses. what you need is to make sure that the IT department is doing what it says it does.

 

The only question is how bad is it?

Contact me to give you a direct report for Alpha, Sigma and Omega scans

Tabnapping – new style of attack.

I normally do not make so many cross links from my sites, but If you are now seeing this for first time,

Please be aware of this new style of attack.

I explain it a bit on my blogsite www.oversitesentry.com

azaraskin

this is what you see first, then within a hacker’s page it switches to a gmail login (which is on a hacker’s page designed to steal your gmail identity.

 

 

Kickstarter project ” Computer Security Simplified”

My Kickstarter Project Link

The Ebook will be available within 2 weeks from now

Contact me if you are interested in the E-book

On radio Wed 11am – 11:30am KXEN 1010AM

I will be discussing my new Kickstarter project – “Security Simplified”  among other security related topics.

The Kickstarter project has been started (kick-off was this morning 9/10/14)

 

The KXEN station:

KXEN Radio is located in St. Louis Missouri and ranks 30th out of 200 local radio stations, 
and transmits over 50,000 Watts that reaches 100 miles in all directions.

 

Click on http://www.businessinsideandout.com/ to listen.  (the radio show ended and the mp3 file of the show is here)

 

 

Penetration testing to test attack your site

We perform the Alpha scan to perform the initial scans, and then use the information to perform penetration testing (or pentesting) with the Sigma scan to attack the site as a hacker would do.

serverinfrastructure

If there are custom needs for your networked equipment, then it is necessary to do the Omega scan which requires other types of attacks.

Attacks consist of SQL injection(SQLi) tools

also Cross Site scripting (XSS) tools,

 

A very good understanding of 65,536 ports in udp or tcp is necessary as well.

 

New WordPress 4.0 ready to be upgraded

It is important to patch your software, I know it is tedious, and sometimes (for Windows) it requires a reboot.

for WordPress one may need to get out of the current tasks and perform the updates tab.

It is important to keep up with updates as security issues arise all the time, and the less of a vulnerable profile one has the better. The harder the life of a hacker is the more you can continue your life without interruption due to security issues.

 

As far as functionality 4.0 has embedded video and Twitter and more. you can review the function:

https://wordpress.org/news/2014/09/benny/

this site is now on WordPress 4.0 (as well as Oversitesentry