Video Screencast Help
Cyber Security Group
Showing posts tagged with Symantec Protection Suites (SPS)
Showing posts in English
Solange Deschatres | 15 Apr 2014 | 0 comments

Give an attacker a phish and he will steal some data. Teach an attacker to spear phish and he will steal data bases.

 

Among the wide diversity of threats facing the modern enterprise, targeted attacks are often the most troubling and difficult to defend against. Even companies with modern security infrastructure find it hard to detect and stop targeted attacks because hackers are taking advantage of the weakest security link: people. By crafting sophisticated and customized spear phishing e-mails or exploiting browsing behavior, attackers are finding it easier to breach networks by duping people rather than systems.

Email Campaigns.png

In fact, according to Symantec’s latest Internet Security Threat Report (ISTR), the number of targeted campaigns increased 91 percent in 2013...

Robert Shaker | 29 Jul 2013 | 4 comments

Thousands of years ago, news traveled at the pace of man or animal. I mean to say you would only learn what someone else was doing or what was happening either in the next town, village, kingdom, etc. only as fast as it could physically get to you. It took days, weeks or months to learn that your neighbors had a new means of creating fire, that the wheel was invented, that an army was headed your way or that there was a disaster. This made our ability to learn from each other and improve on what we learned slow, inconsistent, and unreliable.

I’ve heard on TV shows, online and in movies that there are those that believe much of the technology we have today came from visiting aliens. That we captured them, or they willingly shared it with us, and we use it in military equipment and then slow roll it out to the general populace. I won’t argue whether or not this is true but I have another hypothesis, the speed at which information is shared, processed and stored...

Phil Harris | 20 May 2013 | 1 comment

I travel a fair amount for my work and that wouldn’t be so bad except I’m a security professional that travels for work. I consistently see other business travelers do the same or similar security missteps over and over. I thought it might be a good idea to review my top 5 security missteps or, as I like to call them, “Moron Alerts”. This may seem like a very strong term I use, but consider that many of us have been through security awareness training at our respective companies and yet we still do these bad things. With news reports on an almost daily basis about laptops, mobile devices and/or information being stolen, it’s just very difficult to believe that people, especially business travelers, are still making these bad mistakes consistently.
 

1. Laptop unattended in bathroom entrance

This is a relatively new one for me. A couple of weeks ago I was walking out of the bathroom and noticed an...
Joseph.Rogalski | 29 Apr 2013 | 9 comments

Let’s face it users cannot be trusted to know their entire password, I am not talking about the user that writes down their passwords on sticky notes the bad guys would need physical access to actually access those. What I am really speaking to how easily with social engineering or malware passwords can be compromised. If you are not protecting your Internet facing systems that contain anything but public data with multifactor authentication you are asking to be breached, this includes Outlook Web Access. 
 
So how could Outlook Web Access lead to a breach? When trying to breach your company I would first look to the many lists of username, email addresses and password that are available from any of the Social Media password breaches of late. This is a value because as you know many users reuse passwords and it only takes ONE of out of the 1,000, 5,000, 10,000, 100,000+ users that work for your company that decided to reuse that password. Next I will...

uuallan | 23 Apr 2013 | 0 comments

WordPress is the most commonly used blogging platform. It is easy to install and has a great ecosystem of plugins and enhancements that extend its capabilities beyond simply posting pictures of your cats. Unfortunately, millions of inexperienced users means that it is also a target for attackers. There are generally two types of attacks against WordPress: Password attacks and Cross Site Scripting. Password attacks can occur in two ways. The first is simply to attempt to use the default passwords, which many users don't bother to change. The second type of password attack is a password guessing attack. WordPress, and its plugins, use a number of well-known defauly usernames (usually: admin) and many users don't look at failed password authentication attempts, making it an easy target for attackers. WordPress, and its plugins, are well-known for being vulnerable to cross site scripting attacks. Just since the beginning of 2013 Symantec has reported 12...

PaulTobia | 18 Apr 2013 | 0 comments

I’m optimistic on the current trends in security. The concepts of “intelligence” and “big data” have to potential to shift focus to counter the current threat landscape of intentional attacks to steal or destroy valuable information. Additional focus on the detection of attacks within perimeter of your network will really help with reducing risks.  

But I believe we need to be careful on how we approach “intelligence” as a practical component of information security programs. Intrusion detection and event management are aspects of intelligence that the industry has been using for many years but not many organizations use them effectively. Most orgs stand up a solution to check the box in a policy or regulation and never really integrate it into their operations.

My favorite new term is “actionable.” My first question when I hear about a new solution in information security is going to be “is the output...

Phil Harris | 16 Apr 2013 | 0 comments

One of the biggest problems information security encounters is either the perception or reality of slowing down the business. I’ve encountered this myself in my career.  One of the ways I dealt with this problem is through an effective use of the risk assessment process. An effective Risk Assessment process can be the cornerstone or the hub of activity for Information Security.  Picture a group that gets involved in all projects from inception to deployment, understanding all the security needs of their customers, providing iterative security requirements, understanding the needs of the different security groups, and providing management with accept risk reduction or a decision to accept some type of risk. Risk assessment requires a robust process that keeps pace with the project and doesn’t slow it down. Security teams need to make sure all risks are known and addressed in some way prior to construction or development. This way IT/...

Joseph.Rogalski | 08 Apr 2013 | 3 comments

Recently, there have been a string of high profile compromises attacking both could based services, a cloud based note taking site, a fast food companies Twitter account, as well as corporations and individuals.  A well known technology writer had his digital life taken over, abused and somewhat deleted add to this the hacking of cloud company’s’ CEO personal and business accounts.  This led me to think how can we as a security community do a better job?    When I was a CISO a good portion of the end user awareness training was focused on life outside the office, my theory was being safe at home leads to be safe in the office but now thinking about this now leads me to ask myself a question.   Does our end-user education go far enough or reach deeply enough into out users digital lives?  I think the answer to that question is an overwhelming NO and it’s time to take the gloves off!
 
We live in a time...

Robert Shaker | 03 Apr 2013 | 2 comments

Is it naïve of us to think we can ever be perfectly secure? Whether it’s physically or digitally there is always a risk that something bad is going to happen. To protect ourselves physically we install alarms, locks, buy safe cars, have automatic lights, cameras, firearms, etc. These don’t eliminate risks but give us a reasonable sense of safety and we go about our normal daily business. For digital security we install endpoint protection, anti-spam, anti-malware, firewalls, IDS, IDP, and DLP, etc. and go about our normal daily business.

But what happens when these controls fail and we are attacked or injured? For our physical side we have police, fire, ambulatory services, hospitals and doctors that are there to help us after the incident. We buy health, life, and disability insurance, we pre-prepare for what happens post incident. We create an entire support system to back us up.

For our digital side shouldn’t we do the same? Yes, there are...

PaulTobia | 01 Apr 2013 | 0 comments

This was my second year at the RSA Conference. It was interesting to come back as a "veteran" to the largest security conference (24k attendees according to rumor). I consider myself a veteran since I didn't really see differences between last year and this year. Now since I was working my interactions were limited to the expo floor and sidebars. I didn't get into any talks or sessions, but the view from the outside was worthwhile if a little rote. The keynotes and expo floor focused on the same problems we had last year. Sure the scale may have changed and the awareness of threat actors has broadened but we're still fighting the same battles against a backdrop of consumerization, the cloud, and big data.

Now I understand 20 minutes in front of a passive audience or five minutes with a conference goes that wanders up to your kiosk is not the opportune time to solve the world's problems. At best you grab their attention (hopefully in a...