Video Screencast Help
Symantec to Separate Into Two Focused, Industry-Leading Technology Companies. Learn more.
Cyber Security Services
Showing posts in English
Vince Kornacki | 03 Oct 2013 | 2 comments

Welcome back to the "Android Mobile Application Penetration Test Tricks" blog series! We'll continue to examine techniques that you can use while performing your own mobile application penetration tests. In our last installment we configured BusyBox, and in this installment we'll utilize BusyBox functionality in order to monitor filesystem changes during mobile application execution. Let's jump right in! First launch the emulator with the "partition-size" and "no-snapshot" options:

    $ emulator64-arm -avd myEmulator -partition-size 512 -no-snapshot

As discussed in the last installment, setting the "partition-size" option to a large value such as 512 MB will allow us to make changes to the "/system" partition. Including the "-no-snapshot" option prevents hardware configuration conflicts introduced by the "...

Vince Kornacki | 03 Oct 2013 | 1 comment

Welcome back to the "Android Mobile Application Penetration Test Tricks" blog series! We'll continue to examine techniques that you can use while performing your own mobile application penetration tests. In this installment we'll configure BusyBox, an extremely useful utility that combines tiny versions of many common UNIX utilities into a single small executable. The trusty ADB (Android Debug Bridge) command contains an option to launch a shell within the Android emulator:

    $ adb shell
    root@android:/ # pwd
    /
    root@android:/ # ls
    acct
    cache
    config
    ...OUTPUT TRUNCATED...
    ueventd.goldfish.rc...

Jeannie Warner | 18 Sep 2013 | 1 comment

EXECUTIVE SUMMARY:

On Tuesday September 17, 2013, Symantec’s Security Response organization published a whitepaper report on Hidden Lynx, a Chinese APT group of professional hackers with advanced capabilities.  Evidence suggests that Hidden Lynx is a Chinese state sponsored hacker group with affiliations to “Operation Aurora”.  This group was responsible for the compromise of security firm Bit9’s digital code-signing certificate, used to sign 32 pieces of malware.  They have been involved in a number of operations over the last four years. 

The group offers a “hackers for hire” operation that is tasked with retrieving information from a wide range of corporate and government targets.  They are a highly efficient team who can undertake multiple campaigns at once, breach some of the world’s best-protected organizations, and can quickly change their tactics to achieve their goal. 

They usually...

Vince Kornacki | 16 Sep 2013 | 0 comments

Just like a web application penetration test, a mobile application penetration test is not voodoo magic, but rather an exercise in knowledge, prioritization, and efficiency. During years of hard work, penetration testers hone their methodology and develop efficient ways of applying their knowledge in order to identify specific vulnerabilities within mobile applications. The "Android Mobile Application Penetration Test Tricks" blog series will examine some techniques that you can use while performing your own penetration tests. The same concepts apply to conducting application penetration tests within Apple iOS, but obviously the implementation details are different.

In order to get your Android emulator functional, please refer to Christopher Emerson's excellent "Android Application Security Assessments" blog series. Learn how to...

phlphrrs | 27 Aug 2013 | 0 comments

Now, more than ever, is it important to demand that your cloud services provider provides complete transparency regarding the security and compliance measures they use and have in place to protect your companies’ sensitive information and intellectual property.  The more that companies drive critical IT and Data from the many distributed corporate data centers to a smaller number of cloud services could result in potential disaster for companies around the world when transparency is not made available, whether purposely or by sheer oversight.  In meeting with many customers, I’m discovering that while there are many large cloud service providers that offer quite an array of services and capabilities, there is little to no transparency regarding security and compliance information transparency.  For instance, many cloud providers have their own firewalls, monitoring and controls to ensure that attacks, APTs, malware and otherwise unauthorized activity, but...

Joseph.Rogalski | 26 Aug 2013 | 0 comments

Many times penetration tests are conducted because they are required because of policy or for compliance that may be for an industry or legal requirement.   This is all well and good and when issues are discovered and there always are issues we prioritize and address them. 

I was visiting with a customer recently who was going through a fire drill as there was a mass phishing attack yesterday on their company that appeared to come from Human Resources and was offering a free $25 gift card and the user just needed to login with your domain username and password then enter your home address.   My customer was trying to identify who internally received the email and was looking to their spam and mail protection provider to quickly provide this to no avail.  Unfortunately for my customer Information Security does not own this service and as we progressed further in the conversation he proceeded to tell me all the issues they are having with it....

Symantec Corp. | 12 Aug 2013 | 0 comments

By Brian Dunphy, senior director, product management, Symantec Managed Security Services

In the current business climate, organizations that need to process, store or transmit credit card data are most likely familiar with the Payment Card Industry Data Security Standard or PCI DSS. This standard specifies the security controls needed to keep credit card data safe and secure during transit, processing, and storage. PCI DSS requires organizations to build and maintain a secure network, protect cardholder data, implement strong security measures, maintain a vulnerability management program and an information security policy, and test and monitor networks on a regular basis.

Today, we’re pleased to announce that Symantec Managed Security Services (MSS) is now a PCI DSS-certified service provider. While MSS is not a...

Robert Shaker | 29 Jul 2013 | 4 comments

Thousands of years ago, news traveled at the pace of man or animal. I mean to say you would only learn what someone else was doing or what was happening either in the next town, village, kingdom, etc. only as fast as it could physically get to you. It took days, weeks or months to learn that your neighbors had a new means of creating fire, that the wheel was invented, that an army was headed your way or that there was a disaster. This made our ability to learn from each other and improve on what we learned slow, inconsistent, and unreliable.

I’ve heard on TV shows, online and in movies that there are those that believe much of the technology we have today came from visiting aliens. That we captured them, or they willingly shared it with us, and we use it in military equipment and then slow roll it out to the general populace. I won’t argue whether or not this is true but I have another hypothesis, the speed at which information is shared, processed and stored...

Phil Harris | 16 Jul 2013 | 4 comments

In a continuation of this blog, my original thought was to outline the Cyber Defense aspects.  However, I think it important to discuss the Vigilante aspect first.  There’s a lot more in the news lately about the potential for companies and/or individuals to consider “Hacking Back” to recover their data, whatever it is.  I have to say, it’s an interesting notion and one that I know is not lost on the American spirit when you consider the long lost days of the Wild West where everyone in one form or another had to take matters into their own hands because law enforcement either wasn’t available or non-existent.  Now fast forward to today and the internet.  I’ve always maintained that the internet is pretty much the Wild West in electronic form where you have good law abiding folks and folks that tend to teeter one way or the other and then folks that are out to do whatever they want even to the wanton destruction of others...

Joseph.Rogalski | 24 Jun 2013 | 0 comments

Recently I have been working with a number of customers who are finally getting it, they are getting that Information Security is actually important and they should pay attention to it.   Much of this has been in response to inquiries from their Executives or Board of Directors.  They are asking more questions as high profile hacks are on the nightly news and reports are speaking to the additional risk that is out there such as the Symantec Internet Security Threat report.  In the 2012 ISTR the manufacturing sector was the most attacked in 2012, this is a change for many of these companies as in the past the worry was only about Nonpublic personal information. 
 
Many if not all security professionals came up through the technical side of the house, we all really enjoy discussing malware and installing the latest security tool or learning about the latest vulnerabilities.    I can guarantee the majority of the Boards of...