Skip to content

Why audit your computer?

An ethical hacker can scan, then  "attack"  your computer or network and then tell you what is going on with any vulnerabilities.

Such as you say?  How about Ecigs that give you malware?

http://blog.trendmicro.com/trendlabs-security-intelligence/yet-another-digital-picture-frame-malware-incident/

Advanced Threats Researcher Paul Ferguson alerted us today to a report that Amazon.com and Samsung have informed their consumers regarding the discovery of a Sality worm on the product’s installer disc (Samsung Frame Manager XP version 1.08). The infected installer disc is needed to use their product, the Samsung SPF-85H 8-Inch Digital Photo Frames w/ 1GB Internal Memory, as a USB monitor.

 

What a well known manufacturer has unknowingly given malware to their customers? It happens unfortunately.

ecigchargeimagesecigchargerimages

even as innocuous as an Ecig can have malware...  How? Remember my BadUSB post? October 7th I wrote about how USB devices can have inapropriate software in the firmware portion of the USb device (as in the picture below)

badUSB

 

So the moral of the story is any device that you installed on your computer, could have been previously infected.  How does one truly know that your systems are free of infectious software?

The only way is to audit them. To have an independent party take a look at your computers and network.

 

Contact us to discuss with us a free initial visit of your situation.

 

We have an alpha scan among others...

 

To prove this beyond a shadow of doubt:

There are several methods malware can get on your system.   (most likely method is if you click on an attachment that you should not, and that your system is not patched which causes software to be installed and then your machine is infected.

 

Malware Must Die! blog explains how malware code gets installed (i.e. how the code is installed)  of malware attack code:

Blog.malwaremustdie.org   "China ELF(Executable Linking Format) botnet malware infection & distribution scheme unleashed

There are so many ELF malware infection with the multiple type of backdoors and DDoS'ers originated from China."

There is an interesting video on the site which shows a hacker attacking, maneuvering within a remote session. (Windows machine)

ELF is explained here http://elinux.org/Executable_and_Linkable_Format_%28ELF%29

Malware Must Die! also had an earlier post on the shellshock attack which was an explanation of the Mayhem ELF.so botnet.

The shellshock attack tried to modify a tmp file on the system, run it and then remove the file. So essentially they ran software after installing/downloading it and then removing the /tmp file.  This is a sophisticated attack. and if your system is vulnerable to Shellshock it may have been hit with the Mayhem botnet.

Contact Us to test your systems

“... Through the process of risk management, leaders must consider risk to U.S. interests from adversaries using cyberspace to their advantage and from our own efforts to employ the global nature of cyberspace to achieve objectives in military, intelligence, and business operations..."
THE NATIONAL STRATEGY FOR CYBERSPACE OPERATIONS
OFFICE OF THE CHAIRMAN, JOINT CHIEFS OF STAFF ,
U.S. DEPARTMENT OF DEFENSE
NIST publication 800-39 http://csrc.nist.gov/publications/nistpubs/800-39/SP800-39-final.pdf

Follow these steps to review your computer network security:

A. Ensure that senior leaders executives recognize the importance of managing information

security risk and establish appropriate governance structures for managing such risk

1. Develop Risk Assessment for the systems on the Internet, create a priority listing, where the systems most critical are noted as such.

2. Create a Security Policy (governance structure) from the Risk Assessment

3. Have an independent person (not your IT department) check the system for Software and ports open (Audit), review your security policy, does it work with the risk assessment?

4. Review the software and ports open with IT department to ensure they are all patched (digest the Audit)

5. Create any documentation that is necessary to complete a full Network Computer Security risk Analysis

Contact Us for help in all of these steps. We do Computer Security all day every day.

fixvirus-logo-small