Skip to content

2014 reviews:

http://oversitesentry.com/?p=1196   the post I discussed in the video...

Get ready for 2015.

Not if you get hacked but "when"  so get ready for more attacks.

Get your incident response ready - When  you get hacked what will you do?

Be prepared - GET READY!!!

hospitalshacked

http://money.cnn.com/2014/08/18/technology/security/hospital-chs-hack/   CNN story of 4.5 mil records of Community Health Systems - why would hackers want these records?

Because the records have ss#, names and addresses.

" But this time, the hackers stole patient data instead. Hackers did not manage to steal information related to patients' medical histories, clinical operations or credit cards. "

The patient data is supposedly protected by HIPAA, but it is only as good as the hospital network overseers.

http://oversitesentry.com/?p=1166

And if the people in charge do not do the right things, like testing:

We test your systems to reduce your Security risks with our 4 service products (listed below: A,ΣΩ, and Ψ)

Then it does not matter... One has to have a Security policy with stringent controls, physical and electronic. Wireless and wired, Internet and corporate network, Cloud and office. It must all work towards the goal of protecting your data.

Here is one of the latest on http://fortune.com/2014/12/20/sony-pictures-entertainment-essay/  the Nork story.

My Fixvirus  Dec23 show video:

Some of posts I discussed on the show:

http://oversitesentry.com/cyberattack-lessons/    Here is what happened in Home Depot hack (56 mil emails harvested as well as 53 mil cc numbers)
http://oversitesentry.com/digital-security-in-risk-assessment/   Here is where the current environment is assessed, including the new 25 Billion Internet of things to come on line in the next year.

Do you really think the world will get less dangerous?

fixvirusshowdec23cyberattack   You must do something about this threat 🙂
http://oversitesentry.com/spoe-second-pair-of-eyes/  What you should be doing is testing your systems, making sure that your computers are not vulnerable (or at least as low as possible

 

Oh yes - Merry Christmas

Merry_Christmas_in_red_star

 

Is risk management philosophy as we know it good enough?

What do we know in the current risk management philosophy? Categorize all systems and set up a level of risk number. Then set up an "important data" ranking number.

Following is an example with number system from 1 being low 5 being highest level.

SystemA  risk number 5  important data 5

SystemB risk number 2 important data 2

SystemC risk number 4 important data 4

 

Risk management philosphy/strategy says that in a limited resources environment we have to do what we can and focus on SystemA since it is valued higher.

The problem is that in the 2014 risk environment SystemB will get hacked, and eventually SystemC will get hacked and now that the criminals are in the network we will get hacked in SystemA as well.

 

So what has risk management bought us? It has ensured that we got hacked, since we deliberately did not spend the time and resources in defending the whole network.

So from now on defend it all and up your game or just save all your money and get ready for the lawsuits.

 

Oversitesentry Blog post discussing a new security environment

Contact Us  to discuss the security of your network in the new 2014 security risk environment (in a few days it will be 2015 security risk environment).

 

NewsofDay: On CMS systems review from this post: http://securityintelligence.com/cms-hacking-2014-by-the-numbers/

Also for TipofDay: PCI compliance the new page created at Oversitesentry (My blog)

http://oversitesentry.com/pci-compliance/

Today's show discusses News of day in the Threatpost blog about Coolreaper:

A backdoor is when software runs a piece of code that you are not aware of, and so CoolReaper phones seem to have malware built into the phones, which unknowingly install apps on their own.

The Tip of Day has a segment on the Red team versus Blue team concept as well as what scanning consists of in the OSI layer representation of the network stream.

We perform Alpha scans and Sigma scans and where they consist in the OSI layer.

Contact us for help scanning your computers and network.

1

We are discussing in news of day - the sad story of retailers not having proper cyber security from Sophos survey: http://www.sophos.com/en-us/press-office/press-releases/2014/12/72-percent-of-uk-retailers-not-cyber-secure.aspx  A lot of retailers do not know or have not for some reason implemented up-to-date cyber security implementations,

 

Here are some startling statistics.

 

  • 87 per cent of UK retailers are confident that they have adequate cyber security in place to prevent malicious data breaches
  • 72 per cent of UK retailers admit they have not implemented basic encryption security to safeguard business and consumer data
  • 14 per cent of UK retailers admit to not having the expertise necessary to implement basic cyber security measures
  • 40 per cent of UK retailers acknowledge they don’t know why they haven’t implemented basic cyber security measures
  • Only 2 per cent have a comprehensive unified threat management capability in place
  • 77 per cent rely only on perimeter-based protection such as firewalls and 33 per cent on anti-virus
  • Only 67 per cent of those who have fallen victim in the past have plans in place to further secure their IT system in the future

 

It is no wonder that the quote is:

"It won't happen to me"  Mr. Ostrich says as it buries head in sand.

 

We can help with a new cyber strategy for 2015.

Contact Us

 

Here is the news link discussed in the news of day:

http://dealbook.nytimes.com/2014/12/13/small-bank-in-kansas-is-a-financial-testing-ground/?_r=0

Hopefully they will review the security implications of this development.

 

At the tip of Day segment - we are reviewing what the red team does in the security of the network.

They test the network defenses by uncovering vulnerabilities - hacking in, and then exploiting the penetrations.

as discussed in video.

 

SVAPE&C  Scan , Vulnerability Assessment, Penetrate - Exploit & Control.

 

We can help you by acting as your red team tester.

 

Threatpost blog post: http://threatpost.com/microsoft-recalls-patch-tuesday-exchange-update/109844

about the exchange server patch rollback (uninstall).

 

The TipofDay is about PCI compliance - security policy must be created.

some parts of the PCI DSS3.0 standard is not very specific (since there are many different types of environments.

Am working on the next video...

In meantime here are some interesting links:

Kerberos Hack of MS14-068 and then one can add themselves as Domain admin

https://www.trustedsec.com/december-2014/ms14-068-full-compromise-step-step/

Kerberos_2v

How about Alienvault vulnerabilityalienvault-logo-nav-green

http://www.zerodayinitiative.com/advisories/ZDI-14-295/

Has an interesting remote code execution on a company that should be protecting your systems.