Skip to content

Our video of the fixvirus security show:

news of day:  Cybersecurity has priority in State of the Union (Why ? due to Sony Hack)

as in our blog post:

http://oversitesentry.com/?p=1291

tip of day : run a recon scan on your machines:  our Alpha scan for example.  http://oversitesentry.com/solutions/alpha/   Alpha scan link


Contact us

 

New Fixvirus Security Show Jan9 on vulnerability Assessment in Tip of day as well as News of Day CES show quotes ...

Some of the quotes I already researched on my Blog: Oversitesentry.com: http://oversitesentry.com/can-we-stop-cybersecurity-breaches/

News of Day:

FTC chairwoman commissioner Edith Ramirez’ opening remarks at the CES show on the 6th of January.

http://www.ftc.gov/system/files/documents/public_statements/617191/150106cesspeech.pdf

We are told that, in 2015, the world will have 25 billion connected devices; the number of smart home devices will reach nearly 25
million; and IoT software platforms will “become the rage”
But we have also been warned that 2015 will be the year we start hearing about smart-home hacking.”
I heard the headlines about the privacy aspect of the IoT (Internet of Things) but also in her statements she discussed security risks of IoT. She poses a valid concern, security in the IoT space has not been thought about for decades, so as we start introducing all of these devices everywhere (home and business) there should be a focus of Security by Design, instead of functionality first.
And finally the chairwoman finishes with:
As is evident here this week, companies are investing billions of dollars in this growing industry; they should also make appropriate investments in privacy and security.“

 

vulnerability Assessment in tip of day -

 

SVAPE& C comes from the Mandiant report diagram:

attacklifecycle

 

I talk about more of SVAPE & C

i.e.

Scan first, Vulnerability Assessment next, Penetrate and Exploit systems, Control the systems until you take back or he sell

"Do the right thing" = Philotimo

PCI compliance best practices(from page 13 PCI DSS 3.0 doc):

  1. Monitoring of security controls—such as firewalls, intrusion-detection systems/intrusion-prevention systems (IDS/IPS), file-integrity monitoring (FIM), anti-virus, access controls, etc.—to ensure they are operating effectively and as intended.
  2. Ensure all failures in security controls, such as firewalls and IDS/IPS, file integrity monitoring, anti-virus.
  3. Review changes to environment
    1. Determine impact to PCI DSS scope
    2. Identify PCI DSS requirements applicable to item affected by the change
    3. Update PCI DSS scope and implement security controls as appropriate
  4. Changes to organizational structure (adding offices, mergers, etc)
  5. Periodic reviews and communications
  6. Review HW and SW at least annually that is continued to be supported by the vendor.

Fixvirus.com Alpha scan  helps you review your systems.

We need a permission document

then we nmap scan your systems.

If you have certain ports open then I may perform vulnerability scan using tools.

I write a report - if problems exist

Your IT department fixes the problem

I run another scan to see if the problem was fixed.

Will write another report and discuss with you.$500/ip address for external IPs, if internal ips (requires onsite visit) then an onsite fee is assessed

 

On News of Day I discuss http://www.darkreading.com/operations/5-pitfalls-to-avoid-when-running-your-soc-/a/d-id/1318218

Specifically:

"Our goal is to protect our critical assets, quickly know when they have been compromised and respond with immediate action to contain and eradicate the threat. If anyone believes they are going to create the perfect secure environment, let me save you some pain in discovery: It does not exist. However, if you can narrow your attack surface area through smart security operations that fully integrate the right people, the right processes, and good technology, then you drive up the skill required by an attacker to the point where most threat actors will give up and go after easier, softer targets."

In Tip of Day I discuss how Netcat can help you do some "banner grabbing"

Which will help you view applications as they send information in the first review

from the Netcat Power Tools pdf Chapter 4:  http://dl.acm.org/citation.cfm?id=2155689

The Web server will take this request, locate the file requested, and send it back to
the client. When given a file of “/”, Linux and UNIX servers will return index.html,
while Windows Internet Information Server (IIS) will find and return default.htm.

I recommend to obfuscate your web and other applications banners:

"For many different reasons, usually security-related, many Web sites do not wish to
show the version software that they’re running. They can alter this information by
editing their Web server configuration to use a new ServerTokens value, or by using
third-party software."

 

You can actually test your webserver to see what it responds with:

For protocols like HTTP that require user interaction, it is still possible to
automate the process. All you need to do is pipe the echo of your input to
Netcat. Simple enough, no? The trick that catches many people is how to
transmit that extra carriage return after the command. This can easily be
done with the following Linux command:
echo –e “GET / HTTP/1.0\n” | nc <host> <port>
In the example above, echo uses the \n string to signify a new line.

 

 

Let me know if you need help with this.

Contact Us.

2014 reviews:

http://oversitesentry.com/?p=1196   the post I discussed in the video...

Get ready for 2015.

Not if you get hacked but "when"  so get ready for more attacks.

Get your incident response ready - When  you get hacked what will you do?

Be prepared - GET READY!!!

Here is one of the latest on http://fortune.com/2014/12/20/sony-pictures-entertainment-essay/  the Nork story.

My Fixvirus  Dec23 show video:

Some of posts I discussed on the show:

http://oversitesentry.com/cyberattack-lessons/    Here is what happened in Home Depot hack (56 mil emails harvested as well as 53 mil cc numbers)
http://oversitesentry.com/digital-security-in-risk-assessment/   Here is where the current environment is assessed, including the new 25 Billion Internet of things to come on line in the next year.

Do you really think the world will get less dangerous?

fixvirusshowdec23cyberattack   You must do something about this threat 🙂
http://oversitesentry.com/spoe-second-pair-of-eyes/  What you should be doing is testing your systems, making sure that your computers are not vulnerable (or at least as low as possible

 

Oh yes - Merry Christmas

Merry_Christmas_in_red_star

 

NewsofDay: On CMS systems review from this post: http://securityintelligence.com/cms-hacking-2014-by-the-numbers/

Also for TipofDay: PCI compliance the new page created at Oversitesentry (My blog)

http://oversitesentry.com/pci-compliance/

Today's show discusses News of day in the Threatpost blog about Coolreaper:

A backdoor is when software runs a piece of code that you are not aware of, and so CoolReaper phones seem to have malware built into the phones, which unknowingly install apps on their own.

The Tip of Day has a segment on the Red team versus Blue team concept as well as what scanning consists of in the OSI layer representation of the network stream.

We perform Alpha scans and Sigma scans and where they consist in the OSI layer.

Contact us for help scanning your computers and network.

1

We are discussing in news of day - the sad story of retailers not having proper cyber security from Sophos survey: http://www.sophos.com/en-us/press-office/press-releases/2014/12/72-percent-of-uk-retailers-not-cyber-secure.aspx  A lot of retailers do not know or have not for some reason implemented up-to-date cyber security implementations,

 

Here are some startling statistics.

 

  • 87 per cent of UK retailers are confident that they have adequate cyber security in place to prevent malicious data breaches
  • 72 per cent of UK retailers admit they have not implemented basic encryption security to safeguard business and consumer data
  • 14 per cent of UK retailers admit to not having the expertise necessary to implement basic cyber security measures
  • 40 per cent of UK retailers acknowledge they don’t know why they haven’t implemented basic cyber security measures
  • Only 2 per cent have a comprehensive unified threat management capability in place
  • 77 per cent rely only on perimeter-based protection such as firewalls and 33 per cent on anti-virus
  • Only 67 per cent of those who have fallen victim in the past have plans in place to further secure their IT system in the future

 

It is no wonder that the quote is:

"It won't happen to me"  Mr. Ostrich says as it buries head in sand.

 

We can help with a new cyber strategy for 2015.

Contact Us

 

Here is the news link discussed in the news of day:

http://dealbook.nytimes.com/2014/12/13/small-bank-in-kansas-is-a-financial-testing-ground/?_r=0

Hopefully they will review the security implications of this development.

 

At the tip of Day segment - we are reviewing what the red team does in the security of the network.

They test the network defenses by uncovering vulnerabilities - hacking in, and then exploiting the penetrations.

as discussed in video.

 

SVAPE&C  Scan , Vulnerability Assessment, Penetrate - Exploit & Control.

 

We can help you by acting as your red team tester.