news

Microsoft RDP to be patched

March 20, 2012 by binoy 1 Comment

The recently announced Microsoft RDP is hitting the headlines again as there are working exploits being developed and made available in the internet. The vulnerability exists in all versions of Microsoft Windows as confirmed by Microsoft.

The, currently available, MS12-020 RDP exploit can crash a windows 7 computer or cause DoS on a Windows XP system.

Immediate Action

Microsoft warns all its users to apply the patch immediately, which is the same advice as a security professional I would be sharing. The SANS Institute’s Internet Storm Centre raised its .Infocon. threat level alert to yellow to .call administrators to action. If you cannot patch it instantly, disable the RDP support until it is patched.

McAfee buys intelligence security co Insightix

February 13, 2012 by binoy Leave a Comment

Insightix Ltd., a developer of real-time security intelligence and control solutions, has been acquired by McAfee Inc. The companies did not disclose the size of the deal, but it was reportedly for $4-5 million. The acquisition follows a long period of collaboration.

Insightix was considered as having great promise in the network access control (NAC) segment of information security. The company says that its business security assurance (BSA) solution provides continuous real-time information about all the computer and communications systems linked to a network – an environment that became much more complicated with the entry of mobile computing.

Insightix’s performance did not meet early expectations as the NAC market waned and became irrelevant, at least until recently. The company had $1-2 million in annual sales, and was never able to exceed this level. CEO is Herb Zlotogorski led the company’s sale.

Source: Globes

Network Information Security in Education.ENISA report

January 20, 2012 by binoy Leave a Comment

ENISA has published a report on Network Information Security in Education. The report provides young digital citizens and stakeholders with an overview and highlights of good practices on how to become educated to feel and behave safer online.

Long life learning, formal, non-formal and informal education are on the agenda of policymakers. Children, youth and their peers, parents and educators are all part of the discussion and the recommendation is that they should cooperate and get involved as much as possible. The material available here is to enable easy transfer of knowledge between stakeholders.

The information in this consolidated report helps all stakeholders to be better informed, better educated and better involved in the area of Network and Information Security [NIS].

First EU-report on Maritime Cyber Security

December 25, 2011 by binoy Leave a Comment

ENISA has published the first EU report ever on cyber security challenges in the Maritime Sector. This principal analysis highlights essential key insights, as well as existing initiatives, as a baseline for cyber security. Finally, high-level recommendations are given for addressing these risks.

Cyber threats are a growing menace, spreading to all industry sectors that are relying on ICT systems. Recent deliberate disruptions of critical automation systems, such as Stuxnet, prove that cyber-attacks have a significant impact on critical infrastructures. Disruption of these ICT capabilities may have disastrous consequences for the EU Member States. governments and social wellbeing. The need to ensure ICT robustness against cyber-attacks is thus a key challenge at national and pan-European level.

Some key findings of the report;

Maritime cyber security awareness is currently low, to non-existent. Member States are thus highly recommended to undertake targeted maritime sector awareness raising campaigns and cyber security training of shipping companies, port authorities, national cyber security offices, etc.
Due to the high ICT complexity, it is major challenge to ensure adequate maritime cyber security. A common strategy and development of good practices for the technology development and implementation of ICT systems would therefore ensure .security by design. for all critical maritime ICT components.
As current maritime regulations and policies consider only physical aspects of security and safety, policy makers should add cyber security aspects to them.
We strongly recommend a holistic, risk-based approach; assessment of maritime specific cyber risks, as well as identification of all critical assets within this sector.
As maritime governance is fragmented between different levels (i.e. international, European, national), the International Maritime Organisation together with the EU Commission and the Member States should align international and EU policies in this sector.
Better information exchange and statistics on cyber security can help insurers to improve their actuarial models, reduce own risks, and thus offering better contractual insurance conditions for the maritime sector. Information exchange platforms, such as CPNI.NL, should be also considered and by Member States to better communications.

New Twitter Worm Redirects Users to Rogue AV

January 22, 2011 by binoy Leave a Comment

Mumbai 2011::Kaspersky Lab, a leading developer of secure content and threat management solutions,warns users about a new, fast-moving Twitter worm which exploits Google’s goo.gl service of truncated links.

The truncated URLs are lightweight and popularly used in micro-blogging systems, limiting the

Heartland to pay Amex $3.6m for massive payment breach

December 21, 2009 by binoy Leave a Comment

In a recent development, Heartland Payment Systems will pay American Express $3.6m to settle claims related to the criminal breach of its payment processing network last year.

During this security incident, which is disclosed by HP in January 2009, (incident took place during 2008) millions of credit card data has been stolen exploiting the security vulnerabilities in the web sites. Albert Gonzalez AKA .segvec,. .soupnazi. and .j4guar17 has used the SQL injection techniques to steel the card data. As the SQL injection techniques exploits the web application vulnerabilities, the firewall protection was not adequate or rather it can bypass the conventional network firewalls. The decade-old technique exploits web applications that fail to adequately scrutinize text that visitors type into search boxes and similar website fields that accept user-supplied input.

Though the actual cost of this incident could be much higher than the settlement amount as they have to account for the reissuing of the cards, settlement of any disputes etc.

Now the key is the vulnerabilities in various systems. How can an organization detect such vulnerabilities, even during the assessments by QSA, ASV or other parties are not detecting it?

It is important to have Security as active participant in the software development life cycle. Another option would be to procure applications which are PA-DSS certified.

Is it still going to save the company? protect the card holder information? May be.