R.I.P. Windows Server 2003

As you should know by now, Microsoft ended support for Windows Server 2003 on July 14, 2015. But surveys suggest that many organizations may not be ready:

  • 50% of organizations started 2015 with no migration plan – or were unaware that support was ending.
  • 1/3 of organizations hope to complete their migrations sometime after the end-of-support date – stretching out to 2016 – while another 1/3 were unsure when they will complete the migration.

> Read More

Hacking (Protecting) Your POS System

In the House of Cards series of posts, I walked you through gaining access to a company’s network through an online portal in order to exfiltrate credit card data. It was a lengthy process, but the target company had enough data to make the time investment worthwhile.

Most credit card data thefts come from POS systems of small- to mid-sized companies.

> Read More

BadUSB Update

I have received several inquiries regarding the latest news about the so-called BadUSB vulnerability, so I thought I’d write a quick post on what we know at the moment.

What is BadUSB?

BadUSB is a vulnerability – not malware – in the design and implementation of firmware used on USB devices which allows it to be updated without being vetted.

> Read More

Defending Against Java

Java offers enterprises the ability to write code once and run it everywhere.  However, this flexibility comes with a high cost: reduced security on endpoints. It has lately gotten so bad that Java has been nicknamed Just Another Vulnerability Announcement. Oracle has been working to produce updates to Java that addresses these vulnerabilities,

> Read More

The Danger of Open Access to University IP

When I saw last week’s New York Times story about the problems universities are experiencing with cyber attacks, my first thought was one of surprise. Wasn’t this kind of story published years ago? Hackers are opportunistic and universities pride themselves on providing free and open access to materials. Cyber attacks on research universities have been happening for some time.

> Read More

Hiding Under the Covers

“All warfare is based on deception” – Sun Tzu, The Art of War

Attackers like stealth.  Once they have compromised a system, one of their primary goals is to remain undetected. Initially, attackers used malware with pseudo Windows service names such as svchosts.exe, winlogin.exe, lsasss.exe, and others. Although these names appear to be innocuous,

> Read More

Eliminating Java Will Not Solve Your Problem

While many are jumping on the ‘Death to Java’ bandwagon and ranting about turning off Java to eliminate risk, it is important to put the issue in the proper context: the reality of the matter is a Java vulnerability is not the end game for a cyber criminal; it is merely a delivery mechanism in the quest to install a bigger malware foothold.

> Read More

The New York Times Breach: Why AV Failed, What They Should Have Done and What We Accomplish by Letting Them Stay Inside

In yet another example in the saga of personalized malware from foreign nations, specifically China, The New York Times reported Wednesday that the Chinese had carried out an extensive malware campaign against the newspaper giant for the past four months. With this news, we see once again stand alone, signature-based defenses are completely ineffective,

> Read More

Ransomware is Back with a Vengeance and Targeting Business

Ransom-ware has matured since it was first seen in 1989 with the PC Cyborg Trojan. Today, it is big business for cyber criminals; and for good reason. A September article reported cyber criminals could earn between $50,000 and $60,000 a day by focusing their efforts on just a couple of countries.

The severity of ransom-ware’s impact depends on the specific software used in the attack.

> Read More

APTs and Acquisition

You’d have to be living under a rock to not have heard about the recent rise in targeted attacks. From oil operators in the Middle East to financial institutions in the U.S., advanced persistent threats, APTs, have grown exponentially. Yes, they are a problem for big, global brands but should smaller organizations concern themselves with the proliferation of these sophisticated attacks?

> Read More

What the Security Features of Apple’s Mountain Lion Mean for the Enterprise

The 2012 Apple World Wide Developers’ Conference saw the release of many new Apple products, including a sneak peek of the long-anticipated OS, Mountain Lion. The new release shows that Apple has taken one step forward in what will be a long security road. While it’s a good start, they are still miles behind Microsoft when it comes to the security needs of an enterprise.

> Read More

Closing the Antivirus Protection Gap

With 50% of IT endpoint operating costs now attributable to malware, is reliance on antivirus as the keystone endpoint security measure the best approach? Instinct tells us no but to be sure, Lumension recently did a comparative analysis on the effectiveness of standalone AV and O/S resident patching solution versus newer technologies, including application whitelisting,

> Read More