Source:banktech

Vulnerabilities are like fish in the sea. We can identify the different species and explore their individual varieties but there will always be others to discover. On average, 20 new vulnerabilities are found each day across equipment vendors, operating systems, and software applications. All companies should be implementing a comprehensive vulnerability management program, one that includes vulnerability detection, external and internal vulnerability assessments, frequency, application testing, policy scanning, remediation, and configuration.

Conducting a vulnerability scan is useful in identifying exploitable operating systems, services, and applications both inside and outside of a network.

External vulnerability assessments have always been considered the most critical because Internet accessible devices are most exposed to attackers. However, hackers have developed methods that compromise the vulnerabilities of systems residing on the internal network as well, which means organizations must test more frequently for vulnerabilities now than they have in the past. It is recommended that external vulnerability scans be run weekly for optimum security and monthly for best practice.

Internal scans can be run less frequently – monthly for optimal security and quarterly for best practice. Administering secure application and policy testing is also recommended. All of this information must then be passed on to an IT administrator who can then remediate identified security weaknesses and correct misconfigurations as quickly as possible.

Source: NewHorizon-ITPRO

You wouldn’t just leave the keys to your car lying on the front seat in plain site when you leave the vehicle in the parking lot, would you? Yet, many people go to the time and trouble to use encryption to protect their data and then choose to store the decryption keys on the local machine where the encrypted data is stored. If an attacker gets access to the system and finds the key, he can decrypt the data.

For best security, you should export the key to a floppy disk or removable flash memory drive. This is called “offline storage.” Make several copies and keep them in different locations, just as you have an extra set of car keys made that you keep in a secure place in case of a loss

Do not give sensitive information to anyone unless you are sure that they
are indeed who they claim to be and that they should have access to the
information.

How do you avoid being a victim?

* Be suspicious of unsolicited phone calls, visits, or email messages from
individuals asking about employees or other internal information.

* Do  not  provide  personal  information  or information about your
organization,  including its structure or networks, unless you are
certain of a person’s authority to have the information.

* Do not reveal personal or financial information in email, and do not
respond to email solicitations for this information.

* Don’t send sensitive information over the Internet before checking a
website’s security

* Pay attention to the URL of a website.

* If you are unsure whether an email request is legitimate, try to verify
it by contacting the company directly.

* Take advantage of any anti-phishing features offered by your email
client and web browser.

What do you do if you think you are a victim?

* If you believe you might have revealed sensitive information about your
organization,  report  it  to  the  appropriate  people within the
organization, including network administrators.

* If you believe your financial accounts may be compromised, contact your
financial institution immediately and close any accounts that may have
been compromised.

* Immediately change any passwords you might have revealed.

* Consider reporting the attack to the police, and file a report with the
Federal Trade Commission (http://www.ftc.gov/).

Source: US-CERT

You may have heard of denial-of-service attacks launched against websites,
but you can also be a victim of these attacks. Denial-of-service attacks can
be difficult to distinguish from common network activity, but there are some indications that an attack is in progress.

What is a denial-of-service (DoS) attack?

In  a  denial-of-service (DoS) attack, an attacker attempts to prevent
legitimate users from accessing information or services. By targeting your
computer and its network connection, or the computers and network of the
sites you are trying to use, an attacker may be able to prevent you from
accessing  email,  websites, online accounts (banking, etc.), or other
services that rely on the affected computer.

The most common and obvious type of DoS attack occurs when an attacker
“floods” a network with information. When you type a URL for a particular
website into your browser, you are sending a request to that site’s computer
server to view the page. The server can only process a certain number of
requests at once, so if an attacker overloads the server with requests, it
can’t process your request. This is a “denial of service” because you can’t
access that site.

What is a distributed denial-of-service (DDoS) attack?

In a distributed denial-of-service (DDoS) attack, an attacker may use your
computer  to  attack another computer. By taking advantage of security
vulnerabilities  or weaknesses, an attacker could take control of your
computer. He or she could then force your computer to send huge amounts of data to a website or send spam to particular email addresses. The attack is
“distributed” because the attacker is using multiple computers, including
yours, to launch the denial-of-service attack.

How do you know if an attack is happening?

* unusually slow network performance (opening files or accessing websites)
* unavailability of a particular website
* inability to access any website
* dramatic increase in the amount of spam you receive in your account

How do you avoid being part of the problem?

Unfortunately, there are no effective ways to prevent being the victim of a
DoS  or  DDoS  attack,  but there are steps you can take to reduce the
likelihood  that  an  attacker  will use your computer to attack other
computers:
* Install and maintain anti-virus software

* Install a firewall, and configure it to restrict traffic coming into and
leaving  your  computer

* Follow good security practices for distributing your email address

 

Source: SOPHOS

Pillar 1: URL / Reputation Filter

Pillar 2: Real-time Behavioral Malware Scanner

Pillar 3: Protocol/Content Filtering

* Don’t forget update your System and your favorite Web Browser ( One of the main door to your system)

The Obama administration has given a green light to the Homeland Security Department to be more competitive and choosey as it hires up to 1,000 new cyber experts over the next three years, the first major personnel move to fulfill its vow to bolster security of the nation’s computer networks.

Heyy, this a good news.

Source: The Baltimore Sun

The announcement follows a wave of cyber attacks on federal agencies, including a July assault that knocked government Web sites off the Internet and earlier intrusions into the country’s electrical grid.

Homeland Security Secretary Janet Napolitano, who made the announcement on Thursday, said the hiring plan reflects the Obama administration’s commitment to improving cyber security. The move gives DHS officials far greater flexibility to hire whom they want, outside of more stringent federal guidelines. And it will also allow more latitude in pay.

Hi

Sorry that i haven’t post in this day’s. Kind of busy, doing some special projects, but ‘ll be back soon.

Some of the valuables applications that could be run into a USB flash drive are :

• PREDATOR which can turn your drive into a key to lock and unlock your computer.

• Rohos – This security tool allows you to create a secret partition on the drive and then password-protect/encrypt that partition, thus protecting any documents you copy to that partition via the utility’s file manager

• Run portable applications using PortableApps.com Suite

Source: New Horizons eTips

I know that there are a lot of systems out there using WS 2003 and now I present to you this Diagnostics utility  that provides an  invaluable information for troubleshooting Secure Sockets Layer (SSL) problems in Internet Information Services (IIS). For example, you can use SSL Diagnostics to troubleshoot problems with certificates by creating a temporary certificate to see if the new certificate resolves the problem. If it does, then you know the problem you’re experiencing with SSL is due to the IIS server’s certificate. You can download the SSL Diagnostics utility from www.microsoft.com/downloads (search for SSLDiag.msi).

When you launch SSL Diagnostics the first time, it queries your server to determine if you have IIS installed, obtains a list of websites defined on your server, and then checks to see if you’ve installed the appropriate certificates (as required by SSL). If you want to perform diagnostics to troubleshoot SSL for a specific website, double-click on that site. SSL Diagnostics checks the website to verify that it supports SSL. If SSL Diagnostics detects any problems, it displays an error number and a detailed description of the message. You can use this information to help you resolve SSL communication problems on your web server.

Source: New Horizons eTips

Electronic documents and email messages are a common way to conduct business transactions, but it’s important to be able to verify that the author of a document or message is really the person he or she claims to be.

You can use digital signatures to verify identity. This is easy to do with programs such as Pretty Good Privacy (PGP). PGP is based on a public/private key pair; you sign the document by encrypting it with your private key, to which only you have access. The recipient uses your public key to decrypt it. Note that this doesn’t provide data confidentiality because the public key is available to everyone. It does, however, ensure that it was really you who signed it, because no one but you has the private key that’s paired with that public key.

PGP is available in both freeware and commercial versions. You can get the commercial version at www.pgp.com or download the free version for Windows XP at www.pgpi.org/products/pgp/versions/freeware/winxp/8.0/.

There are also versions for earlier Windows operating systems, UNIX, Mac, and even MS-DOS, OS/2, and Palm OS.