"The only truly secure system is one that is powered off, cast in a block of concrete and sealed in a lead-lined room with armed guards.
|
|
- Darrell Harry Young
- 8 years ago
- Views:
Transcription
1 Pwned Bulletin Septemeber 2014 Volume - 6
2 1 index 02 executive summary 03 responsible disclosures 04 smartermail 0-day xss vulnerability 07 siemens simatic S exploit 09 network compromised using Microsoft work document 11 fortigate 310b multiple vulnerabilities 13 corporate laptop backdoor 15 about us
3 executive summary 2 We at CCFIS deliver penetration testing services and while delivering those services we have found some 0-day exploits. In this bulletin, we have showed that how easy it is for a hacker to compromise in your network ever after implementing best security solutions. Unfortunately if your security systems or firewalls are not detecting any attacks or not alerting you about any attack, this doesn t always mean that you are not being attack, may be you are being attacked and these security solutions are not detecting or blocking it. Developers and solution providers are working 9 to 6 to develop the solution but hackers are working 0 to 24 to hack the solutions. Every Web Asset, Hardware device or Application Solution can have vulnerabilities. We at CCFIS find those vulnerabities and report to the organization in our responsible disclosure program. List of our responsible disclosures are attached in next page. It is recommended for everyone to take needful actions when any vulnerability is reported to your organization s assets. Detailed penetration testing report can be shared on request. Please drop a mail at info@ccfis.net and with your intent and purpose and we will send you detailed report after verification. "The only truly secure system is one that is powered off, cast in a block of concrete and sealed in a lead-lined room with armed guards."
4 responsible disclosures by CCFIS 3 and many more..
5 smartermail 0-day xss vulnerability 4 Most of us use SmarterMail as mail server for our organizations and business. It has all smart features and almost everything to run your business smoothly. One client who was very much concerned about his mail server contacted us and explained that he have already implemented 256 bit SSL certificate, so is there anything else he needs to do to secure his mail server from their rival companies. We initially checked for vulnerabilities in Microsoft OS installed on server with enterprise level security & antivirus. On later stage, we found that everything was updated and OS was equipped we were given two dummy accounts to check vulnerabilities inside the application. Unfortunately, we weren t able to find any vulnerability that can be exploited directly but we found several major XSS based 0-days which might be used for gaining few more access. We reported these Vulnerabilities to SmarterTools as Responsible Disclosure and also decided to share same with our readers.
6 5 Stored XSS (Notes) Vulnerability (Steps to reproduce): In SmarterMail there is an option to add Notes. In details Box give a JS code as ><img src=x onerror=prompt (document.domain);> and save it. Now when a user opens notes saved by him, this JS code will execute and XSS will pop up. Reflected XSS (Compose Message) Vulnerability (Steps to reproduce): Select New Message and click on the option to insert link. Then in place of URL, write any URL for example ccfis.net Then again select that URL and edit it with payload - ><img src=c onerror=prompt(document.cookie);>
7 6 Reflected XSS (Image Attachment) While attaching an image named "><img src=x onerror=prompt (document.cookie);>.jpg in SmarterMail using web version, an alert in generated allowing user to inject any arbitrary code that will be executed in server. Issues were reported to SmarterTools 4 weeks ago and the patch for the same is yet to release. Recommendations We cannot recommend the best mail sever as developers are only working 9 to 6 to develop the solution but hackers are working 0 to 24 to hack the solutions. The best practice is to perform periodic vulnerability assessment and penetration testing of your mail server.
8 7 siemens simatic S7-300 exploit Siemens Simatic S is modular mini PLC system for the low-end and mid performance ranges. These appliance are used in manufacturing plants, assembly lines, hospitals and wherever automation required. After reading about Critical Infrastructures, CIO of a major hospital contacted CCFIS team and asked if we can audit their network. After audit, we found some major vulnerabilities in their network and on later stage those vulnerabilities were fixed and network was secured. After few months, we were called again to audit their SCADA system. We found that hospital was using Siemens Simatic S PLC system and had deployed it in their network to automate and control their system efficiently.
9 CIO mentioned that they purchased it in 2012 and after that its configuration and setting were never changed or modified. Even the security hardening wasn t performed on device. While performing penetration testing, we found this device vulnerable to Remote Memory Viewing exploit. Through this, an attacker can view data on memory of PCL. Exploit code for this vulnerability was written by Dillon Beresford in 2012 with OSVDB-ID: With this exploit, our pen-testing team were able to compromise the Siemens Simatic S and were able to dump the device memory. As the organization requested to not to disclose much information and attack methodologies and hence we are sharing only limited information. Another reason for sharing only brief information is that misuse of these attacks may lead t o m a s s destruction. Recommendations: 8 If you have implemented any SCADA based appliance then make sure you have updated its firmware and implemented best security practices. For self-vulnerability assessment of your SCADA appliances you may use Nessus plugin new-scada-plugins-for-nessus-and-tenable-pvs A periodic vulnerability assessment or penetration testing from any third party outsider vendor is recommended to ensure complete security.
10 9 network compromised using microsoft word document Few months back CCFIS team was conducting penetration testing of an IT firm. The organization was using multiple layer of security with properly configured firewall, latest updated antivirus, IDS/IPS and whatnot. Inside network they had already created active directory with proper security policy for all users, central update server and almost all best security practices. Organizations was also ISO certified. They also trained their employees about cyber security & threats and hence even the weakest line in security chain i.e. the human part was also secured by trainings. During penetration testing of the network, our team didn t found any major exploitable vulnerability through which they can enter into the network. And as per client s requirement, this has to be a complete blackbox testing. The company had an online job portal, through which they were posting current opening and receiving applications through portal. One of our team member, took advantage of MS The vulnerability was the Microsoft word RTF Memory Corruption RTF Zero-Day Attack CVE which allows an attacker to run arbitrary code into client s machine. He immediately binded in house developed backdoor which was less detectable by most of antivirus engines and submitted job application and uploaded his resume which was malicious RTF document.
11 10 Next morning exactly at 9:41 AM, we got reverse connection from a system which belonged to HR department of that organization. When someone from HR checked their ERP and clicked this malicious resume, our exploit worked perfectly fine and established a reverse connection to our server. Later on with this one compromised system using pivoting we found that many more servers and systems were vulnerable to publically knows vulnerabilities. This vulnerability and attack methodology was reported to organization so that they can protect their network from these types of targeted attacks. Recommendations Security is not a onetime investment, it s more of a regular practice. To secure your network, you need to keep checking for possible tiny flaws that may lead to a bigger vulnerability. Make sure, every software and systems are properly updated of your network. ERP or any such system through which you are receiving any files outside your network, should must be sandboxed before bringing directly to production internal network.
12 11 fortigate 310b multiple vulnerabilities CCFIS team works with a quote give us anything, we will find vulnerability. During a presentation, our client asked our sales guy that I am using FortiGate 310B and I am totally secure, why do I need a penetration testing service for my network? Our sales guy committed that your FortiGate device is not secure and our team can find vulnerabilities. Deal was final and we got task to audit latest updated FortiGate 310B. White testing the firewall, we found several major and minor vulnerabilities. Even we were able to reboot or shutdown the firewall without having admin or any credentials. Device was also vulnerable to Cross-Site Request Forgery. Basic functionality of firewall is to stop DoS and DDoS attack targeted to network, We have created an InfoSec lab from where we can simulate almost any attack. DoS and DDoS attacks were performed on firewall for stress testing and the device itself was found prone to DoS and DDoS attacks.
13 12 FortiGate has a Web Filtering Service called FortiGuard. This help network administrators to block certain category of sites in network. No VPN, torr or any other proxy based tool could bypass this fileting mechanisms. CCFIS team were able to bypass this filtering mechanisms using very simple technique in Opera web browser called Off Road mode or Opera Turbo. Even the data stored on CompactFlash card of firewall was not encrypted. In case of any physical compromise to network, these data can be extracted to reveal entire network architecture. These configuration data was deleted but with some basic forensics techniques, we were able to recover the configuration data again. Few more major vulnerabilities was found on firewall. All issues were reported to FortiGate India team. Fortinet India team immediately forwarded those vulnerabilities to Fortinet US team and they acknowledged the vulnerabilities and patch was released and was pushed to all Fortinet devices. Recommendations Use latest model of firewall or at least use the latest firewall OS Choose your firewall brand wisely and do some research before purchasing for some publically available vulnerabilities or exploit. While changing CompactFlash of your firewall, make sure that you have destroyed the previous one as this contains configuration file which can reveal network architecture information. And these data can be recovered even after deleting using some forensics tools.
14 corporate laptop backdoor 13 One of our client which is an educational organization, provide laptops to its students, faculties and other staffs for their educational and official work. MNCs, government and almost every organization order laptops is huge quantity and hence the vendor created a separate model specially designed for that particular organization. Few months back, a vendor reached CIO of organization and gave a laptop for PoC and feasibility testing. Later on this laptop was sent to CCFIS team to check for any possible vulnerabilities. We created a test scenario in our InfoSec lab. Firstly we restored the laptop to its factory setting and downloaded laptop drivers from vendor s official site. Only operating system and drivers were installed on that laptop. Then we connected this laptop directly with lease line and assigned live IP. Our network support team made sure that no other device was connected between or in the network. The PoC laptop was left for few days and all packets were captured using wireshark. After two days of packet capturing, the pcap files were sent to our attack analysis lab where every packet was analyzed by team members for any malicious packet.
15 14 After analysis, we found that this PoC laptop was connecting and sending data to a Chinese IP, and this Chinese IP belonged to an antivirus server. The question here arises that no antivirus or any other software was installed other than original operating system and device drivers. The same process was repeated on Windows XP, Windows 7 and Windows 8.1 and the result was same on every operating system. Hence we concluded that there isn t any fault in software part, it s the hardware which is creating connections and sending data to Chinese IP. This vulnerability was report to the laptop vendor. First of all they ignored and later on denied any involvement in this act. They concluded by saying that they only assemble multiple components purchased from different other vendors, they don t actually manufacture every part that are installed on laptop. This means that they need some more quality and security checking procedures. Recommendations Before distributing laptop or PC in your organization, check it for any possible backdoor installed in it by vendor. We can help in testing and share the testing procedure on request. We can also help in capacity building for creating such a test bench. Before signing contract from any vendor, check if vendor was involved in such activities in past or not. In our case, the vendor was already blocked by government agency of a country.
16 about us 15 Center for Cyber Forensics and Information Security (CCFIS) is a Research Organization incubated at Amity Innovation Incubator which is a Technology Incubator supported by NSTEDB, Ministry of Science & Technology (Government of India). Noida Office HQ : Amity Innovation Incubator, Block E-3,1st Floor, Amity University, Sector-125 Noida, UP , India, Id: info@ccfis.net, Phone no: Lucknow Office: 3rd Floor, AB - 6 Block, Amity University, Malhaur, Lucknow, UP , India Gwalior Office: Amity University Madhya Pradesh, Maharajpura (Opposite Airport), Gwalior Jaipur Office: Amity University Rajasthan, 14, Gopalwadi, Ajmer Road, Jaipur, Rajasthan Manesar Office: Amity University Haryana, Panchgaon, Manesar, Gurgaon, Haryana Disclaimer This report was prepared as an account of work done by CCFIS research and analysis wing. Neither the CCFIS, nor any of their employees, nor any of their contractors, subcontractors or their employees, partners or their employees, makes any warranty, express or implied, or assumes any legal liability or responsibility for the accuracy, completeness, or any third party's use of this report or the results of such use of any information, apparatus, product, or process disclosed, or represents that its use would not infringe privately owned rights. Center for Cyber Forensics & Information Security
Locking down a Hitachi ID Suite server
Locking down a Hitachi ID Suite server 2016 Hitachi ID Systems, Inc. All rights reserved. Organizations deploying Hitachi ID Identity and Access Management Suite need to understand how to secure its runtime
More informationBuilding A Secure Microsoft Exchange Continuity Appliance
Building A Secure Microsoft Exchange Continuity Appliance Teneros, Inc. 215 Castro Street, 3rd Floor Mountain View, California 94041-1203 USA p 650.641.7400 f 650.641.7401 ON AVAILABLE ACCESSIBLE Building
More informationA Decision Maker s Guide to Securing an IT Infrastructure
A Decision Maker s Guide to Securing an IT Infrastructure A Rackspace White Paper Spring 2010 Summary With so many malicious attacks taking place now, securing an IT infrastructure is vital. The purpose
More informationSociety for Information Management
Society for Information Management The Projected Top 5 Security Issues of 2010 Steve Erdman CSO and Staff Security Consultant of SecureState Network +, MCP Precursor 2009 has been a difficult year in Information
More information3. Broken Account and Session Management. 4. Cross-Site Scripting (XSS) Flaws. Web browsers execute code sent from websites. Account Management
What is an? s Ten Most Critical Web Application Security Vulnerabilities Anthony LAI, CISSP, CISA Chapter Leader (Hong Kong) anthonylai@owasp.org Open Web Application Security Project http://www.owasp.org
More informationCYBERTRON NETWORK SOLUTIONS
CYBERTRON NETWORK SOLUTIONS CybertTron Certified Ethical Hacker (CT-CEH) CT-CEH a Certification offered by CyberTron @Copyright 2015 CyberTron Network Solutions All Rights Reserved CyberTron Certified
More informationClient logo placeholder XXX REPORT. Page 1 of 37
Client logo placeholder XXX REPORT Page 1 of 37 Report Details Title Xxx Penetration Testing Report Version V1.0 Author Tester(s) Approved by Client Classification Confidential Recipient Name Title Company
More informationINDUSTRIAL CONTROL SYSTEMS CYBER SECURITY DEMONSTRATION
INDUSTRIAL CONTROL SYSTEMS CYBER SECURITY DEMONSTRATION Prepared for the NRC Fuel Cycle Cyber Security Threat Conference Presented by: Jon Chugg, Ken Rohde Organization(s): INL Date: May 30, 2013 Disclaimer
More informationSTABLE & SECURE BANK lab writeup. Page 1 of 21
STABLE & SECURE BANK lab writeup 1 of 21 Penetrating an imaginary bank through real present-date security vulnerabilities PENTESTIT, a Russian Information Security company has launched its new, eighth
More informationFrom Rivals to BFF: WAF & VA Unite OWASP 07.23.2009. The OWASP Foundation http://www.owasp.org
From Rivals to BFF: WAF & VA Unite 07.23.2009 Brian Contos, Chief Security Strategist Imperva Inc. brian.contos@imperva.com +1 (650) 832.6054 Copyright The Foundation Permission is granted to copy, distribute
More informationProtect Your IT Infrastructure from Zero-Day Attacks and New Vulnerabilities
Protect Your IT Infrastructure from Zero-Day Attacks and New Vulnerabilities Protecting a business s IT infrastructure is complex. Take, for example, a retailer operating a standard multi-tier infrastructure
More informationHoneywell Industrial Cyber Security Overview and Managed Industrial Cyber Security Services Honeywell Process Solutions (HPS) June 4, 2014
Industrial Cyber Security Overview and Managed Industrial Cyber Security Services Process Solutions (HPS) June 4, Industrial Cyber Security Industrial Cyber Security is the leading provider of cyber security
More informationToday s Topics. Protect - Detect - Respond A Security-First Strategy. HCCA Compliance Institute April 27, 2009. Concepts.
Protect - Detect - Respond A Security-First Strategy HCCA Compliance Institute April 27, 2009 1 Today s Topics Concepts Case Study Sound Security Strategy 2 1 Security = Culture!! Security is a BUSINESS
More informationHost Hardening. Presented by. Douglas Couch & Nathan Heck Security Analysts for ITaP 1
Host Hardening Presented by Douglas Couch & Nathan Heck Security Analysts for ITaP 1 Background National Institute of Standards and Technology Draft Guide to General Server Security SP800-123 Server A
More informationKASPERSKY SECURITY INTELLIGENCE SERVICES. EXPERT SERVICES. www.kaspersky.com
KASPERSKY SECURITY INTELLIGENCE SERVICES. EXPERT SERVICES www.kaspersky.com EXPERT SERVICES Expert Services from Kaspersky Lab are exactly that the services of our in-house experts, many of them global
More informationENDPOINT SECURITY WHITE PAPER. Endpoint Security and Advanced Persistent Threats WWW.COMODO.COM
WHITE PAPER Endpoint Security and Advanced Persistent Threats The Invisible Threat They re out there waiting. Sitting at their computers hoping for you to make a mistake. And you will. Because no one is
More informationInstallation and configuration guide
Installation and Configuration Guide Installation and configuration guide Adding X-Forwarded-For support to Forward and Reverse Proxy TMG Servers Published: May 2010 Applies to: Winfrasoft X-Forwarded-For
More informationWhat is Really Needed to Secure the Internet of Things?
What is Really Needed to Secure the Internet of Things? By Alan Grau, Icon Labs alan.grau@iconlabs.com The Internet of Things (IoT) has become a ubiquitous term to describe the tens of billions of devices
More informationSecurity Research Advisory IBM inotes 9 Active Content Filtering Bypass
Security Research Advisory IBM inotes 9 Active Content Filtering Bypass Table of Contents SUMMARY 3 VULNERABILITY DETAILS 3 TECHNICAL DETAILS 4 LEGAL NOTICES 7 Active Content Filtering Bypass Advisory
More informationPenetration Testing Report Client: Business Solutions June 15 th 2015
Penetration Testing Report Client: Business Solutions June 15 th 2015 Acumen Innovations 80 S.W 8 th St Suite 2000 Miami, FL 33130 United States of America Tel: 1-888-995-7803 Email: info@acumen-innovations.com
More information5 Steps to Advanced Threat Protection
5 Steps to Advanced Threat Protection Agenda Endpoint Protection Gap Profile of Advanced Threats Consensus Audit Guidelines 5 Steps to Advanced Threat Protection Resources 20 Years of Chasing Malicious
More informationAchieving PCI-Compliance through Cyberoam
White paper Achieving PCI-Compliance through Cyberoam The Payment Card Industry (PCI) Data Security Standard (DSS) aims to assure cardholders that their card details are safe and secure when their debit
More informationDATA CENTER IPS COMPARATIVE ANALYSIS
DATA CENTER IPS COMPARATIVE ANALYSIS Security 2014 Thomas Skybakmoen, Jason Pappalexis Tested Products Fortinet FortiGate 5140B, Juniper SRX 5800, McAfee NS- 9300, Sourcefire 8290-2 Data Center Overview
More informationMetasploit The Elixir of Network Security
Metasploit The Elixir of Network Security Harish Chowdhary Software Quality Engineer, Aricent Technologies Shubham Mittal Penetration Testing Engineer, Iviz Security And Your Situation Would Be Main Goal
More informationXerox Mobile Print Cloud
September 2012 702P00860 Xerox Mobile Print Cloud Information Assurance Disclosure 2012 Xerox Corporation. All rights reserved. Xerox and Xerox and Design are trademarks of Xerox Corporation in the United
More informationMobile Configuration Profiles for ios Devices Technical Note
Mobile Configuration Profiles for ios Devices Technical Note Mobile Configuration Profiles for ios Devices Technical Note December 10, 2013 04-502-197517-20131210 Copyright 2013 Fortinet, Inc. All rights
More informationCyber Security in Taiwan's Government Institutions: From APT To. Investigation Policies
Cyber Security in Taiwan's Government Institutions: From APT To Investigation Policies Ching-Yu, Hung Investigation Bureau, Ministry of Justice, Taiwan, R.O.C. Abstract In this article, we introduce some
More informationArcGIS Server Security Threats & Best Practices 2014. David Cordes Michael Young
ArcGIS Server Security Threats & Best Practices 2014 David Cordes Michael Young Agenda Introduction Threats Best practice - ArcGIS Server settings - Infrastructure settings - Processes Summary Introduction
More informationGoals. Understanding security testing
Getting The Most Value From Your Next Network Penetration Test Jerald Dawkins, Ph.D. True Digital Security p. o. b o x 3 5 6 2 3 t u l s a, O K 7 4 1 5 3 p. 8 6 6. 4 3 0. 2 5 9 5 f. 8 7 7. 7 2 0. 4 0 3
More informationIBM Advanced Threat Protection Solution
IBM Advanced Threat Protection Solution Fabio Panada IBM Security Tech Sales Leader 1 Advanced Threats is one of today s key mega-trends Advanced Threats Sophisticated, targeted attacks designed to gain
More informationPATCH MANAGEMENT. February 2008. The Government of the Hong Kong Special Administrative Region
PATCH MANAGEMENT February 2008 The Government of the Hong Kong Special Administrative Region The contents of this document remain the property of, and may not be reproduced in whole or in part without
More informationInformation Supplement: Requirement 6.6 Code Reviews and Application Firewalls Clarified
Standard: Data Security Standard (DSS) Requirement: 6.6 Date: February 2008 Information Supplement: Requirement 6.6 Code Reviews and Application Firewalls Clarified Release date: 2008-04-15 General PCI
More informationWEB ATTACKS AND COUNTERMEASURES
WEB ATTACKS AND COUNTERMEASURES February 2008 The Government of the Hong Kong Special Administrative Region The contents of this document remain the property of, and may not be reproduced in whole or in
More informationKenna Platform Security. A technical overview of the comprehensive security measures Kenna uses to protect your data
Kenna Platform Security A technical overview of the comprehensive security measures Kenna uses to protect your data V2.0, JULY 2015 Multiple Layers of Protection Overview Password Salted-Hash Thank you
More informationConnectivity to Polycom RealPresence Platform Source Data
Polycom RealAccess Security White Paper The Polycom RealAccess service is delivered using the Software as a Service (SaaS) model. This white paper outlines how the service protects sensitive customer data
More informationThe Electronic Arms Race of Cyber Security 4.2 Lecture 7
The Electronic Arms Race of Cyber Security 4.2 Lecture 7 ISIMA Clermont-Ferrand / 04-February 2011 Copyright 2011 Dr. Juergen Hirte List of Content Why Process Automation Security? Security Awareness Issues
More informationHow To Protect A Web Application From Attack From A Trusted Environment
Standard: Version: Date: Requirement: Author: PCI Data Security Standard (PCI DSS) 1.2 October 2008 6.6 PCI Security Standards Council Information Supplement: Application Reviews and Web Application Firewalls
More informationMobile Device Strategy
Mobile Device Strategy Technology Experience Bulletin, TEB: 2012-01 Mobile Device Strategy Two years ago, the Administrative Office of Pennsylvania Courts (AOPC) standard mobile phone was the Blackberry.
More informationA Workshop on Website Quality, Accessibility and Security April 2, 2009. Websites & web-enabled applications Hosting and Security
lq'kklu School of Good Governance And Policy Analysis A Workshop on Website Quality, Accessibility and Security April 2, 2009 Websites & web-enabled applications Hosting and Security Sanjay Hardikar, Technical
More informationSECURITY TRENDS & VULNERABILITIES REVIEW 2015
SECURITY TRENDS & VULNERABILITIES REVIEW 2015 Contents 1. Introduction...3 2. Executive summary...4 3. Inputs...6 4. Statistics as of 2014. Comparative study of results obtained in 2013...7 4.1. Overall
More informationSecurity Services. 30 years of experience in IT business
Security Services 30 years of experience in IT business Table of Contents 1 Security Audit services!...!3 1.1 Audit of processes!...!3 1.1.1 Information security audit...3 1.1.2 Internal audit support...3
More informationIndustrial Security Solutions
Industrial Security Solutions Building More Secure Environments From Enterprise to End Devices You have assets to protect. Control systems, networks and software can all help defend against security threats
More informationS E C U R I T Y A S S E S S M E N T : B o m g a r B o x T M. Bomgar. Product Penetration Test. September 2010
S E C U R I T Y A S S E S S M E N T : B o m g a r B o x T M Bomgar Product Penetration Test September 2010 Table of Contents Introduction... 1 Executive Summary... 1 Bomgar Application Environment Overview...
More informationCONTROL SYSTEM VENDOR CYBER SECURITY TRENDS INTERIM REPORT
Energy Research and Development Division FINAL PROJECT REPORT CONTROL SYSTEM VENDOR CYBER SECURITY TRENDS INTERIM REPORT Prepared for: Prepared by: California Energy Commission KEMA, Inc. MAY 2014 CEC
More informationInformation Technology Policy
Information Technology Policy Enterprise Web Application Firewall ITP Number ITP-SEC004 Category Recommended Policy Contact RA-ITCentral@pa.gov Effective Date January 15, 2010 Supersedes Scheduled Review
More informationFORBIDDEN - Ethical Hacking Workshop Duration
Workshop Course Module FORBIDDEN - Ethical Hacking Workshop Duration Lecture and Demonstration : 15 Hours Security Challenge : 01 Hours Introduction Security can't be guaranteed. As Clint Eastwood once
More informationAppendix to; Assessing Systemic Risk to Cloud Computing Technology as Complex Interconnected Systems of Systems
Appendix to; Assessing Systemic Risk to Cloud Computing Technology as Complex Interconnected Systems of Systems Yacov Y. Haimes and Barry M. Horowitz Zhenyu Guo, Eva Andrijcic, and Joshua Bogdanor Center
More informationNorth Dakota 2013 IT Security Audit Vulnerability Assessment & Penetration Test Project Briefing
North Dakota 2013 IT Security Audit Vulnerability Assessment & Penetration Test Project Briefing Introduction ManTech Project Manager Mark Shaw, Senior Executive Director Cyber Security Solutions Division
More informationWeb Security. Discovering, Analyzing and Mitigating Web Security Threats
Web Security Discovering, Analyzing and Mitigating Web Security Threats Expectations and Outcomes Mitigation strategies from an infrastructure, architecture, and coding perspective Real-world implementations
More informationSecurity Frameworks. An Enterprise Approach to Security. Robert Belka Frazier, CISSP belka@att.net
Security Frameworks An Enterprise Approach to Security Robert Belka Frazier, CISSP belka@att.net Security Security is recognized as essential to protect vital processes and the systems that provide those
More informationNCS 330. Information Assurance Policies, Ethics and Disaster Recovery. NYC University Polices and Standards 4/15/15.
NCS 330 Information Assurance Policies, Ethics and Disaster Recovery NYC University Polices and Standards 4/15/15 Jess Yanarella Table of Contents: Introduction: Part One: Risk Analysis Threats Vulnerabilities
More informationInformation Security Assessment and Testing Services RFQ # 28873 Questions and Answers September 8, 2014
QUESTIONS ANSWERS Q1 How many locations and can all locations be tested from a A1 5 locations and not all tests can be performed from a central location? central location. Q2 Connection type between location
More informationTelecom Testing and Security Certification. A.K.MITTAL DDG (TTSC) Department of Telecommunication Ministry of Communication & IT
Telecom Testing and Security Certification A.K.MITTAL DDG (TTSC) Department of Telecommunication Ministry of Communication & IT 1 Need for Security Testing and Certification Telecom is a vital infrastructure
More informationNetwork Segmentation
Network Segmentation The clues to switch a PCI DSS compliance s nightmare into an easy path Although best security practices should be implemented in all systems of an organization, whether critical or
More informationCommon Cyber Threats. Common cyber threats include:
Common Cyber Threats: and Common Cyber Threats... 2 Phishing and Spear Phishing... 3... 3... 4 Malicious Code... 5... 5... 5 Weak and Default Passwords... 6... 6... 6 Unpatched or Outdated Software Vulnerabilities...
More informationIndustrial Security for Process Automation
Industrial Security for Process Automation SPACe 2012 Siemens Process Automation Conference Why is Industrial Security so important? Industrial security is all about protecting automation systems and critical
More informationIndustrial Network Security for SCADA, Automation, Process Control and PLC Systems. Contents. 1 An Introduction to Industrial Network Security 1
Industrial Network Security for SCADA, Automation, Process Control and PLC Systems Contents 1 An Introduction to Industrial Network Security 1 1.1 Course overview 1 1.2 The evolution of networking 1 1.3
More informationGuidelines for Website Security and Security Counter Measures for e-e Governance Project
and Security Counter Measures for e-e Governance Project Mr. Lalthlamuana PIO, DoICT Background (1/8) Nature of Cyber Space Proliferation of Information Technology Rapid Growth in Internet Increasing Online
More informationHow To Manage Web Content Management System (Wcm)
WEB CONTENT MANAGEMENT SYSTEM February 2008 The Government of the Hong Kong Special Administrative Region The contents of this document remain the property of, and may not be reproduced in whole or in
More informationHow We're Getting Creamed
ed Attacks How We're Getting Creamed By Ed Skoudis June 9, 2011 ed Attacks - 2011 Ed Skoudis 1 $ cut -f5 -d: /etc/passwd grep -i skoudis Ed Skoudis Started infosec career at Bellcore in 1996 working for
More informationi-pcgrid Workshop 2015 Cyber Security for Substation Automation The Jagged Line between Utility and Vendors
March 25-27, 2014 Steven A. Kunsman i-pcgrid Workshop 2015 Cyber Security for Substation Automation The Jagged Line between Utility and Vendors ABB Inc. March 26, 2015 Slide 1 Cyber Security for Substation
More informationReducing Application Vulnerabilities by Security Engineering
Reducing Application Vulnerabilities by Security Engineering - Subash Newton Manager Projects (Non Functional Testing, PT CoE Group) 2008, Cognizant Technology Solutions. All Rights Reserved. The information
More informationGFI White Paper PCI-DSS compliance and GFI Software products
White Paper PCI-DSS compliance and Software products The Payment Card Industry Data Standard () compliance is a set of specific security standards developed by the payment brands* to help promote the adoption
More informationSCADA Cyber Security
SCADA Cyber Security Information on Securing SCADA systems Version: 1.0 Erik Daalder, Business Development Manager Yokogawa Electric Corporation Global SCADA Center T: +31 88 4641 360 E: erik.daalder@nl.yokogawa.com
More informationManaged Intrusion, Detection, & Prevention Services (MIDPS) Why E-mail Sorting Solutions? Why ProtectPoint?
Managed Intrusion, Detection, & Prevention Services (MIDPS) Why E-mail Sorting Solutions? Why ProtectPoint? Why? Focused on Managed Intrusion Security Superior-Architected Hardened Technology Security
More informationInstallation and configuration guide
Installation and Configuration Guide Installation and configuration guide Adding X-Username support to Forward and Reverse Proxy TMG Servers Published: December 2010 Applies to: Winfrasoft X-Username for
More informationProtecting against DoS/DDoS Attacks with FortiWeb Web Application Firewall
Protecting against DoS/DDoS Attacks with FortiWeb Web Application Firewall A FORTINET WHITE PAPER www.fortinet.com Introduction Denial of Service attacks are rapidly becoming a popular attack vector used
More informationIDENTITY & ACCESS. Privileged Identity Management. controlling access without compromising convenience
IDENTITY & ACCESS Privileged Identity Management controlling access without compromising convenience Introduction According to a recent Ponemon Institute study, mistakes made by people Privilege abuse
More informationTHE SMARTEST WAY TO PROTECT WEBSITES AND WEB APPS FROM ATTACKS
THE SMARTEST WAY TO PROTECT WEBSITES AND WEB APPS FROM ATTACKS INCONVENIENT STATISTICS 70% of ALL threats are at the Web application layer. Gartner 73% of organizations have been hacked in the past two
More informationLearn Ethical Hacking, Become a Pentester
Learn Ethical Hacking, Become a Pentester Course Syllabus & Certification Program DOCUMENT CLASSIFICATION: PUBLIC Copyrighted Material No part of this publication, in whole or in part, may be reproduced,
More informationWHITE PAPER. FortiWeb and the OWASP Top 10 Mitigating the most dangerous application security threats
WHITE PAPER FortiWeb and the OWASP Top 10 PAGE 2 Introduction The Open Web Application Security project (OWASP) Top Ten provides a powerful awareness document for web application security. The OWASP Top
More informationMobile Application Security Sharing Session May 2013
Mobile Application Security Sharing Session Agenda Introduction of speakers Mobile Application Security Trends and Challenges 5 Key Focus Areas for an mobile application assessment 2 Introduction of speakers
More informationEnd-user Security Analytics Strengthens Protection with ArcSight
Case Study for XY Bank End-user Security Analytics Strengthens Protection with ArcSight INTRODUCTION Detect and respond to advanced persistent threats (APT) in real-time with Nexthink End-user Security
More informationFortiAnalyzer VM (VMware) Install Guide
FortiAnalyzer VM (VMware) Install Guide FortiAnalyzer VM (VMware) Install Guide December 05, 2014 05-520-203396-20141205 Copyright 2014 Fortinet, Inc. All rights reserved. Fortinet, FortiGate, FortiCare
More informationVirtualization System Security
Virtualization System Security Bryan Williams, IBM X-Force Advanced Research Tom Cross, Manager, IBM X-Force Security Strategy 2009 IBM Corporation Overview Vulnerability disclosure analysis Vulnerability
More informationKaseya White Paper. Endpoint Security. Fighting Cyber Crime with Automated, Centralized Management. www.kaseya.com
Kaseya White Paper Endpoint Security Fighting Cyber Crime with Automated, Centralized Management www.kaseya.com To win the ongoing war against hackers and cyber criminals, IT professionals must do two
More informationWildFire Overview. WildFire Administrator s Guide 1. Copyright 2007-2015 Palo Alto Networks
WildFire Overview WildFire provides detection and prevention of zero-day malware using a combination of malware sandboxing and signature-based detection and blocking of malware. WildFire extends the capabilities
More informationTracking Anti-Malware Protection 2015
Tracking Anti-Malware Protection 2015 A TIME-TO-PROTECT ANTI-MALWARE COMPARISON TEST Dennis Technology Labs www.dennistechnologylabs.com Follow @DennisTechLabs on Twitter.com This report aims to measure
More informationHow users bypass your security!
How users bypass your security! IT Days Security issues 20 th November 2014 Tom Leclerc, Security Consultant SAGS - Security Audits and Governance Services, a Telindus Security department Classification:
More informationAgenda. 3 2012, Palo Alto Networks. Confidential and Proprietary.
Agenda Evolution of the cyber threat How the cyber threat develops Why traditional systems are failing Need move to application controls Need for automation 3 2012, Palo Alto Networks. Confidential and
More informationCloud Security:Threats & Mitgations
Cloud Security:Threats & Mitgations Vineet Mago Naresh Khalasi Vayana 1 What are we gonna talk about? What we need to know to get started Its your responsibility Threats and Remediations: Hacker v/s Developer
More informationFighting Advanced Threats
Fighting Advanced Threats With FortiOS 5 Introduction In recent years, cybercriminals have repeatedly demonstrated the ability to circumvent network security and cause significant damages to enterprises.
More informationHP IMC Firewall Manager
HP IMC Firewall Manager Configuration Guide Part number: 5998-2267 Document version: 6PW102-20120420 Legal and notice information Copyright 2012 Hewlett-Packard Development Company, L.P. No part of this
More informationThis session was presented by Jim Stickley of TraceSecurity on Wednesday, October 23 rd at the Cyber Security Summit.
The hidden risks of mobile applications This session was presented by Jim Stickley of TraceSecurity on Wednesday, October 23 rd at the Cyber Security Summit. To learn more about TraceSecurity visit www.tracesecurity.com
More informationTable of Contents. Page 2/13
Page 1/13 Table of Contents Introduction...3 Top Reasons Firewalls Are Not Enough...3 Extreme Vulnerabilities...3 TD Ameritrade Security Breach...3 OWASP s Top 10 Web Application Security Vulnerabilities
More informationData Management Policies. Sage ERP Online
Sage ERP Online Sage ERP Online Table of Contents 1.0 Server Backup and Restore Policy... 3 1.1 Objectives... 3 1.2 Scope... 3 1.3 Responsibilities... 3 1.4 Policy... 4 1.5 Policy Violation... 5 1.6 Communication...
More informationOSMOSIS. Open Source Monitoring Security Issues HACKITO ERGO SUM 2014 / April 2014 / Paris
OSMOSIS Open Source Monitoring Security Issues HACKITO ERGO SUM 2014 / April 2014 / Paris AGENDA Who are we? Open Source Monitoring Software Results Demonstration Responses Mitigations and conclusion 4/25/14
More informationBlackBerry 10.3 Work and Personal Corporate
GOV.UK Guidance BlackBerry 10.3 Work and Personal Corporate Published Contents 1. Usage scenario 2. Summary of platform security 3. How the platform can best satisfy the security recommendations 4. Network
More informationData Breaches and Web Servers: The Giant Sucking Sound
Data Breaches and Web Servers: The Giant Sucking Sound Guy Helmer CTO, Palisade Systems, Inc. Lecturer, Iowa State University @ghelmer Session ID: DAS-204 Session Classification: Intermediate The Giant
More informationS E C U R I T Y A S S E S S M E N T : B o m g a r A p p l i a n c e s
S E C U R I T Y A S S E S S M E N T : B o m g a r A p p l i a n c e s During the period between November 2012 and March 2013, Symantec Consulting Services partnered with Bomgar to assess the security
More informationIntegrated Threat & Security Management.
Integrated Threat & Security Management. SOLUTION OVERVIEW Vulnerability Assessment for Web Applications Fully Automated Web Crawling and Reporting Minimal Website Training or Learning Required Most Accurate
More informationComprehensive Malware Detection with SecurityCenter Continuous View and Nessus. February 3, 2015 (Revision 4)
Comprehensive Malware Detection with SecurityCenter Continuous View and Nessus February 3, 2015 (Revision 4) Table of Contents Overview... 3 Malware, Botnet Detection, and Anti-Virus Auditing... 3 Malware
More informationWatchGuard Technologies, Inc. 505 Fifth Avenue South Suite 500, Seattle, WA 98104 www.watchguard.com
SMALL BUSINESS NETWORK SECURITY GUIDE WHY A REAL FIREWALL PROVIDES THE BEST NETWORK PROTECTION AUGUST 2004 SMALL BUSINESS NETWORK SECURITY GUIDE: WHY A REAL FIREWALL PROVIDES THE BEST NETWORK PROTECTION
More information2. From a control perspective, the PRIMARY objective of classifying information assets is to:
MIS5206 Week 13 Your Name Date 1. When conducting a penetration test of an organization's internal network, which of the following approaches would BEST enable the conductor of the test to remain undetected
More informationWhat Do You Mean My Cloud Data Isn t Secure?
Kaseya White Paper What Do You Mean My Cloud Data Isn t Secure? Understanding Your Level of Data Protection www.kaseya.com As today s businesses transition more critical applications to the cloud, there
More informationDeep Security Vulnerability Protection Summary
Deep Security Vulnerability Protection Summary Trend Micro, Incorporated This documents outlines the process behind rules creation and answers common questions about vulnerability coverage for Deep Security
More informationSecurity FAQs (Frequently Asked Questions) for Xerox Remote Print Services
Security FAQs (Frequently Asked Questions) for Xerox Remote Print Services February 30, 2012 2012 Xerox Corporation. All rights reserved. Xerox and Xerox and Design are trademarks of Xerox Corporation
More information05.0 Application Development
Number 5.0 Policy Owner Information Security and Technology Policy Application Development Effective 01/01/2014 Last Revision 12/30/2013 Department of Innovation and Technology 5. Application Development
More informationIoT & INFOSEC: A REPORT FROM THE TRENCHES - AGC IT Conference- July 2015 MIKE.ZUSMAN@CARVESYSTEMS.COM
IoT & INFOSEC: A REPORT FROM THE TRENCHES - AGC IT Conference- July 2015 SECURITY IS A PROCESS, NOT A STATE CARVE SYSTEMS LLC MIKE.ZUSMAN@CARVESYSTEMS.COM Carve s Roots (tl;dr)
More informationiviz Security Inc (In) Security in Security Products 2013
iviz Security Inc (In) Security in Security Products 2013 iviz Security Inc 2013 Introduction We use security products to secure our systems and our businesses. However, the very security products we use,
More information