Archive | Editorial Articles RSS feed for this section

Tax Time Security Woes – WSWiR Episode 139

There’s tons of security news each week. If you can’t keep up, I try to summarize the most important stuff for you in my weekly video.

This week’s show covers a researcher leaking 10M credentials, Forbes’ website getting hacked, a TurboTax security scare, and much more. Watch the video for all the details, or check out the Reference section for other interesting stories.

(Episode Runtime: 9:50)

Direct YouTube Link: https://www.youtube.com/watch?v=mTycl-zSbVA

EPISODE REFERENCES:

EXTRAS:

— Corey Nachreiner, CISSP (@SecAdept)

Forbes Forces Malware – Daily Security Byte EP.22

Did you know the Forbes website was serving up targeted malware last December, by exploiting two zero day vulnerabilities? If not, watch the video to learn more.

(Episode Runtime: 2:14)

Direct YouTube Link: https://www.youtube.com/watch?v=nj-S6ss8-dw

EPISODE REFERENCES:

— Corey Nachreiner, CISSP (@SecAdept)

The Hazards of Using Public WiFi Access Points

Editor’s note: I’m excited to share a cool new security site with you. Pulitzer prize winning journalist,  Byron Acohido, has launched a fresh site dedicated to keeping consumers and businesses informed about emerging information security (infosec) and privacy issues.

I first met Byron while he was doing a USA Today story on Java’s security risk, and I’m excited to see him and his team focus full time on infosec. Go check out the new site, Third Certainty, and sign up for the free weekly newsletter for regular updates.

Meanwhile, I recently did an interview with him about the dangers of public WiFi. Check out the article, in full, below. — Corey Nachreiner, CISSP (@SecAdept)


The hazards of using public WiFi access points

By Byron Acohido, ThirdCertainty

Free WiFi access points (APs) are a great convenience for consumers and can be a productivity booster for business travelers. But they also present ripe opportunities for hackers. ThirdCertainty asked Corey Nachreiner, WatchGuard Technologies’ director of security strategy, to outline this exposure.

3C: What risks do consumers and business travelers take when using WiFi services in public venues such as airports, hotels and coffee shops?

Nachreiner: The exposure is potentially huge. It’s natural for people to congregate and wait in places like airports and hotels and use public WiFi access. So these are ideal locations for attackers to set up faked WiFi APs.

This is possible because SSIDs (wireless networks) used in these locations are widely trusted; names like AT&T Wi-Fi, XFINITY WiFi, Boingo Wi-Fi and Free WiFi. And, it is easy for an attacker to broadcast a faked AP using these familiar names to entice victims to connect via the attacker’s AP. Furthermore, if your computer has connected to the legit access point in the past, it may automatically connect to the faked one.

Best practices: 4 steps to using public-access WiFi safely

3C: So if I connect to the Internet via a faked WiFi connection do I still get on the web?

Nachreiner: Yes, but now the attacker can see what you’re doing, infect your computer and set up man-in-the-middle attacks that can steal your account credentials and work files.

3C: Does part of this have to do with the venues – the hotels and book shops – not bothering to lock down the free WiFi access?

Nachreiner: Yes. Eighty percent hospitality WiFi networks don’t require a unique password, and 50 percent do not secure or monitor their networks. I can share many stories about how easy it is to set up a faked AP in public areas and watch people join.

3C: This exposure has been out there since WiFi started going public more than a decade ago. So how intensively have the bad guys been exploiting this?

Nachreiner: Bad guys are definitely exploiting this. I’m a fairly regular business traveler. I’ve found suspicious and very likely malicious APs on two out of 10 trips. l’ve been on hotel networks where my security tools show other guests on the network trying to connect to my shares.

Whether they were just curious guests or malicious attackers is hard to say. But hotel networks are the perfect place for attackers to find victims.

3C: Right, that’s what happened in the so-called DarkHotel attack.

Nachreiner: Exactly, one of our partners, Kaspersky, discovered attackers targeting the third party WiFi vendor of a specific hotel. They were seeking intelligence on certain guests they knew would be staying at the hotel. They used the compromised wireless network to infect the computers of their targeted victims.

This was a very sophisticated attack and not the norm. That said, it’s more common to find basic criminals putting up faked hotel network connections to steal information from guests opportunistically.

3C’s  newsletter:Free subscription to fresh analysis of emerging exposures

More on emerging best practices

3 steps for figuring out if your business is secure

5 steps to secure cyrtography keys, digital certificates

6 steps for stopping hacks via a contractor or supplier

February Patch Day – Daily Security Byte EP.21

If you’re a Microsoft admin, you know the drill. The second Tuesday of the month means lots of security updates. Watch the video for a quick summary.

(Episode Runtime: 1:27)

Direct YouTube Link: https://www.youtube.com/watch?v=AbCinysV2tQ

EPISODE REFERENCES:

— Corey Nachreiner, CISSP (@SecAdept)

Hot Girls Help Hackers – WSWiR Episode 138

The information security (infosec) industry is fast paced, and attackers change tactics every week. Do you have trouble following the latest attacks and security news? Well, our regular infosec video is here to help.

Today’s episode covers attackers masquerading as hot girls, a zero day IE11 flaw, malicious Google Play apps, an one of the largest healthcare data breaches. Watch the video for details on all that an more, and visit the Reference section for links to other stories.

(Episode Runtime: 10:50)

Direct YouTube Link: https://www.youtube.com/watch?v=EjDCoG7RxsY

EPISODE REFERENCES:

EXTRAS:

— Corey Nachreiner, CISSP (@SecAdept)

Who Cares About Lovely Horse? – Daily Security Byte EP.20

Oh no… The NSA and GCHQ are following security experts on Twitter! The Sky is falling, the sky is falling! Watch today’s video to learn why I don’t think the latest “Snowden leak” qualifies as news.

(Episode Runtime: 1:29)

Direct YouTube Link: https://www.youtube.com/watch?v=vz3v3m2w07w

EPISODE REFERENCES:

— Corey Nachreiner, CISSP (@SecAdept)

Huge Healthcare Breach – Daily Security Byte EP.19

If you’re an Anthem health insurance customer, it’s time to monitor your credit. Anthem warns external hackers stole 80 million records. Learn what this means to you by clicking play below.

(Episode Runtime: 2:03)

Direct YouTube Link: https://www.youtube.com/watch?v=rICT_H76lqs

EPISODE REFERENCES:

— Corey Nachreiner, CISSP (@SecAdept)

New eBook Explores Unlocking the Promise of UTM-Enabled Network Protection

Combatting enterprise-grade threats, without the resources to deploy enterprise-grade solutions, is a key security challenge for today’s midsize businesses. It often results in a piecemeal approach to network security and a complex, disjointed strategy that leaves significant gaps in protection.

To help overcome these challenges, we’ve teamed up with Frost & Sullivan to release a new eBook titled, “Fulfilling the Promise of Unified Threat Management (UTM): Unlocking Full UTM-Enabled Network Protection.”

Get the eBook now.

UTM

The eBook is broken into four main sections and explores: the challenges facing midsized enterprises; UTM adoption fears for business; WatchGuard’s approach to delivering UTM protection; and three simple steps to future-proof your UTM strategy.

To quote Chris Rodriguez, senior industry analyst for network security at Frost & Sullivan and author of the executive brief that the eBook is based on, “While businesses claim that security considerations drive network planning, the reality is that any security technology that hampers network performance is simply switched off.” This underscores the importance of properly evaluating UTM technologies to ensure these security appliances can deliver the performance you need today, coupled with the flexibility you’ll need tomorrow.

To get you started, here’s a sampling of the three steps that can help future-proof your network security strategy, but for complete tips, checklist and more, download the eBook today:

1. Focus on UTM performance instead of firewall performance. Most vendors promote the performance of the product when used as a stateful firewall. Look for performance with UTM features enabled.
2. Carefully analyze third-party testing data. These tests often compare UTM capabilities when deployed as IPS or in other dedicated security roles, even though UTM products are not designed for a single-function capacity.
3. Consider UTM features for maximum security. These solutions are designed for modularity so that new security features can be added with minimal impact on network performance. Look at features like clustering, which can help future-proof your investment.

Follow

Get every new post delivered to your Inbox.

Join 7,841 other followers

%d bloggers like this: