What are some consequences of the lack of basic cyber security controls?

• Loss or stolen customer data
• Loss of intellectual property
• Decreased productivity
• Legal liability
• Regulatory sanctions and fines
• Computer systems downtime
• Loss of reputation and customer confidence
• Loss of revenue
• Banking Fraud

Could this happen to you?

It is very important to understand that neither size nor industry guarantees protection from an attack. The use of computer systems and the Internet makes you vulnerable to attacks and other threats.

A 2010 survey conducted by the Ponemon Institute and Guardian Analytics of over 500 SMBs surfaced these alarming statistics:

• 55% experienced a fraud attack in the last year
• 58% of the incidents involved online banking
• Over 50% experienced multiple incidents
• 87% failed to fully recover lost funds

You are not a big, well known business. Why would anyone attack you?

While it might be the case that well trained hackers are not very interested in your small company, most online attacks aren’t carried out by expert hackers. Attacks are perpetrated by low-skilled, common criminals with access to pre-packaged hacking tools, thereby casting a wide net in hopes of finding an unprotected computer system or network. These tools are easy to use and readily available on the Internet, often times free of charge. The anonymity of a cyber attack makes it even more attractive to criminals. Many attackers use safe havens in foreign countries which do not have strong cyber crime laws.

Malicious software like viruses, worms, trojan horses, spam, bots are all vectors of cyber attacks that are indiscriminately spreading across the Internet. These attacks don’t only target your small business computer systems but also seek to use your unprotected systems to launch attack on others.

Hasn’t IT guy(s) already dealt with this issue?

Although cyber security includes traditional “IT”related issues, it primarily focuses on protecting your valuable information from all threats including physical attacks, data corruption, equipment failure, social engineering, and bad security choices due to insufficient security awareness education. Effective cyber security management requires specific training related to threats, vulnerabilities, and risks affecting computer systems, business operational processes, and most importantly you and your employees. One’s security problems cannot be addressed solely by off the shelf products. Security must be addressed in the boardroom before it is addressed in the computer room.

What are the benefits and cost of cyber security?

Besides avoiding some of the devastating consequences mentioned earlier, good security is simply good business. It does far more than increase customer confidence and protects the integrity of your businesses brand. A secure business increases customer confidence, loyalty and adds to the businesses bottom line.

Responsible businesses understand that risk management mandates that all threats, including cyber threats, be assessed and managed to protect the business, employees and customers.

The potential cost of inaction far outweighs the cost of action. Analyzing your businesses risks allows you to weigh the costs and benefits and make informed decisions.

Where do you start? Where can you get help?

Although improving your security may seem a daunting task, it doesn’t have to be. Increasing cyber security awareness helps small and medium sized businesses proactively implement simple best practices to protect their businesses. Security should be built into your business processes, information technology (IT), and most importantly your employees and contractors. Each business is unique and faces challenges particular to their operations. There is no magic pill that guarantees 100% security. The SMB Cyber Security Alliance have security experts available to help you understand your unique risks and implement solutions that work your your particular business environment.

Visit us today and sign up for your free membership at http://www.smbcybersecurity.org

The SMB Cyber Security Alliance is volunteer-run organization seeking to increase cyber security awareness in small business communities through education, awareness training, free resources and consultations, and active engagements between small business owners and local security professionals.

Related posts:

1. Defend your Small Business against Online Bank Fraud Is your banking practices putting your business at risk? Protect...
2. Security On A Shoestring SMB Budget The e-mail appeared to be an invitation from an old,...
3. Facebook poses biggest security threat to businesses According to it’s  Security Threats 2010 report published today, security...

Update Summary

• Metasploit now has 551 exploit modules and 261 auxiliary modules (from 445 and 216 respectively in v3.3)
• Metasploit is still about twice the size of the nearest Ruby application according to Ohloh.net (400K lines of Ruby)
• Over 100 tickets were closed since the last point release and over 200 since v3.3

The full release notes can be found  here.

Related posts:

1. CISSP All In One Book FIFTH EDITION has been released The fifth edition of this best-selling comprehensive CISSP training resources...
2. Backtrack 4 Final Released!! Backtrack is a linux-based penetration testing suite of tools  used...
3. 2010 CyberSecurity Watch Survey Cybercrime threats posed to targeted organizations are increasing faster than...

Google has released an open-source Web security scanner called Skipfish that is designed to allow people to scan Web applications for security holes.

The tool scans a Web application for flaws including “tricky scenarios” such as blind SQL or XML injection, Google developer Michal Zalewski said in the Skipfish wiki.

Skipfish prepares a site map annotated with interactive crawl results, highlighting flaws, after a recursive crawl and dictionary-based probing of the target site. The tool can also generate a final report that can be used as a basis for a security assessment.

Read more of “Google releases Skipfish Web-security scanner” at ZDNet UK.

Related posts:

1. Pause your Google History Have you ever used your Google search history? If you...
2. Lynis – Security and System Auditing Tool Lynis is an auditing tool for Unix (specialists). It scans...
3. Virtual Networking and Security Training Tool As someone who works in an environment where I have...

Sahi is an open source testing tool for web applications, with the facility to record and playback scripts. Developed in Java, C and Javascript, this tool uses simple Javascript to execute events in the browser.

Features:

In-browser controls
Intelligent recorder
Text-based scripts
Ant support for playback of suites of tests
Multi-threaded playback from a command line
HTTP and HTTPS support
AJAX support

Sahi runs as a proxy server which intercepts traffic from the web browser and records the web browsing actions. Sahi can play back those recorded actions by injecting Javascript into the browser so it can access elements in the web page. This makes the tool independent of the website/ web application.

Read more and download it here:

http://www.darknet.org.uk/2010/03/sahi-web-automation-application-security-testing-tool/

Related posts:

1. Google Informs users of terminination of support for IE6 I received this email from the good offices of Google...
2. Skipfish-Web Scanning Security Tool from Google Google has released an open-source Web security scanner called Skipfish...
3. Web Application Security Testing White Paper The need to provide web security and defend web applications...

• Combination of user / plain-text password.
• Combination of user / NTLM hash.
• Combination of user / NTLM logon session token.

If any valid credentials has been discovered across the network after its attack phase, the user is asked to choose which host to connect to and which valid credentials to use, then he will be prompted with an interactive SMB shell where the user can:

• Spawn an interactive command prompt.
• Navigate through the remote SMB shares: list, upload, download files, create, remove files, etc.
• Deploy and undeploy his own service, for instance, a backdoor listening on a TCP port for incoming connections.
• List users details, domains and password policy.

You can download keimpx 0.2 here:

keimpx-0.2.zip

source: http://www.darknet.org.uk/2010/02/keimpx-open-source-smb-credential-scanner/

Related posts:

1. 100+ Open Source Security Tools Security testing  or assessment is a process to determine that...
2. 5 Open Source Alternatives to Microsoft Office The Microsoft Office productivity suite has risen to become the...
3. 2010 CyberSecurity Watch Survey Cybercrime threats posed to targeted organizations are increasing faster than...

Researchers are preparing to release a free tool to stop “drive-by” downloads. The new tool, called BLADE (Block All Drive-By Download Exploits), stops downloads that are initiated without the user’s consent.

Read Full Article: http://www.technologyreview.com/computing/24632/?a=f

Related posts:

1. United States Department of Defense Embraces Hacker Certification Mar 01, 2010 – The U.S. Department of Defense (DoD)...
2. Lynis – Security and System Auditing Tool Lynis is an auditing tool for Unix (specialists). It scans...
3. Company develops Virtualized USB key for Online Banking Safety IronKey has come up with a USB drive that can...

Dr. Ali Jahangiri

Download it here: http://www.livehacking.com/cd-dvd/download.htm

Read the full press release here: http://www.free-press-release-center.info

Related posts:

1. Backtrack 4 Final Released!! Backtrack is a linux-based penetration testing suite of tools  used...
2. Cloud-based…hacking?? I assigned my class a research paper on the security...
3. Free episodes of Hakin9 Magazine posted Hakin9 is a source of advanced, practical guidelines regarding the...

http://www.blackhat.com/html/bh-dc-10/bh-dc-10-archives.html

Related posts:

1. United States Department of Defense Embraces Hacker Certification Mar 01, 2010 – The U.S. Department of Defense (DoD)...
2. 2010 CyberSecurity Watch Survey Cybercrime threats posed to targeted organizations are increasing faster than...
3. More on Forensics… Follow what the NOVA Information Assurance Strike Team is up...

Related posts:

1. CISSP All In One Book FIFTH EDITION has been released The fifth edition of this best-selling comprehensive CISSP training resources...
2. More on Forensics… Follow what the NOVA Information Assurance Strike Team is up...
3. Brevity is the soul of…..getting yourself infected with all kinds of nasties! Would you click on the link : http://www.click-here-to-give-me-access-to-all-your-computer-files.com? No? How...

According to views of the U.S. experts, unsecured homes networks can also be used by the neighbors in order to spam bots download unauthorized material on the rights of the songs and music, and even pornographic material without knowing the owner, which had led to legal proceedings. In particular, it is difficult to identify the person or organization that used the network. One person was detained when he stopped his car in front of a U.S. charitable organization and used its network to communicate with the Internet.

The offices of small businesses were opened that do not have secured internal networks to penetrate the large companies that make business with them; this also is applied to the home network. To overcome the problems the experts proposed to change the passwords on wireless networks from time to time and installation of cryptographic keys to the codes can be changed according to a regular basis. The radio signals can be adjusted so as not to fall outside the walls of the office.

Finally, the use of advanced software to scan wireless networks secures the development of local home and office computers “in the case of the shadows!”

Author: Shrif S Kassem
Article Source: EzineArticles.com
Provided by: Latest trends in mobile phone

Related posts:

1. Protect the Internal Network From Hackers Attention! All the hackers on the systems of various according...
2. Beware of Free Internet Connections Many hotels,coffee shops and other such establishments  offer free wireless...
3. A Guide to Computer Security As the number of people connecting to the Internet continues...

Confidentiality: A security measure which protects against the disclosure of information to parties other than the intended recipient(s). Often ensured by means of encoding, using a defined algorithm and some secret information known only to the originator of the information and the intended recipient(s) (a process known as cryptography) but that is by no means the only way of ensuring confidentiality.

Integrity: A measure intended to allow the receiver to determine that the information which it receives has not been altered in transit or by other than the originator of the information. Integrity schemes often use some of the same underlying technologies as confidentiality schemes, but they usually involve adding additional information to a communication to form the basis of an algorithmic check rather than encoding all of the communication.

Authentication: A measure designed to establish the validity of a transmission, message, or originator. It allows a receiver to have confidence that the information it receives originated from a specific known source.

Authorization: The process of determining that a requester is allowed to receive a service or perform an operation.

Availability: Assuring information and communications services will be ready for use when expected. Information must be kept available to authorized persons when they need it.

Non-repudiation: A measure intended to prevent the later denial that an action happened, or a communication took place, etc. In communication terms, this often involves the interchange of authentication information combined with some form of provable time stamp.

I’ve listed 100+ free and open source tools used in security testing here.

Related posts:

1. keimpx – New Open Source SMB Credential Scanner keimpx is an open source tool, released under a modified...
2. How many security tools can you fit on your key chain? When I first started running Ubuntu as my laptop OS...
3. 5 Open Source Alternatives to Microsoft Office The Microsoft Office productivity suite has risen to become the...

This software aims in assisting automated auditing, software patch management, vulnerability and malware scanning of Unix based systems. It can be run without prior installation, so inclusion on read only storage is no problem (USB stick, cd/dvd).

Lynis assists auditors in performing Basel II, GLBA, HIPAA, PCI DSS and SOX (Sarbanes-Oxley) compliance audits.

Related posts:

1. Virtual Networking and Security Training Tool As someone who works in an environment where I have...
2. 2010 CyberSecurity Watch Survey Cybercrime threats posed to targeted organizations are increasing faster than...
3. Pentagon and Congress wants control of your network during cyberattack There has been a lot of chatter in the news...

The principal focus of the testing should on the application under test. This means that the vulnerability of the surrounding environment is not under test, nor are for example Internet facing firewalls, except in their relationship to the application. Therefore it would be appropriate for the Vendor to confirm that the firewalls are configured correctly for this application and that no unnecessary ports are allowed through. Conversely, the vendor should be instructed not to test your firewalls beyond this.

The test should include a paper review of the architectural design, before beginning testing. The review should validate the physical placement of the various network components servers, and identify potential issues or security weaknesses.

It should be left to the vendor to use their judgment as to which particular tests are relevant to a particular application. There are two exceptions to this.

• If it can be seen that the vendors proposed testing is not comprehensive enough, then the project should insist on extending the scope to include additional areas of testing.
• If in the opinion of the project, the tests proposed would have a undesirable effect on production infrastructure or applications. In this case steps must be taken to achieve the same testing via an alternative manner. For example, this may involve the use of application disaster recovery equipment.

While its difficult to specifically prescribe which tests are appropriate for any generic set of applications, in principal you should consider the following where applicable:

• Password cracking scan of password files on servers.
• An on-box scan for security vulnerabilities.
• An examination of client-side application for information that reveals information about how the application functions that could be used for a more focused attack.
• Examination of client-side code and locally stored information such as cookies and session information. This should include alterations to such information in an attempt to:

- subvert authentication checking – establish the bounds of server reliance on client data fields – test for other unexpected results and potentially access confidential information.

• Bounds checking and application validation for both accidental and mischievous input. The test should ensure that applications correctly respond to unexpected data formats or sizes.
• Potential for buffer overflows.
• Examination of application-to-application interaction between resources such as the web service and back-end data feeds. Attempts are made to access application resources by impersonating other system functions or sources.
• An examination of application-level traffic passing between various host systems for passwords, CGI parameters, and other data that might be reused as part of an exploitation attempt.
• Conduct authenticated user testing to see if they can abuse the system as a “customer”.
• Attempted permission escalation by, for example, referencing application components with higher server-side permissions, or exploitation of race conditions to identify lax permission or authentication checking.
• Susceptibility of the application to replay attack and man in the middle attacks.
• Other session orientated attacks, including an analysis of system responses to such data.
• Susceptibility of the application to specially crafted packets delivered independently of the front end application checking.
• Investigation of robustness and resilience of application Authentication mechanisms.
• Software-specific manufacturer-recognised exploits
• Content sharing vulnerabilities
• Presence of deployment process vulnerabilities
• Presence of activation process vulnerabilities
• Request process vulnerabilities
• File and user permission vulnerabilities
• Cluster connectivity vulnerabilities
• Excess build and configuration weaknesses
• Application of applicable security patches, fixes and updates
• Legacy application code development weaknesses
• SQL injection weaknesses
• Cross-scripting vulnerabilities
• Potential to fraud the application
• Encryption and authentication vulnerabilities
• Defacement weaknesses
• Redirections vulnerabilities
• Administration rights & controls
• Sniffer attack vulnerabilities

Some applications may have a number of identical components in the architecture, e.g. a web-enabled application may have 4 web servers in parallel for loading reasons. In these cases, the project should ensure that the vendor is testing all instances of the components. Extending the web server example further, this would mean that each web servers operating system would need to be tested to ensure that any hardening processes undertaken had been completed on each of the servers.

This does not mean that each instance of the actual application code running on each web server is subjected to all tests. In other words it should be sufficient to conduct data validation tests against only 1 of the servers

It happens more often that one would think, but there have been many cases of penetration tests launching attacks against networks that were not authorised for testing. Therefore the project must ensure the vendor knows the limits that they are working under. It is worth asking the vendor what methods they use to limit unintentional damage to your network.

Lastly, the vendor should be reminded by the project that any information collected is to be treated in confidence, and that they must take appropriate steps to ensure any data retained by them is secured and destroyed securely when no longer required.

Author: Penny Reyes
Article Source: EzineArticles.com
Provided by: Smart cooker

Related posts:

1. SAHI – Web Automation & Application Security Testing Tool Sahi is an automation tool to test web applications. Sahi...
2. Web Application Security Testing White Paper The need to provide web security and defend web applications...
3. Revealed – 5 Web Application Security Threats How secure are your Web applications and your Web application...

BackTrack 4 (codenamed “pwnsauce”) includes a new kernel, a larger and expanded toolset repository, custom tools that you can only find on BackTrack, and more importantly, fixes to most major bugs that we knew of. You can install and use it as your primary operating system, run it as a live cd, from a usb drive, or as a virtual machine.

Some of the tools included in the suite are: Metasploit, Kismet, Autoscan, Nmap, Ettercap, Wireshark, etc. These tools can be used for network, system and wireless reconnaissance, enumeration and penetration.

I use the backtrack suite in teaching my ethical hacking class. It is a great tool for anyone interested in learning to perform security assessments.

Other suites with similar functionality can be found in a previous post.

Related posts:

1. How many security tools can you fit on your key chain? When I first started running Ubuntu as my laptop OS...
2. Metasploit 3.4.0 Hacking Framework Released – Over 100 New Exploits Added Metasploit provides useful information and tools for penetration testers, security...
3. Live Hacking CD based on Ubuntu?? Get out!! Dr. Ali Jahangiri, the well known security expert and author...

There are some steps you can take to protect yourself however:

The best safeguard is to avoid accessing sensitive websites on public networks i.e. your bank account, email. etc

If you must access such websites, before entering you user name and password, ensure that your connection is encrypted and connected to the real web server. You can do so by verifying that the url begins with an https. HTTPS refers to HTTP over SSL encryption. This means that all communications between your web browser and the web server you are connecting to is encrypted. Anyone sniffing your network traffic will be unable to see what is actually being sent.

You can also verify the legitimacy of the web server where the web pages are hosted. If the connection is over HTTPS, there should be a golden lock on your browser screen. Firefox displays it on the lower right and Internet Explorer displays in it the URL bar. Double clicking on the lock will display the digital certificate which verifies that the web server belongs to the organization whose web site you are trying to connect to.  This digital certificate should be issued by a reputable company like Verisign or Thawte.

Lastly, you can use a remote access VPN. A VPN encrypts and protects all your network traffic. VPNs are often used by users to connect to their company’s internal networks. If you do not have ready access to a personal or company VPN. There are several online services that offer free VPN solutions. Three of such services are:

CyberGhost is a  free VPN service from Germany which route your through a German IP. The free service is limited to 10Gb of traffic every month. There is also a paid service that is affordable.

UltraVPN is a  free downloadable VPN client from France with no traffic quota.

AlonWeb is a third option. It uses the OpenVPN tunneling server to encrypt your traffic and users are limited to 1GB of traffic a month. AlonWeb is also ad supported so it injects advertisements into the web pages users are browsing.

These VPN services, in addition to verifying your encrypted communication with a legitimate web server, provide an increased level of security to protect your network traffic from prying eyes.

Related posts:

1. Free Blocking Tool to Stop Drive-By Malware Downloads The threat of drive-by downloads is very significant as users...
2. Revealed – 5 Web Application Security Threats How secure are your Web applications and your Web application...
3. Effectively Scoping Application Security Penetration Testing and Ethical Hacking When seeking to test if your web based application or...

This week, I am in a Cisco Security Faculty Development boot camp where college professors are trained on the Cisco CCNA curriculum and given tools with which to better present that information in their courses. We are using Cisco Packet Tracer version 5.2.1 which is a network simulation software that allows students to experiment with network configuration and behavior. As I’ve never used Packet Tracer before, I am very impressed with this tool. The ability to simulate local and wide area networks will be a great tool top better acquaint my students with networking and security equipment (atleast Cisco’s incarnation of them). I try to keep my classes as vendor independent as possible but as the underlying principles are essential the same, if you can configure one, you can figure out the other vendors.

VMware is also a great tool for training tool. It allows you to install/run different operating systems in software. Using VMware player or the free version of VMware server, I have my students practice with various linux operating systems or virtual appliances. See http://www.vmware.com/appliances/ for devices that have been ported to run as a virtual appliance.

Related posts:

1. SAHI – Web Automation & Application Security Testing Tool Sahi is an automation tool to test web applications. Sahi...
2. Skipfish-Web Scanning Security Tool from Google Google has released an open-source Web security scanner called Skipfish...
3. Lynis – Security and System Auditing Tool Lynis is an auditing tool for Unix (specialists). It scans...

I was quite pleased when I came across Katana, which is a multi-boot suite that combines multiple security distributions ( and you can add more ) to one bootable USB. By default, it comes with the following:

- Backtrack 4
- the Ultimate Boot CD
- Organizational Systems Wireless Auditor (OSWA) Assistiant
- the Ultimate Boot CD for Windows
- Got Root? Slax
- Ophcrack Live
- Damn Small Linux
- Damn Vulnerable Linux

It also includes “over 100 portable Windows applications”. Katana v1.0 can be downloaded from the developer’s site here.

Related posts:

1. Aaaah The Infamous Blue Screen of Death On Tuesday, Microsoft issued a patch, MS10-015,  to fix a...
2. Recent Microsoft Update BSOD may be caused by Rootkit Last week, I posted here about the recent pandemic of...
3. 100+ Open Source Security Tools Security testing  or assessment is a process to determine that...

Related posts:

1. CISSP All In One Book FIFTH EDITION has been released The fifth edition of this best-selling comprehensive CISSP training resources...
2. 2010 CyberSecurity Watch Survey Cybercrime threats posed to targeted organizations are increasing faster than...
3. United States Department of Defense Embraces Hacker Certification Mar 01, 2010 – The U.S. Department of Defense (DoD)...

Related posts:

1. More on Forensics… Follow what the NOVA Information Assurance Strike Team is up...
2. Black Hat DC -2010 is here! Black Hat, one of the biggest and most popular security...
3. A Guide to Computer Security As the number of people connecting to the Internet continues...

Related posts:

1. Backtrack 4 Final Released!! Backtrack is a linux-based penetration testing suite of tools  used...
2. Metasploit 3.4.0 Hacking Framework Released – Over 100 New Exploits Added Metasploit provides useful information and tools for penetration testers, security...
3. SAHI – Web Automation & Application Security Testing Tool Sahi is an automation tool to test web applications. Sahi...