Archive for May, 2015

Anatomy of a basic attack…

May 31, 2015 Leave a comment

I was hoping to find a way that the average reader would understand about the process that ensues when a target is identified and eventually pwned. ‘Pwned’ is a term whose etymology is attributed to a typo because the keys ‘o’ and ‘p’ are so close to each other on a qwerty style keyboard. Its history dating back to the early 21rst century when first person shooters were popular video games. It is meant to indicate the ability to conquer and gain ownership.

Today ownership isn’t just in the video game area – it is being waged in the computer world to control information, bandwidth and overall control of a computer and it’s network. If you loose control of your electronic devices you may or may not ever know it. Individuals, competitors or even nation states have been doing this for many years and everyone is a potential victim.

If you buy electronics and want to be hooked up to the internet you may want to read about the methods that can be used to gain access to your computers. Whether it is for fun, to prove a point or as a launching point to another site anyone can suffer from an orchestrated attack.

I recently reviewed a website who managed to sum up the essence of an attack.  You can read more about the process from his link (here) but please pay heed – this could happen to you if you don’t take steps to prevent it from happening. Contact us for a consultation and to learn more.

Categories: General

Do you know your rights when it comes to your security?

May 28, 2015 Leave a comment

We recently began a debate here in Canada over our rights when a fellow countryman returned back over the border and found that he was arrested as a result of denying a request to give up his mobile passphrase.

We hear a lot of grumblings from our neighbours to the south and most of us assume that we have similar rights while this is not the case. The Electronic Frontier Foundation is basically a collection of lawyers in the US who have fought tirelessly to maintain certain rights and freedoms and their work is needed now more than ever before.

Recently the US law makers came under pressure to renew portions of the Patriot Act after the Supreme court overturned the Nation Security Agency’s ability to unilaterally tap every call in and out of the country. Under the guise that if it doesn’t get renewed this could result in ‘failing to keep the American people safe and secure’. I mean we are talking about stopping the government from keeping a complete record of every call in and out of the country – is that really such a bad thing? The phone companies have had this for years – just get a court order and ask them.

Back in Canada we have the Canadian Security Intelligence Service (CSIS) along with the Canadian Border Service Agency (CBSA) and the Supreme court of Canada all rewriting section 8 of our Charter of Rights and Freedoms. In what is clearly a divided decision by everyone, the court has ruled in favour of law enforcement ability to obtain access to your electronic devices without a warrant.

For more information regarding your Canadian rights or any other portion of this story see our links below.

Categories: General

mSpy debacle keeps on giving…

May 28, 2015 Leave a comment

In keeping with the NSA theme this year, Brian Krebs broke a story about a company that sells tracking software but, get this, they were hacked and now all of your tracking info is available for anyone to see! The software was designed to capture and upload key data points from home computers and mobile devices and the data is now available for some creative people to pilfer.

I think the worst part is that now the company has being outed, they started to claim that there was no breach and now they try to minimize the scale of the event. This event and others like it, should serve as a reminder to any individuals or businesses that ‘O, what a tangled web we weave when first we practise to deceive’.

Categories: General

SQLi – still number 2 on the hackers list…

May 25, 2015 Leave a comment

I came across reference to a cartoon that I thought was some of the funniest I have seen regarding technology these days and I thought I would share it for everyone here in case you haven’t seen it. Has hacking become so mainstream these days that we are making jokes about it – seems so…enjoy!

Categories: General

Using Putty for remote ssh – maybe you should check it…

May 21, 2015 Leave a comment

Symantec has reported that there is a rogue version of putty.exe (a remote connection tool used by many techs to connect over ssh, serial ports, etc.) This version is designed to send a specific User Agent when connecting ‘home’ so you could use something like snort to make sure no people are using the rogue version. See more about this report from Symantec – here (

(Ed. This has been maintstream in ‘free’ versions of mobile software and it works so well attackers are resorting to computer users although I would have thought targeting techs may not have been such a good idea but without the proper monitoring and management equipment, this type of activity will go unnoticed by a lot of sysadmins)

Categories: General

Another large scale breach…

May 21, 2015 Leave a comment

I hope nobody actually has any personally identifiable information with this company. Forget about your daughters, you should lock up your credit cards and pay cash for everything!

Carefirst Blue Cross Breach Hits 1.1M

Categories: General

Computer Breach and what you can do about it

May 18, 2015 Leave a comment

Security Breach can happen to you

Experts agree that 2015 will be a tipping point for most small to medium sized businesses when it comes to computer security. The average organization cost of data breach is now over 6 million dollars. For most of my clients their loss won’t be anywhere near those numbers but to understand the cost to you or your organization that is over $200 per record. Maybe it’s a list of your clients or your employee wages or perhaps it’s usernames and passwords for your organization. Do the math – these can add up to large scale loss for everyone.

Among the top 5 threats for computer networks today are;

  1. IoT – The Internet of things brings along convenience but those IP enabled devices are not without risk. As you purchase Wi-Fi enabled security systems, TVs, media devices, Network Area Storage, etc. we are seeing an increase in vulnerabilities that expose your network and help to increase your attack surface. They need to be monitored and maintained because they are not as secure as a computer or a server.
  2. DDoS – The abilty to overwhelm your network with traffic is quite common and can easily be done by most consumers with a home network connection. If you require the Internet to do business you should evaluate whether you can operate without it. If not then you should consider protecting yourself against the real possibility that it could happen to you.
  3. Social Media Attacks – If your business uses any cloud based or social media application you should review your authentication and user management policies to avoid a potential breach of your accounts. Hackers are now targeting online applications in order to infect your users and gain access to your networks through the use of Cross Site scripting vulnerabilities. All it takes to be infected is for an email to be clicked on and you can no longer rely that your AntiVirus will prevent any Trojans from getting through.
  4. Mobile Malware – The volume of mobile devices beginning to enter your workplace and the ability to use your internet connection add a very large possibility that malware on a mobile device can get access to your corporate network. If you already allow users to have access to your network with any computerized devices you are probably at risk. You should consider controlling the access or monitor all of the devices by using a Mobile Device Management platform or you risk a possible breach to continue without your knowledge.
  5. Third party Attacks – Many companies allow third party applications to connect with their own network assets but how safe are they? Large scale breaches have been shown to be caused by third party vulnerabilities and these occupy a ‘grey area’ when it comes to management (who is responsible to keep all applications up to date on those systems?). Many user agreements do not cover damages that can be caused by a lack of security practices and once the vulnerabilities have been exploited, hackers use those systems to pivot onto your networks and wreak havoc on your networks.

There are several methods you can implement that can help mitigate the risks.

  1. Implement Monitoring – It is no longer safe practice to just implement a firewall you need to monitor all traffic coming into and out of your network. Hundreds of breaches in any network design have been traced to a failure to see IOC (Indicators of compromise). Not only do you need to record reams of data but you need to review them in order to determine what is normal behavior and what indicates a potential breach. There are devices available that can help you do that and although they can be complicated to implement, once properly deployed they can help you become aware of details that help you find attacks before they become too big.
  2. End User security awareness – If you don’t already have a program in place you should consider a large scale awareness campaign surrounding security at your organization. It can be as simple as a regular talk over lunch or it  can involve testing to be sure that your employees have taken the necessary steps and understand your policies. You need to train your users about the do’s and don’ts of all aspects of your security. Physical security, passwords, email questions, sharing account credentials, staffing questions, etc. You need to protect all aspects of information leakage whereas hackers only need one of them.
  3. Inventory all equipment – If you do not have an active list of your equipment, anything that is or was connected to your network, then take the time to make one and keep it up to date. Many organizations are leaking information that can be critical to your operations. Network devices that no longer are connected should be properly disposed of and /or their configurations need to be wiped. Improperly configured devices and anything with wireless access remain the largest risk to any organization – all of these devices need to be audited on an regular basis to manage the risk.
  4. Review your Protection – Make sure that you update ALL software (this includes Operating systems and any third party applications) that are actively used on all networked computers. Update any firmware on devices that connect to your networks. Implement and maintain Antivirus software on any computer that is actively used to open emails or browse the Internet.

There are many different ways you can help protect yourself from attack but I wanted to point out the clear methods to avoid them. If you are aware of all of the different methods that can be used to gain access to your company or it’s information then you can help manage them. A failure to see them coming is a sure fire way to enable the attack over an over again.

Categories: Work related Tags: