Wednesday, September 27, 2017

How 'the invisible network' poses a major security threat

If a hacker managed to switch off a life-support machine, the results could be fatal
Imagine a hacker remotely turning off a life support machine in a hospital, or shutting down a power station. These are the nightmare scenarios we face because many organizations haven't a clue how many unsecured devices are connected to their networks, cyber-security experts warn.
It was an ordinary day at a busy hospital - doctors, nurses and surgeons rushed about attending to the health of their patients.
For Hussein Syed, chief information security officer for the largest health provider in New Jersey, it was the health of his IT network that was keeping him busy.

Sunday, September 24, 2017

Web Server Penetration Testing Checklist


Web server pen testing performing under 3 major category which is identity, Analyse, Report Vulnerabilities such as authentication weakness, configuration errors, protocol Relation vulnerabilities.

1. “Conduct a serial of methodical and Repeatable tests “ is the best way to test the web server along with this to work through all of the different application Vulnerabilities.

Active Directory - DNS and DHCP Security Checklists - Basic

 

Active Directory 

• Review the domain controller disk space reports.
• Backups of – AD, backup includes capturing system state, information related to AD database, logs, registry, boot files, SYSVOL and other system files.
• Evidence for AD replication is working correctly.
• Snapshot of event logs for persistent errors.
• Is defragmentation is done to increase performance as large directories running for long time can get large and fragmented.
• Proof of integrity of AD DS database files with respect to AD semantics using NTDSUTIL.
• Where password files are kept and who is responsible.
• Is there any formal method exists for adding new users?
• Is there any formal method of notifying the Administrator of staff changes exists, with access levels being amended without delay (particularly if staff are required to leave the organisation)?
• Any formal mechanism exists for changing users / access rights to the files.
• What is the User account/ID lockout due to invalid passwords attempts
• Are the IT Administrator users are also complying with these policies and IS there any generic IDs created in Active Directory?

Singapore leads the world in cyber attacks

More cyber attacks are launched from Singapore than anywhere else in the world, according to a report from Israeli data security firm Check Point Software Technologies.

The small Southeast Asian country has overtaken Russia, China and the US as the top attacking nation.

Eying Wee, Check Point's Asia-Pacific spokeswoman, told Bloomberg that it was not unusual for Singapore to be featured among the top attacking countries as much of the internet traffic flowing through Singapore doesn't actually originate there.

46,000 new phishing sites are created every day

An average of 1.385 million new, unique phishing sites are created each month, with a high of 2.3 million sites created in May. The data collected by Webroot shows today’s phishing attacks are highly targeted, sophisticated, hard to detect, and difficult for users to avoid. The latest phishing sites employ realistic web pages that are hard to find using web crawlers, and they trick victims into providing personal and business information.

Finally Kaspersky Security Softwares Ban to Use all US Government Agencies

Finally, US Government Decide to Bans all the Kaspersky  Security Software Products that is using by United States federal agencies since a lot of Spying Activity Controversy against the Kaspersky Products.

Kaspersky is Moscow, Russia Based Leading Cybersecurity Firm who Provides Many Security Products such as Anti-Virus, Internet Security, Endpoint Security, Cloud Security which claims to have 400 million users worldwide.

Department of Homeland Security (DHS) Release Immediate Order to Federal Executive Branch departments and agencies to take actions related to the use or presence of information security products, solutions, and services supplied directly or indirectly by AO Kaspersky Lab or related entities.