Daily Archives: November 7, 2019

#cybersecurity | #hackerspace | Active Directory Fix-It Guide – Security Boulevard

Source: National Cyber Security – Produced By Gregory Evans

IT admins have long been the unofficial repair technicians of the enterprise. However, instead of hammers and wrenches, the tool kit of the IT admin contains servers, cables, and software tools. Unfortunately, one of the most popular IT admin tools, Microsoft® Active Directory® (AD), isn’t working as well as it used to for many organizations. Here is the Active Directory Fix-It Guide.

Active Directory in Disrepair

Although it was the most powerful identity management tool of its day, AD hasn’t been able to keep up with all of the changes in the IT landscape. Mac® and Linux® systems, web applications, and other cloud-based services are all gaining in popularity. AD was not built with these systems in mind, so trying to manage them through it can prove troublesome.

Platform Breakout

AD was released when Microsoft had a monopoly over the enterprise computer market in the 1990s and 2000s. As such, the directory service was built for a homogenous Microsoft-centric environment and did not generally account for any third-party platforms, applications, or systems.

However, Apple’s macOS® has come into play as one of the top-competing operating systems in recent years, and with more companies putting bring your own device (BYOD) policies into place, there is a greater diversity of platforms in the workplace now than ever before. Linux has seen increased use as well due to its high stability, security, and ease of use. In fact, 23 of the top 25 websites (including Google, YouTube, and Facebook) are running Linux OS for those reasons.  

For enterprises that want to manage this mixed-platform environment, AD can be tricky to work with. Add-ons can make integrating non-Windows systems slightly easier, but most of these third-party solutions come with their own problems and risks — not to mention costs. 

Cloud-based Apps 

Where once nearly all enterprise software was built to be installed on a Windows machine, now cloud-based apps rule supreme. AD syncs with cloud applications like G Suite™ and Office 365, but only if it’s coupled with other tools to extend to the cloud.

For instance, (Read more…)

Source link

The post #cybersecurity | #hackerspace |<p> Active Directory Fix-It Guide – Security Boulevard <p> appeared first on National Cyber Security.

View full post on National Cyber Security

hacker proof, #hackerproof




#infosec | Amazon Doorbell Camera Lets Hackers Access Household Network

Source: National Cyber Security – Produced By Gregory Evans

A vulnerability detected in Amazon doorbell cameras made it possible for hackers to gain access to the owner’s household computer network.

The weakness in the Ring Video Doorbell Pro IoT device was discovered by researchers at Bitdefender in June of this year. Researchers found that the credentials of the local wireless network were being sent through an unsecured channel using plain HTTP during the doorbell’s setup process. 

By exploiting the flaw, an attacker physically near the device could get hold of the doorbell owner’s Wi-Fi password and use it to interact with all the devices in the owner’s household network. 

With the ability to communicate with devices such as security cameras and NAS storage devices, an attacker could access and steal private photos, videos, emails, and documents. It would also make it possible for an attacker to mount man-in-the-middle attacks. 

According to Bitdefender chief security researcher Alexandru “Jay” Balan, the vulnerability could even have allowed a particularly determined hacker to gain physical access to a property. 

Balan told Infosecurity Magazine: “With access to a user’s Wi-Fi password and, implicitly, access to the user’s home network, there’s a lot that can be done since devices are less secure on the inside.

“It’s possible that someone could hack a local system that can output sounds (like a computer or a sound system) and make it say ‘Alexa, open the front door’; however, this is admittedly a stretch.” 

The video doorbell is an immensely popular home security device, with almost 17,000 reviews and more than 1,000 answered questions on the Amazon.com website.

Bitdefender disclosed the vulnerability to Amazon on June 24. Amazon began implementing a fix on September 5, and as of now, all Ring Doorbell Pro cameras have received a security update that fixes the issue.  

This isn’t the first time Bitdefender has found flaws in a security device. 

“We uncovered vulnerabilities in Guardzilla indoor security cameras last year that showed significantly bigger issues,” said Balan. 

“There’s no escaping someone finding security flaws in your products, no matter who you are.”

Worryingly, more than half of vendors alerted to vulnerabilities in their products take no action to resolve them. 

“We actually appreciate Ring’s response. They deployed the patch quickly,” said Balan.

“In more than 60% of the notifications we have sent to vendors we have received no response whatsoever.”

____________________________________________________________________________________________________________________

#infosec #itsecurity #hacking #hacker #computerhacker #blackhat #ceh #ransomeware #maleware #ncs #nationalcybersecurityuniversity #defcon #ceh #cissp #computers #cybercrime #cybercrimes #technology #jobs #itjobs #gregorydevans #ncs #ncsv #certifiedcybercrimeconsultant #privateinvestigators #hackerspace #nationalcybersecurityawarenessmonth #hak5 #nsa #computersecurity #deepweb #nsa #cia #internationalcybersecurity #internationalcybersecurityconference #iossecurity #androidsecurity #macsecurity #windowssecurity
____________________________________________________________________________________________________________________

Source link

The post #infosec | Amazon Doorbell Camera Lets Hackers Access Household Network appeared first on National Cyber Security.

View full post on National Cyber Security

hacker proof, #hackerproof




Gartner Says the Future of Network Security Lies with SASE

Source: National Cyber Security – Produced By Gregory Evans

Network Security SASE (secure access service edge)

Cloud services and networking are driving the concept of digital businesses, yet traditional networking and cybersecurity architectures are far from meeting the demands of the digital business.

Gartner’s “The Future of Network Security Is in the Cloud” report spells out the potential for the transformation of networking and security in the cloud, built upon a new networking and security model. That model is called Secure Access Service Edge (SASE), a term coined by Gartner’s leading security analysts Neil MacDonald, Lawrence Orans, and Joe Skorupa.

Gartner claims that SASE has the potential to invert the established networking and security service stack from one based in the data center into a design that shifts the focal point of identity to the user and the endpoint device.

SASE addresses the numerous problems that have been discovered with traditional cybersecurity methods used in the cloud. Many of those problems have roots with the ideology that network security architectures must be placed at the center of connectivity in the data center.

Those legacy applications of network security cannot efficiently support newer networking ideologies and use cases, such as the shift to dynamic services, software as a service (SaaS) applications, and the growing trend of enterprises needed to work with distributed data.

Traditional network and network security architectures were designed for an era where the enterprise data center was the physical center of access requirements for users and devices. A model that worked relatively well until the push for digital transformation drove new requirements.

With enterprises embracing digital business processes, along with edge computing, cloud services, and hybrid networks, it became evident that traditional networking and security architectures were beginning to fail on multiple fronts.

The overall complexity of traditional architecture introduced problems such as latency, networking blind spots, excessive management overhead, and the need for constant reconfiguration as services changed. The SASE model eliminates those problems by reducing networking complexity and shifting the security process to where it can do the most good, the network edge.

As an emerging, disruptive technology, Gartner has doubled down on the importance of SASE, as evidenced by Gartner’s “Hype Cycle for Enterprise Networking, 2019” report, which presents SASE as so strategic that the technology earned the label “transformational.” The report also establishes sample vendors and the critical elements of SASE.

What Exactly is SASE?

As defined by Gartner, the SASE category consists of four main characteristics:

  • Identity-driven: User and resource identity, not simply an IP address, determine the networking experience and level of access rights. Quality of service, route selection, applying risk-driven security controls — all are driven by the identity associated with every network connection. This approach reduces operational overhead by letting companies develop one set of networking and security policies for users regardless of device or location.
  • Cloud-native architecture: The SASE architecture leverages key cloud capabilities, including elasticity, adaptability, self-healing, and self-maintenance, to provide a platform that amortizes costs across customers for maximum efficiencies, easily adapts to emerging business requirements and is available anywhere.
  • Supports all edges: SASE creates one network for all company resources—data centers, branch offices, cloud resources, and mobile users. For example, SD-WAN appliances support physical edges while mobile clients and clientless browser access connect users on the go.
  • Globally distributed: To ensure the full networking and security capabilities are available everywhere and deliver the best possible experience to all edges, the SASE cloud must be globally distributed. As such, Gartner noted, they must expand their footprint to deliver a low-latency service to enterprise edges.

Ultimately, the goal of a SASE architecture is one of making secure cloud enablement easier to accomplish. SASE provides a design philosophy that eliminates the traditional methods of stitching together SD-WAN devices, firewalls, IPS appliances, and numerous other networking and security solutions. Instead, SASE replaces that mish-mash of difficult to manage technology with a secure, global SD-WAN service.

Available SASE Services

Gartner acknowledges that the SASE market is in flux, with no one vendor offering the entire SASE portfolio of capabilities. Some vendors, such as ZScaler, offer firewall as a service but lack the SD-WAN capabilities (and other security capabilities) required by SASE. Other vendors offer security as an appliance but not in a cloud-native, global network.

About the closest to a functioning SASE service that I’ve seen is from Cato Networks. Cato Networks provides a global private backbone (50+ points of presence (PoPs) at last count). The PoPs run Cato’s own cloud-native architecture that converges networking and network security. The Cato software is a single-pass, cloud-based architecture. All network optimizations, security inspection, and policy enforcement are done with rich context before forwarding traffic onto its destination.

network security software

Cato connects various “edges,” in Cato parlance, by establishing encrypted tunnels to the nearest Cato PoP. The platform connects locations via Cato’s SD-WAN device, the Cato Socket; mobile users via Cato’s client- and clientless access; and cloud resources via Cato’s “agentless” integration. Even third-party devices can be connected by establishing an IPsec tunnel to the nearest Cato PoP.

Identity and access are unified into an easily managed paradigm. That paradigm allows enterprises to focus on security policies, instead of security and networking components, while also supporting the move to a global, distributed architecture, which securely connects all network edges.

SASE: It’s a Lot More than Security Done Right

SASE is much more than a security framework and a new model of networking that flattens the access stack into an easily managed fabric of connectivity with security at its core. That makes a SASE Cloud much leaner since all functions are converged together.

SASE processes traffic faster with less latency while incorporating more context than other networking and security methods. As a software-defined platform, SASE can quickly adapt to change, such as scale or agility driven reconfigurations. SASE also introduces additional network protections, such as the concepts of business continuity, load distribution, and improved uptime.

You can learn more about SASE, by joining to a Gartner-featured webinar, hosted by Cato Networks. In this webinar Gartner analyst Neil MacDonald, one of the creators of the SASE category will cover:

  • What is SASE and why is it emerging today
  • What does SASE mean for networking and network security products
  • What are the building blocks of a true SASE architecture
  • The use cases and capabilities that are part of SASE

Click here to register.

The Original Source Of This Story: Source link

The post Gartner Says the Future of Network Security Lies with SASE appeared first on National Cyber Security.

View full post on National Cyber Security

hacker proof, #hackerproof

#hacking | Simple Yet Effective, Raccoon Malware Making Inroads among Cyber Criminals

Source: National Cyber Security – Produced By Gregory Evans

That’s quite a track record for a piece of malware dismissed by some for having a relatively limited feature set. Despite the reputation issues, Raccoon is a reliable niche weapon that offers a way for nontechnical attackers to get up and running quickly. That’s a big change from the recent past when the biggest risks came from perpetrators who were often more technically advanced than

What’s more, anecdotal testimonials given by traffickers in the underground community suggests that Raccoon’s development team provides reliable customer service. Researchers describe the operation as being responsive with quick replies to questions and comments on underground forums.

It’s still unclear who or what group is behind Raccoon. But there are possible clues about its origins. Once installed, Raccoon connects to a command-and-control server that steals information from the victim machine – but not if it detects language settings on the device set to some eastern European langues. If Raccon finds a match, the malware will abort. 

Raccoon doesn’t include a keylogger – for now, though that may soon change. Raccoon’s development team has responded to forum requests with hints they may include a keylogging future in the near future.

Source to this story.

The post #hacking | Simple Yet Effective, Raccoon Malware Making Inroads among Cyber Criminals appeared first on National Cyber Security.

View full post on National Cyber Security

hacker proof, #hackerproof