You’ve all been there before. You’re having dinner with friends and out come the baby pictures. Inevitably, you are listening to a set of parents who are gushing about the fact that their child is the next Fabio or Christy Brinkley and THEN you see the picture…
Well, I find myself in the position today of being the doting parent. Only in this case, the “child” is a major overhaul of our flagship product, BOUNCER V6.0. With this new release the “child” has grown into an adult. You’ll have to pardon my metaphor here, but I believe building a product is, in many ways, like watching your kid grow up. With V6, we’re realizing the vision we developed for the product when I joined CoreTrace more than 3 years ago. ( Read More… )
I just posted a video walking through the stuxnet exploit and how it can impact endpoints simply by viewing the site and how a strong application whitelisting solution like BOUNCER stops this.
This attack is a good illustration of a vulnerability that affects all versions of Windows and was specifically targeting SCADA environments. More specifically it affects any systems that use shortcuts.
While antivirus companies scramble for a fix to the latest threat of the day, it seems to make more sense to look for security solutions that defend against these sorts of attacks proactively.
On July 13, 2010 Microsoft ended its support of Windows 2000-based systems. This week, Gartner Analyst Neil MacDonald detailed the options available to organizations who may still be using Windows 2000:
Migrate to a newer and supported operating system
Pay Microsoft for a Custom Support Agreement (CSA), running $50,000 per quarter
Pay Microsoft for Custom Support Essentials (CSE), to receive critical security fixes
Continue using Windows 2000-based systems without new patches
For many organizations, the first three options are time intensive and extremely expensive, but they feel concerned about running legacy systems without ongoing security patching. If your organization feels the need to continue to run Windows 2000, application whitelisting, such as our CoreTrace BOUNCER solution, may be exactly what your company needs. ( Read More… )
Each week seems to present a newly discovered strain of malicious code targeting a high-profiled corporation or system vulnerability. This week is a malware program targeting Siemens WinCC SCADA systems, which hides on USB storage devices and uses a Microsoft security breach before activating a Trojan. While Siemens is taking necessary precautions to inform customers about the potential risks of the virus, its recommendation to use traditional virus scan programs from companies like Trend Micro, McAfee, and Symantec makes me wonder whether this is really an effective solution at all.
First, while Siemens says these security solutions can detect the Trojan, then why wasn’t it stopped by customers using such antivirus software in the first place? Since there has not been an example of malware targeting control systems to this point, in all likelihood even if the antivirus was fully updated the Trojan would have got there anyway.
Second, if their customers weren’t using such security solutions, then why in the world not? ( Read More… )
There’s been much debate about the National Security Agency’s program, “Perfect Citizen,” which is designed to protect the country’s most widely used and critical infrastructure such as electric grids and nuclear-power plants from emerging cyber attacks. While one camp says monitoring systems is an intrusion into domestic affairs, another sees it as an important step for combatting impending security threats that could cause significant damage to our government, citizens, and national economy. In either case, it is not an actual, proactive solution to securing our critical infrastructure. ( Read More… )
Questions? Leads on topics? Ideas for improvement? Or just want to open up a dialog and chat with us about — whatever? We want to hear what you have to say!