When it comes to virtualization security, there are many things that people don’t even know are problems, or don’t even know they need to address. In our recent webinar, “10 Things You Don’t Know about Virtualization Security”, IANS faculty member and Voodoo Security founder, Dave Shackleford, and CoreTrace’s CTO and founder, Dan Teal, provided their unique perspectives on things that often get left out of the picture when securing a virtual environment, and examples of how the scale of virtualization can blindside an organization before they even know what hit them.
Some of the issues they explored include:
1. You have more virtual systems than you know: Virtual sprawl is the ability to rapidly provision systems. However, it can also increase vulnerabilities such as unknown systems that aren’t properly patched or kept up with from a configuration or security standpoint. Understanding everything in your environment is a major problem in the virtual world. It’s really all about inventory, and keeping up with systems and making sure you’ve got change management in place.
Continue reading this post…
Computer hackers by and large focus on the weakest link of an organization’s security system. Whether it’s an unprotected server, a newly discovered system vulnerability, or an unsuspecting employee’s computer that is connected to the corporate network, cyber criminals are experts at sniffing out the weakest link.
On the surface, this week’s breach of 90,000 military e-mails and password hashes may look the same. After all, the hackers claiming responsibility for the break-in did so through an unsecured server in a network that basically had no security measures in place. What’s different about this attack, however, is the exploited server was not the military’s. The server belonged to government contractor, Booz Allen Hamilton. In other words, this criminal strategy went beyond the walls of an organization’s own network defenses.
In the case of the Epsilon security breach, where millions of customer email addresses were compromised, hackers targeted a single entity to steal private data on many of the marketing giant’s big-name customers like Chase, Citi and Target. The Booz Allen hack reverses that scenario. Instead of going after one to get to many, cyber criminals targeted multiple entities to get to one. Continue reading this post…
As hackers get better at breaking into networks and compromising data, IT security experts continue to debate the best ways to defend their systems against highly targeted malware attacks. In the PCWorld article, “How to Stop Hack Attacks In One Easy Step: Whitelisting,” InfoSec pro Tony Bradley highlights some of the key differences between application whitelisting and traditional blacklist-based defenses. Let’s review those difference, but then I want to make the case for Total Application Control (TAC)–a blending of the best of both approaches. Continue reading this post…
When it comes to protecting network endpoints against more cunning and deceitful modern malware attacks, deploying proven security tools to prevent malicious code from exploiting your system is job #1. Unfortunately, the cat-and-mouse game between IT security professionals and hackers is not easily won, if ever won at all. The key, of course, is to stay one step ahead of your adversary at all times.
That said, what continues to baffle me is the ongoing practice of re-applying beatable security technologies to evolving malware, and expecting a different outcome. Continue reading this post…
No one will argue that deploying security updates is important, but a recent exploit showed the difference between having a patch available and actually implementing it (again). Today’s reality is that hackers are far quicker to exploit known vulnerabilities than users are to patch them.
In the article, “Hackers move fast to exploit just-patched IE bug,” Symantec reported that after Microsoft issued a patch for 11 bugs in Internet Explorer last week, active attacks were spotted on one of the “patched” vulnerabilities just three days later. Although the vulnerability has seen limited attacks at this point, it is another in a long line of examples that demonstrate why enterprises need multiple layers of protection–most of which truly need to be completely out of the hands of users. Continue reading this post…