TrustCC helps banks and credit unions navigate many kinds of IT threats. One of the most interesting threat vectors in recent years is “Scareware,” a pop-up window that displays a warning stating a victim machine is infected with some sort of virus or spyware, even though it is not.
Such programs are extremely widespread and are increasingly used by cybercriminals. Read the rest of this entry ?
This week we hacked a bank using an exploit that takes advantage of a vulnerability in Symantec’s Enterprise Anti-Virus Product (nerds say SYM09-007). And when we say hacked we are not talking about getting access to someone’s iTunes library. We were able to gain full domain admin privileges (equivalent to “god-like-privileges” in the Windows world). And with these privileges we were able to access any system in the domain and steal/change/delete all data. This week’s breach demonstrates that keeping Windows up-to-date is only a part of the solution.
You see, the bank we hacked this week was fully patched with regard to Windows. Read the rest of this entry ?
At both last week’s Washington Banker’s Association (WBA) Technology Conference and this week’s WBA Compliance Conference I presented on the emerging threat of nefarious banner ads. To reinforce the topic I thought I’d insert a little news clip from this week’s information security headlines:
Banner ads can be nasty!
The solution… Read the rest of this entry ?
With the second phase of the Novel A (H1N1) influenza virus (commonly known as Swine Flu) coming over the horizon, we thought it would be great timing to give a few tips and pointers for your Business Continuity pandemic event planning and process. We know that some of the ideas listed may be a little farfetched for your organization so rather than using these items as a to-do checklist, think of them as discussion topics for your next BCP planning/testing session. Read the rest of this entry ?
As the size of a Community Financial Institution grows, so will their network environment. And with larger networking environments come a greater number of risks associated with protecting sensitive Organization and customer/member information. Many IT Managers focus on protecting their internal networks from the outside. If you followed one of our Network Security Consultants for a week you would see that many efforts are not in vain. However, it is proven that a large percentage of attacks originate from the inside. In a larger sized organization where resources allow for greater segmentation, we recommend the use of a Network Enclave (sometimes referred to as a Security Enclave). Read the rest of this entry ?
When it comes to security assessments, each vendor has their own methodology for performing an analysis. Unlike TrustCC, many vendors rely solely on commercial applications or appliances that perform automated scans of systems using pre-built templates. Most of these applications require domain administrator privileges within the subject environment. In many cases, the results of those automated scans are given to the client as a security assessment report and in some cases the reports are not reviewed or validated, thus leaving the client with a false sense of security or insecurity. Read the rest of this entry ?
Most TrustCC clients have active and effective patch management programs. We have certainly encouraged, both through our audits and our blog posts, that everyone actively patch with as aggressive a schedule as you can manage. Today’s news however, points us to a flaw that we commonly find in our client’s patch management programs. Many clients are singularly focused on Microsoft patches and fail to stay on top of other third party products.
Third party products are equally critical. Case in point, a security research firm studying cyberattacks in the first 6 months of 2009 recently reported that 43% of the 1500 attacks identified by the firm (F-Secure) were attributed to Adobe Reader. Read the rest of this entry ?
Ever thought about what really happens to your files after you empty your recycle bin? Are they really deleted forever? What about a flash drive that once held sensitive customer/member information? Would you believe us that any data stored to that flash drive could potentially be recovered? Read the rest of this entry ?
As an IT audit and penetration testing firm, one of the key areas we see as deficient in most organizations is system hardening, specifically pre-deployment hardening procedures. These procedures provide guidelines to securing computer systems prior to installation for official business use. It is sometimes difficult to determine why organizations may not have hardening procedures. Read the rest of this entry ?
At nearly every presentation we give, there is always at least one or two people that ask us about wireless security. So we thought we’d write about it.
Wireless is a GREAT convenience and with a few basic steps, you can ensure that it is reasonably secure from hackers and / or bandwidth thieves. I’d like to address two different aspects of wireless communications in this post: business and home. Both have their unique requirements and should be configured differently – unless of course, your home is also your business. Read the rest of this entry ?
You are currently browsing the archives for the Security Best Practices category.
