Feb 11 2021
Cost Effective Cyber Security
DISC InfoSec provides cost effective Cybersecurity: CISO as a Service (CISOaaS)
A Chief Information Security Officer (CISO) is an executive responsible for cybersecurity. Many medium-sized organizations need a CISO but don’t have the budget for one. A Fractional CISO/ vCISO can deliver the value of a full-time CISO without the same level of investment.
Why do you may need one?
- Lower your organizational cybersecurity risk with industry expert leadership.
- Supplement your team with InfoSec program, policy and process experts to solve your most pressing needs.
- Prioritize your cybersecurity investments with quantitative decision making.
- vCISO for your Interim CISO needs.
- vCISO program can put you on a path to success with your compliance initiatives, such as a NIST CSF compliance or ISO 27001 certification.
DISC InfoSec also performs technical control assessment such as (Web Application testing) which is imperative to your compliance and ISO 27001 certification process.
In short, as a CISOaaS we do all the legwork so you can focus on running your business.
Our vCISO advisory services are available to support the security/ technology leadership of your organization to implement and improve security and risk posture in today’s heightened security averse landscape.
If you are interested to know more about how can we assist you in your latest InfoSec and compliance project, schedule a short call on our calendar.
Latest DISC InfoSec blog feed
Chief Information Security Officer
Contact DISC InfoSec for any question
Feb 11 2021
Is your business ready for the new world?
There is light at the end of the tunnel with Covid-19 and businesses will need to be ready for whatever it may bring. Perhaps not a business as usual or will it be a case of your customers may want to reduce their vendors and their services. In 2021 customers may want to do business with a vendor who secures their information and have a better chance of surviving disaster.
Embracing an ISO standard (ISO 27001/2) can help differentiate you from your competitors and show you as a business that can cope in this new world, using ISO standards as foundation will show the world what type of company you are, doing security stuff more efficiently, as well as effectively.
Working with DISC InfoSec who have 20 years’ experience in helping Businesses in the USA to successfully achieve ISO Certification by:
- Advice and Guidance throughout the implementation and certification process
- Risk assessment of existing Management System and Gap Analysis
- Design, build and assess a tailor-made compliant ISO Management System
- Write up all the Policies, Procedures and Flowcharts
- ISMS manual with all the relevant clauses
- Internal Auditor Instructions and training if required
- Registration and Certification with a certificating Body of your choice
At DISC InfoSec we use International Register of Certificating Auditors (QSA/BSI) qualified Lead Auditors to carry out your implementation to ensure successful Certification.
DISC InfoSec ISO 27001 Assessment
DISC InfoSec ISO 27001 Consultants
Contact DISC InfoSec for any question
ISO 27001 implementation Titles
Feb 11 2021
Top 10 events and conferences in cyber
Knowing which events to go to can be a bit of a minefield and the pandemic hasn’t helped matters. Remember when we could meet face-to-face and network? Seems like a long time ago. Despite this fact, the importance of conferences is vital for any industry and organisers are doing their upmost to ensure we are not deprived of the many opportunities these events can bring. Thankfully, most events have been made virtual and so the discussion and innovation of cybersecurity can continue. While there are hundreds of events to choose from, here is the IT Security Guru’s pick of the top 10 cybersecurity conferences that you shouldn’t miss, regardless if they are virtual or not:
RSA Conference
Virtual
May 17-20, 2021
Feb 11 2021
Digital Security and 5G Security Architecture
Normal day-to-day life was brought to a halt by the COVID-19 pandemic, which greatly impacted the lives of virtually all people worldwide in unprecedented fashion. As people have stayed home and isolated themselves to avoid contracting and spreading the virus, there has been increased reliance on virtual connectivity due to a sharp increase in remote work and people performing their daily transactions over the internet.
This situation is now leading to an accelerated adoption of 5G architecture, resulting in a 5G-based Internet of Things (IoT) ecosystem. The 5G-based IoT ecosystem is a system of connected devices that reside on the 5G network. The benefits of the 5G network include providing new technology capabilities, allowing for higher productivity compared to previous mobile technologies, transferring and delivering 1,000x higher mobile data volume per area between devices, connecting a higher number of devices with a higher user data rate, providing 10x longer battery life for low power massive machine communications, and 5x reduced End-to-End (E2E) latency.
Due to the increased digital usage and the already existing risks and threats associated with current and previous cellular network technologies, there has been a higher number of data breaches and cyberattacks, with malicious actors taking advantage of citizens and businesses during the pandemic. Some of these identified risks/threats that lead to data breaches and cyber-attacks include:
- Bidding down attacks, which weaken existing authentication mechanisms
- Malicious network connections to networks by rogue user devices
- Pretense of user devices roaming on networks
- Sensitive data vulnerability due to poor data encryption or no encryption
- Higher risk of attackers due to new remote access threats
- Authentication traffic spikes due to acts by malicious actors
Source: Digital Security and 5G Security Architecture
Feb 11 2021
Singtel hit by third-party vendor’s security breach, customer data may be leaked
Singapore telco says it has pulled back all use of Accellion’s file-sharing system FTA and is investigating the impact of a cybersecurity attack, having ascertained on February 9 that “files were taken” and customer data “may have” been compromised.
Singtel says it is investigating the impact of a cybersecurity breach that may have compromised customer data, after it ascertained on February 9 that “files were taken”. The attack had affected a file-sharing system developed two decades ago by a third-party vendor Accellion, which the Singapore telco had used internally and with external stakeholders.
Singtel revealed in a statement Thursday it was notified by Accellion that the file-sharing system, called FTA (File Transfer Appliance), had been breached by unidentified hackers. The telco said the tool was deployed as a standalone system and used to share information within the organisation and with external stakeholders.
All use of the system had been pulled back and relevant authorities, including Singapore’s Cyber Security Agency and local police, were notified. Singtel added that it currently was assessing the nature and impact of the breach, and the extent of data that might have been illegally accessed.
“Customer information may have been compromised,” the telco said. “Our priority is to work directly with customers and stakeholders whose information may have been compromised to keep them supported and help them manage any risks. We will reach out to them at the earliest opportunity once we identify which files relevant to them were illegally accessed.”
Source: Singtel hit by third-party vendor’s security breach
Feb 10 2021
US Response to SolarWinds Hack Has Been ‘Disorganized’: Senators
The U.S. government’s response to a massive hack of government and corporate networks has been “disjointed and disorganized,” according to the leaders of the Senate Intelligence Committee, who are urging the Biden administration to appoint someone to lead the effort.
In a letter made public Tuesday, Democrat Sen. Mark Warner of Virginia, who chairs the committee, and Marco Rubio of Florida, the ranking Republican, said that the federal response to what U.S. officials say was a hack by a Russian intelligence agency “has lacked the leadership and coordination warranted by a significant cyber event, and we have little confidence we are on the shortest path to recovery.”
Experts say it make take months to oust the hackers from government networks, and the senators added that the threat the breach continues to pose to the country demands a single leader “who has the authority to coordinate the response, set priorities, and direct resources to where they are needed.”
Read the full story on NBCNews.com
Subscribe to DISC InfoSec blog by Email
Feb 10 2021
Patch now to stop hackers blindly crashing your Windows computers
There were 56 newly-reported vulnerabilities fixed in this month’s patches from Microsoft, with four of them offering attackers the chance of finding remote code execution (RCE) exploits.
Remote code execution is where otherwise innocent-looking data that’s sent in from outside your network can trigger a bug and take over your computer.
Bugs that make it possible for booby-trapped chunks of data to trick your computer into executing untrusted code are much sought after by cybercriminals, because they typically allow crooks to break in and implant malware…
…without popping up any “are you sure” warnings, without needing niceties like a username and a password, and sometimes without even leaving any obvious traces in your system logs.
With all of that in mind, the statistic “56 fixes including 4 RCEs” signals more than enough risk on its own to make patching promptly a priority.
Feb 09 2021
Beware of technical “experts” bombarding you with bug reports
We’re all appalled at scammers who take advantage of people’s fears to sell them products they don’t need, or worse still products that don’t exist and never arrive.
Worst of all, perhaps, are the scammers who offer products and services that do exactly the opposite of what they claim – making their victims pay up simply to make them even easier to defraud in future.
Well-known cyberexamples of this sort of fraud include:
- Fake technical support incidents. These are the web popups or the phone calls you get out of the blue that report ‘viruses’ on your computer, and persuade you to ‘hire’ the services of an online ‘expert’ to remove them. Often these victims are lonely, vulnerable, and particularly ill-placed to deal with the financial loss. The scammers then target those individuals repeatedly and, in some cases we have heard, with ever-increasing aggression.
Feb 09 2021
How Venturing Into The Shady Side of The Dark Web Will Most Likely Get You Scammed or Arrested
The internet has come to be so developed, complex and ‘intelligent’ that, at present, you could say it is alive (like Skynet or The Matrix predicted?). Billions of people are online, every day, using the internet for work, entertainment, advice, you name it -it’s probably on the internet. We are now in the age of Artificial Intelligence and Big Data (or A.I for short). This period is an evolution, a transformation in the digital industry. Not only are petabytes of data being circulated on the internet (millions of terabytes); with A.I and Big Data all of this data is being put to use. This is effectively teaching the internet about user behavior, increasing the knowledge-base and making the internet into a neural-network able to ‘think’ for itself.
That’s all fine and dandy, but what about the dark side of the internet? Well, the evolution of the internet has spread so wide on countless digital channels and platforms, that the need to regulate and police the internet has risen. On such a vast network, there are countless dark organizations and cybercriminals looking to use the practicality of the internet as a communication tool for illegal activity. This can mean hacking and stealing data in the virtual realm, and it can also translate to the worst kinds of illicit activity imaginable in the physical realm.
So, let’s look at what lies beneath, in the underground world beneath the internet which is called the Deep Web. Then we’ll go even deeper down, and find out why the Dark Web is a dangerous and hostile place.
Feb 09 2021
Microsoft to notify Office 365 users of nation-state attacks
The new security alert will notify companies when their employees are being targeted by state-sponsored attacks.
Since this Saturday, the new alert service was added to the Microsoft 365 roadmap website.
“Nation state threats are defined as cyber threat activity that originates in a particular country with the apparent intent of furthering national interests. These attacks represent some of the most advanced and persistent threat activity Microsoft tracks.” reads the announcement published by Microsoft. “The Microsoft Threat Intelligence Center follows these threats, builds comprehensive profiles of the activity, and works closely with all Microsoft security teams to implement detections and mitigations to protect our customers. We’re adding an alert to the security portal to alert customers when suspected nation-state activity is detected in the tenant.”
Feb 08 2021
Security in the Digital World
This must-have guide features simple explanations, examples, and advice to help you be security-aware online in the digital age. Learn how to: picture\4864.jpeg
* Keep your information secure
* Put the necessary controls on your home network, protecting your family from cyber crime
* Prevent identity theft when shopping online or using contactless payment
* Keep your children safe when using the Internet.
Feb 08 2021
Holistic InfoSec For Web Developers
![Holistic InfoSec For Web Developers: Physical and People (Fascicle 0) by [Kim Carter, Russ McRee, Leanne Carter, Simon Bennetts]](https://m.media-amazon.com/images/I/51YryVRT2sL.jpg)
This book begins by taking the reader to the 30,000′ view, so you can start to see the entire security landscape. I then attempt to explain a very simple threat modelling approach that I believe Bruce Schneier created, called the Sensible Security Model (SSM). We take the learnings from the first chapter and apply them to lower levels. I detail how to setup a security focussed distribution with all the tools and configuration options required for working through the book. We then walk through the Process and Practises that the attacker often execute, and we take the learnings from that and train the defenders on how they can bring the finding of defects from the most expensive place to the cheapest place, within your Sprint cycles.
The rest of the book focusses on the specific area on the cover of this book.
My intention with “Holistic Info-Sec for Web Developers” is in many ways to help you answer your own questions and show you that creating systems and arming people to withstand the types of attacks commonly encountered today is not our of reach of mere mortals. That by simply lifting the lower hanging fruit for an attacker often means they will move on to an easier target. Unless they are specifically targeting you. In which case you should find many of the risks and countermeasures I address, affective for increasing the difficulty for your attacker, and thus dramatically increasing your chances of defence and counter-attack.
Fascicle 0 focusses on:
1. The chosen threat modelling approach
2. Setting up your tool-belt
3. The process of penetration testing
4. A collection of processes and practises formulated from penetration testing, useful for augmenting each and every Scrum Sprint
5. Physical and People security
Holistic InfoSec For Web Developers: Physical and People
Feb 08 2021
Google launches Open Source Vulnerabilities (OSV) database
Google last week announced the OSV (Open Source Vulnerabilities), a vulnerability database and triage infrastructure for open source projects.
The database aims at helping both open source maintainers and consumers of open source projects.
The archive could allow users and maintainers of open-source software to find the vulnerabilities that affect them, providing detailed info about versions and commits impacted by the issues. Maintainers of open source software could benefit of OSV’s automation to reduce the burden of triage.
“We are excited to launch OSV (Open Source Vulnerabilities), our first step towards improving vulnerability triage for developers and consumers of open source software.” reads the post published by Google. “The goal of OSV is to provide precise data on where a vulnerability was introduced and where it got fixed, thereby helping consumers of open source software accurately identify if they are impacted and then make security fixes as quickly as possible.”
At the time of the launch, the database only includes vulnerabilities from OSS-Fuzz (mostly C/C++), but Google plans to add more data sources soon (e.g. npm Registry and PyPI).
OSV already includes information on thousands of vulnerabilities from more than 380 critical open source projects integrated with Google’s OSS-Fuzz fuzzing service.
“OSV is a vulnerability database for open source projects. It exposes an API that lets users of these projects query whether or not their versions are impacted.” reads the description of the project.
“For each vulnerability, we perform bisects to figure out the exact commit that introduces the bug, as well the exact commit that fixes it. This is cross referenced against upstream repositories to figure out the affected tags and commit ranges.”
The OSV database exposes a simple API to query for vulnerabilities, maintainers and users could provide a git commit hash or a version number to receive the list of vulnerabilities that are present for that version.
Feb 07 2021
Experts found critical flaws in Realtek Wi-Fi Module
Critical flaws in the Realtek RTL8195A Wi-Fi module could have been exploited to gain root access and take over devices’ wireless communications.
Researchers from Israeli IoT security firm Vdoo found six vulnerabilities in the Realtek RTL8195A Wi-Fi module that could have been exploited to gain root access and take control of a device’s wireless communications.
The Realtek RTL8195AM is a highly integrated single-chip with a low-power-consumption mechanism ideal for IoT (Internet of Things) applications in multiple industries.
The module implements an “Ameba” API to allow developers to communicate with the device via Wi-Fi, HTTP, and MQTT, which is a lightweight messaging protocol for small sensors and mobile devices.
Realtek supplies their own “Ameba” API to be used with the device, which allows any developer to communicate easily via Wi-Fi, HTTP, mDNS, MQTT and more.
“As part of the module’s Wi-Fi functionality, the module supports the WEP, WPA and WPA2 authentication modes.” reads the analysis published by the experts.
“In our security assessment, we have discovered that the WPA2 handshake mechanism is vulnerable to various stack overflow and read out-of-bounds issues.”
WiFi Security #WiFiSecurity #WiFiVulnerabilities #WiFHacks
« Previous Page — Next Page »
