SecurityOrb_Staff

Web Warriors ~ CBC Documentary

/0 Comments/in /by

Enter the world of hackers and cyber sleuths.

The internet is touted as one of the most important inventions in the history of modern man, and like the discovery of the atom, its ability to benefit mankind is matched only by its potential to unleash massive destruction.

Web Warriors is a one-hour documentary that offers an unprecedented glimpse into the world’s newest and most vulnerable frontier: cyberspace. We enter the world of hackers like Mafia Boy – a 15 year old high school student who rose to infamy in 2000 by causing millions of dollars in damage after single-handedly shutting down internet giants – including Yahoo, Amazon, eBay, Dell, eTrade, and CNN.

We’ll meet hackers like Donnie who goes on a journey into the Russian cyber underground as he searches for the creators of a computer virus with the hopes of collecting the $250,000 bounty being offered by Microsoft.

Just as in nature, computer viruses have rapidly evolved and now have the ability to control millions of computers unbeknownst to their owners, thereby creating massive illegal computer networks known as “Botnets”.

These “Botnets” are being put to a variety of illicit uses including identity theft and cyber extortion, but they are also the latest and most potent weapon being deployed in military conflicts. Web Warriors dissects the massive cyber attack against Estonia in 2007 which virtually shut down the country and resulted in NATO deploying its cyber response team.

Web Warriors offers rare interviews with cyber sleuths from the FBI, the Pentagon, NATO, and the Department of Homeland Security who explain how cyberspace has become the latest battle ground between nation states and how terrorist groups are already plotting their next move.

Web Warriors offers a fast-paced never-seen before glimpse into the cyber trenches of a world wide battle. Some reports say the cost of cyber crime is now on par with the illegal drug trade.

Web Warriors was produced by Edward Peill for Tell Tale Productions Inc.

admin

CNBC PRESENTS “CODE WARS: AMERICA’S CYBER THREAT”

/0 Comments/in /by

CNBC ORIGINAL TAKES VIEWERS INSIDE THE THREAT TO NATIONAL SECURITY, BANKING AND INFRASTRUCTURE One-Hour Documentary Reported by CNBC’s Melissa Lee to Premiere on CNBC

 

 

SecurityOrb_Staff

Cyber Attacks Hit Wells Fargo Website In Latest Security Scare For U.S. Banks

/0 Comments/in /by


By Rick Rothacker

(Reuters) – Wells Fargo & Co on Tuesday became the latest bank to suffer problems with its website amid heightened concerns about cyber attacks against U.S. financial institutions.

The fourth-largest U.S. bank by assets confirmed that some of its customers experienced intermittent access issues on Tuesday. The bank was working to quickly resolve the issues, a spokeswoman said, declining to comment on the source of the problem.

A financial services industry group last week warned U.S. banks, brokerages and insurers to be on heightened alert for cyber attacks after Bank of America Corp and JPMorgan Chase & Co experienced unexplained outages on their public websites.

Wells Fargo’s problems came the same day that an unidentified person on the Internet called on “cyberspace workers” to attack the bank’s site. In a posting on pastebin.com, the person also warned of attacks later this week against U.S. Bancorp and PNC Financial Services Group Inc.

A similar posting last week made threats against Bank of America and the New York Stock Exchange. The poster said the attacks will continue until the film that had stirred up anti-U.S. protests across the Middle East was removed from the Internet.

A U.S. Bancorp spokesman said the bank was aware of the posting and was working closely with law enforcement authorities. A PNC spokesperson did not immediately respond to a request for comment.

Senator Joseph Lieberman, chairman of the Senate’s Homeland Security and Governmental Affairs Committee, said on Friday that he believes Iran was behind the attacks.

Reuters reported on Friday that Iranian hackers have repeatedly attacked Bank of America, JPMorgan and Citigroup Inc over the past year as part of a broad cyber campaign targeting the United States, according to people familiar with the situation.

The attacks, which began in late 2011 and escalated this year, have primarily been “denial of service” campaigns that disrupted the banks’ websites and corporate networks by overwhelming them with incoming web traffic, said the sources.

(Reporting By Rick Rothacker in Charlotte, North Carolina; Editing by Jacqueline Wong)
http://youtu.be/icuilJpR9eI

admin

McAfee Vulnerability Manager Patch 7.0.8 is scheduled for release on September 27, 2012

/0 Comments/in /by

McAfee Vulnerability Manager Patch 7.0.8 is scheduled for release on September 27, 2012.

If FSUpdate is configured to automatically check for Foundstone Software Updates, the appropriate patch will be automatically downloaded and applied. If you do not want to have the patch automatically applied, deselect Foundstone Software Updates from FSUpdate Options. If you want to manually download and apply the patch, log in to http://update.foundstone.com.

For a full list of changes, see the Release Notes in PD24041:
https://kc.mcafee.com/corporate/index?page=content&id=PD24041


Foundstone 7.0.8 Release Notes

  1.   Fixed form authentication using a credential that includes the character “ñ”.
  2.   Fixed FSAssessment crash in the FASLModule.
  3.   Fixed date format specification for the FSUpdate table SQL query.
  4.   Fixed XCCDF Benchmark reports for STIG templates.
  5.   Fixed stored procedure to not delete existing profiles when importing SCAP content.
  6.   Enhanced performance of stored procedure used to retrieve asset data for the scan editor.
  7.   Fixed stored procedure to correctly compute the exclusion list.
  8.   Fixed date conversion error while updating the job state on a British-English SQL Server.
  9.   Fixed the MVM Data Import task invoked by the MVM ePO extension.
  10.   Added host name to email notifications for ticket events.
  11.   Fixed the Vuln Set rule editor to hide the preview button until the editor has completed processing.
  12.   Fixed the workgroup-delete operation to display an error when the delete fails.
  13.   Fixed the role editor to allow the viewing of the complete organization tree.
SecurityOrb_Staff

Introduction to Security Threat Modeling

/0 Comments/in /by

Interesting information about Threat Modeling from AgileModeling.com

Security threat modeling, or threat modeling, is a process of assessing and documenting a system’s security risks. Security threat modeling enables you to understand a system’s threat profile by examining it through the eyes of your potential foes. With techniques such as entry point identification, privilege boundaries and threat trees, you can identify strategies to mitigate potential threats to your system. Your security threat modeling efforts also enable your team to justify security features within a system, or security practices for using the system, to protect your corporate assets.

 

There are five aspects to security threat modeling:

  1. Identify threats.  The first thing to do is to identify assets of interest, you first model the system either with data flow diagrams (DFDs) or UML deployment diagrams. From these diagrams, you can identify entry points to your system such as data sources, application programming interfaces (APIs), Web services and the user interface itself. Because an adversary gains access to your system via entry points, they are your starting points for understanding potential threats.  To help identify security threats you should add “privilege boundaries” with dotted lines onto your diagrams. Figure 1 depicts an example deployment diagram used to explain the boundaries applicable to testing a relational database.  A privilege boundary separates processes, entities, nodes and other elements that have different trust levels. Wherever aspects of your system cross a privilege boundary, security problems can arise. For example, your system’s ordering module interacts with the payment processing module.  Anybody can place an order, but only manager-level employees can credit a customer’s account when he or she returns a product. At the boundary between the two modules, someone could use functionality within the order module to obtain an illicit credit. 
  2. Understand the threat(s).  To understand the potential threats at an entry point, you must identify any security-critical activities that occur and imagine what an adversary might do to attack or misuse your system. Ask yourself questions such as “How could the adversary use an asset to modify control of the system, retrieve restricted information, manipulate information within the system, cause the system to fail or be unusable, or gain additional rights. In this way, you can determine the chances of the adversary accessing the asset without being audited, skipping any access control checks, or appearing to be another user.  To understand the threat posed by the interface between the order and payment processing modules, you would identify and then work through potential security scenarios. For example, an adversary who makes a purchase using a stolen credit card and then tries to get either a cash refund or a refund to another card when he returns the purchase.
  3. Categorize the threats.  To categorize security threats, consider the STRIDE (Spoofing, Tampering, Repudiation, Information disclosure, Denial of Service, and Elevation of privilege) approach. Classifying a threat is the first step toward effective mitigation. For example, if you know that there is a risk that someone could order products from your company but then repudiate receiving the shipment, you should ensure that you accurately identify the purchaser and then log all critical events during the delivery process.
  4. Identify mitigation strategies.  To determine how to mitigate a threat, you can create a diagram called a threat tree. At the root of the tree is the threat itself, and its children (or leaves) are the conditions that must be true for the adversary to realize that threat. Conditions may in turn have subconditions. For example, under the condition that an adversary makes an illicit payment. The fact that the person uses a stolen credit card or a stolen debit/check card is a subcondition. For each of the leaf conditions, you must identify potential mitigation strategies; in this case, to verify the credit card using the XYZ verification package and the debit card with the issuing financial institution itself. Every path through the threat tree that does not end in a mitigation strategy is a system vulnerability.
  5. Test.  Your threat model becomes a plan for penetration testing. Penetration testing investigates threats by directly attacking a system, in an informed or uninformed manner. Informed penetration tests are effectively white-box tests that reflect knowledge of the system’s internal design , whereas uninformed tests are black box in nature. 

 

SecurityOrb_Staff

Iran seen behind cyber attacks on US banks

/0 Comments/in /by
Experts in the U.S. say they believe Iran’s government is behind this week’s cyber attacks on American banks, not hackers who blamed an anti-Islam film. NBC’s Robert Windrem and Jim Miklaszewski have the story.

NBCNews.com: World news