(ISC)2 FREE Half-Day CAP® Credential Clinic

/0 Comments/in /by

(ISC)2 FREE Half-Day CAP® Credential Clinic

Sponsored by SAS & GTRA

November 14, 2013 | Arlington, VA

(ISC)2 is the global, not-for-profit leader in educating and certifying information security professionals throughout their careers with Gold Standard certifications and world class training.

Since the CAP (Certified Authorization Professional) certification has been included in the DoD 8570 job category matrix in the IAM Levels I and II, it is becoming a must for professionals with job functions such as authorization officials, system owners, information owners and information system security officers.

The CAP Credential Clinic is designed to demystify the CAP exam and cover everything you need to help make your studies more productive. This session is designed to walk you through the requirements of the exam, outlining the major topics and sub-topics of the CBK® domains, and provide an insight into two domains. The session will also cover a suggested reference list, including the most up-to-date NIST documents, including 800-37 and 800-53a, and OMB circular A-130. To learn more about the CAP certification please visit the (ISC)2 website or sign up for the free CAP Webcast Series.

Location & Registration:
Join us on Thursday, November 14th at SAS, 1530 Wilson Blvd, Rooms #805 & 807, Arlington, VA 22209.  There are two sessions available for your convenience. Each session is 4 hours long. Registration is free. Please reserve your seat now, space is limited!

 

(ISC)2 Free Half-Day CAP Credential Clinic at SAS
November 14, 2013 8:30am-12:30pm Arlington, VA
November 14, 2013  1:30pm-5:30pm  Arlington, VA  

 

Who Should Attend?
The ideal candidate should have experience, knowledge and skills in the following areas:

  • System authorization
  • System development
  • Information security policy
  • Security control testing
  • Information risk management
  • IT security/information assurance
  • NIST and OMB requirements
  • Technical or auditing experience within government, the U.S. Department of Defense, the financial or healthcare industries, and/or auditing firm

Sponsored By:



 

SAS is the leader in business analytics software and services, and the largest independent vendor in the business intelligence market. Through innovative solutions delivered within an integrated framework, SAS helps government leaders pull together consistent and reliable data from multiple sources and use it to predict what will happen and why. Departments and agencies can better understand their internal operations, constituents and suppliers through business analytics provided by SAS. Please visit the SAS website for more information.

Parking & Transportation:
For convenience we recommend using the Washington metrorail, the closest metro stop is the Rosslyn Station. For attendees planning to drive, Colonial Parking Garage is open 7 a.m. to 7 p.m. The SAS Arlington Regional Office is located in a high-rise, directly across from Safeway. All visitors, must sign the visitors log at the receptionist desk.

Security Flaw In Chrome May Leave Users’ Personal Information At Risk

/0 Comments/in /by

A very interesting article about how Google Chrome can be a risk to user personal information written by Tim Wilson at DarkReading.com:

Security flaws in Google Chrome could enable attackers to capture personal data stored in the browser’s history files, researchers said Friday.

In a blog posted last week, researchers at security firm Identity Finder outlined methods for accessing personal data from Chrome’s History Provider Cache, even if the data has been entered on a secure website. Some data also may be accessible through Chrome’s Web Data and History databases, the researchers say.

The researchers found flaws in Chrome’s SQLite and protocol buffers, which sometimes store personal information such as names, email addresses, mailing addresses, phone numbers, bank account numbers, Social Security numbers, and credit card numbers.

“Chrome browser data is unprotected, and can be read by anyone with physical access to the hard drive, access to the file system, or simple malware,” the blog states. “There are dozens of well-known exploits to access payload data and locally stored files.”

The vulnerabilities in Chrome have been known for some time, but the researchers say that their proofs of concept are the first to demonstrate the ease with which attackers could access and steal personal information.

“By connecting the dots, we hope to educate all Chrome users that Chrome stores sensitive data unencrypted, alert users of the risks of stored Chrome data, and encourage individuals and enterprises to engage in sensitive data management best practices,” the blog says.

Read the rest here.

What is Two-Factor Authentication?

/0 Comments/in /by

An interesting article by John Shier at NakedSecurity:

This October is National Cyber Security Awareness Month (NCSAM).

So I thought I would write my inaugural Naked Security article on a topic near and dear to my heart: two-factor authentication.

What is two-factor authentication?

It is an authentication process where two of three recognized factors are used to identify a user:

  • Something you know – usually a password, passcode, passphrase or PIN.
  • Something you have – a cryptographic smartcard or token, a chip enabled bank card or an RSA SecurID-style token with rotating digits
  • Something you are – fingerprints, iris patterns, voice prints, or similar

Two-factor authentication works by demanding that two of these three factors be correctly entered before granting access to a system or website.

So if someone manages to get hold of your password (something you know), they still will not be able to access your account unless they can provide one of the other two factors (something you have or something you are).

For example, at Sophos we use secure tokens with rotating six-digit codes to remotely access internal systems. Every time I want to establish a VPN session, I need to provide my username, a password and the six digit code appended to a PIN.

At home I use similar methods to access many online and personal resources. In the last year, many social media sites, including Facebook, Twitter and LinkedIn, have all added some sort of two-factor authentication.

Many of these sites employ SMS code verification. This is where, in addition to correctly entering your password (something you know), you must also correctly enter a numeric passcode sent to your mobile phone via SMS (something you have).

The availability of mobile network service and the unreliable nature of SMS can make this difficult, however.

Some services allow you to use an authenticator app in addition to your password which present you with a different numeric one-time password (OTP) for each service that you register with the app. Both Google and Windows make these apps freely available in their respective stores.

Read the rest here.

The C.I.A. Triad or C.I.A. Triangle and Other Security Concepts

/0 Comments/in /by

Information security is the method of providing confidentiality, integrity and availability to data, information, applications and equipment for those who needs it. The key concept to providing such a level of protection falls on the concept of The C.I.A. triangle which consist of:

  • Confidentiality
  • Integrity
  • Availability

Confidentiality of information ensures that only those with sufficient privileges may access certain information. To protect the confidentiality of information, a number of measures may be used including:

  • Information classification
  • Secure document storage
  • Application of general security policies
  • Education of information custodians and end users

Integrity is the quality or state of being whole, complete, and uncorrupted. The integrity of information is threatened when it is exposed to corruption, damage, destruction, or other disruption of its authentic state. Corruption can occur while information is being compiled, stored, or transmitted.

Availability is making information accessible to user access without interference or obstruction in the required format. A user in this definition may be either a person or another computer system.

Over time the list of characteristics has expanded to other key and important concepts, but The C.I.A. Triangle remain central core of Information Security. Some of the other key concepts of Information Security are:

  • Privacy – Information is to be used only for purposes known to the data owner.
  • Identification– Information systems possesses the characteristic of identification when they are able to recognize individual users.
  • Authentication – Authentication occurs when a control provides proof that a user possesses the identity that he or she claims.
  • Authorization – After the identity of a user is authenticated, a process called authorization provides assurance that the user (whether a person or a computer) has been specifically and explicitly authorized by the proper authority to access, update, or delete the contents of an information asset.
  • Accountability – The characteristic of accountability exists when a control provides assurance that every activity undertaken can be attributed to a named person or automated process.

Understanding these concepts and the controls that are associated with each will provide the security/system administrator with the proper capabilities to protect their organization.

MIRcon 2013 – New Keynote Speakers Announced

/0 Comments/in /by
Location: JW Marriott Hotel, 1331 Pennsylvania Avenue NW
Washington, DC 20004
Date: November 5 & 6, 2013
Less Than One Month Until MIRcon 2013!
We’ve been busy making sure that this year’s conference is the best one yet and look forward to welcoming you to MIRcon 2013 in just a few weeks. Here’s some information on the latest additions to the agenda and a few tips to make sure that you get the most out of the conference.

  • Former FBI Director, Robert Mueller to Deliver Keynote: Robert Mueller began his tenure as Director of the FBI in the week preceding the attacks of Sept. 11, 2001 and served in the role for more than a decade until he stepped down in September. His address to MIRcon attendees will cover “The Growing Cyber Security Threat”.
  • General Michael V. Hayden to Deliver Keynote: Michael Hayden, formerly served as the Director of the Central Intelligence Agency (CIA) and the National Security Agency (NSA). His keynote will include a range of issues in cybersecurity, from the current threat landscape to promising developments in technology and policy.
  • New Training Classes Added: Looking to expand your skills? Register for our Hunting With MIR or Enterprise Incident Response training classes, which take place on November 7th & 8th.

Session Highlights
In addition to presentations by Mandiant, we’ve got two tracks featuring experts and practitioners from Lockheed Martin, GE, ITT Exelis and many other organizations. For an overview of the Technical Track and the Management Track watch interviews with the track chairs.

Technical Track Overview

Management Track Overview

Download the MIRcon 2013 Mobile App
We’ve added a new smartphone app to help you plan your agenda and keep up with everything at the conference once you are on site. You can find it in the iTunes App Store and the Android Market.

Do you have friends or colleagues who haven’t registered yet? Advanced Registration ends in 1 week. Make sure register by October 15th to secure their spot at MIRcon at the Advanced Registration Rate of only $665.

Still Need a Hotel Room?
If you haven’t booked a hotel room at the JW Marriott you can still book online and receive the conference rate until October 14th.
Do you have colleagues coming? Register three attendees and receive one free registration.

Register to Attend

Blackhole Suspect Arrested in Russia

/0 Comments/in /by
Jim Finkle and Joseph Menn Reuters

Russian authorities have arrested a man believed to be responsible for distributing a notorious software kit known as “Blackhole” that is widely used by cybercriminals to infect PCs, according to a person familiar with the situation.

A former Russian police detective in contact with Russia’s federal government told Reuters that the suspect, who is known in hacking circles as “Paunch,” had been arrested. He provided no details.

Blackhole is a piece of malicious software that hackers install on Web servers that then automatically infect personal computers when users visit a tainted site.

It contains an arsenal of tools for attacking PCs, each of which leverage vulnerabilities in computers. It probes potential victims looking for a way in, then attacks when it finds a weakness.

Once they are in, cyber criminals typically install other, more specialized programs on the computers of their victims. They include tools for engaging in identity theft and selling fake anti-virus software.

Security experts say that Blackhole’s developers regularly update the product so that customers can exploit the newest vulnerabilities uncovered in PCs. The ones most widely exploited include Microsoft’s Windows and Internet Explorer, Adobe Systems’ Reader and Flash, and Oracle’s Java software.

Officials in Russia could not immediately be reached for comment on the arrest.

A spokesman for Europol in the Hague said that the European crime-fighting agency “had been informed that a high-level suspected cybercriminal” was arrested in Russia. He declined to elaborate.

Russian cybercriminals who confine themselves to attacking targets in other countries are rarely arrested, so the capture of Paunch was cause for some celebration among security researchers.

Not all of those arrested are ultimately convicted, however, and even some convicted of stealing millions of dollars have been released on probation.

Russia has one of the largest pools of talented hackers and an advanced underground economy that unites customers and programmers with those who control networks of compromised computers and can install new malicious programs at will.

( Additional reporting by Anthony Deutsch; Editing by Tim Dobbyn) 

Copyright 2013 Thomson Reuters.