Tag Archive for: Threat Management

iTunes Accounts Hacked? or, Something Worse?

/1 Comment/in , , , /by

So perhaps only a few have heard about the July 4th news story reporting that several iTunes accounts (30 accounts ??) across the globe were compromised by the developer of an application (or several apps).

The story alleges that iTunes was hacked and several user accounts were compromised by an application developer who exploited peoples’ iTunes accounts to purchase his applications, so much so that it elevated him to the top in his applications’ category. Now, i would suggest that more that 30 accounts would have to be involved to elevate an app to the top of its category, but that’s beside the point. It is likely that there are more accounts involved, some go not reported, some completely oblivious to their losses.

Read the story for yourself….

I’m not so convinced that iTunes was hacked by some thief brute forcing username/password combinations to crack 30 accounts out of millions. While it is entirely possible that Apple could be hacked and that data could be stolen in bulk, I think there are some alternative ideas that should be considered. Read more

Cyber attacks, they occur more often than you think!

/0 Comments/in , , , /by

Cyber attacks have become a ‘weapon of choice’ for many terrorist organizations. Cyber attacks can be launched from anywhere in the world that has Internet access, are often untraceable, and have the potential to wreak havoc on our financial and economic systems, defense networks, transportation systems, power infrastructure, and many other essential capabilities.

Although not widely publicized, cyber attacks occur routinely. Within the State of Texas, a major computer security incident with significant financial and operational impact is an annual event for most organizations, including state government entities. In fact, state entities reported a daily average of almost 575 security incidents in fiscal year 2009, including malicious code execution, unauthorized access to data, and service disruptions. Most of these attacks are blocked, prevented, or result in only minor disruptions.

Between January 2005 and August 2009, Texas-based organizations reported 105 incidents involving privacy data; 43 of these incidents were government-related (universities, cities and counties, and state agencies). These 105 incidents exposed over 3 million records, with the cost estimated at an all-time high of $202 per record exposed, totaling $606 million dollars to recover from the attacks. This is why it is imperative for organizations to have a “multi-layered” approach to security to ensure these attacks remain unsuccessful or only do minimal damage and disruption.

Why is it even more important to have an IR plan than a DR plan?

/0 Comments/in , , , /by

Virtually every organization has a DR (disaster recovery) plan in place as they should. However, most organizations don’t have a detailed IR (incident response) plan in place for when their IT systems are impacted by malicious behavior from either external or internal causes.

Why is it potentially more important to have an IR plan in place vs. a DR plan? The answer is simple, statistics. According to several creditable sources, the percentage of companies in the United States who experienced an IT incident in 2009 related to a directed malicious attack from either an external source (malware, etc.) or internal source (privileged user, disgruntled employee) was 49% compared to less than 10% of organizations who actually activated and used their DR plan.

Over the last few years we, at PathMaker Group, have seen the number of incidents, and the impact from those incidents, dramatically increase in number and impact (both downtime and financial). Suprisingly, most organizations still don’t have a defined Incident Response team and procedures to address these issues in a timely fashion to reduce downtime and financial impact. Read more

We have the coolest security technology partners!

/1 Comment/in , , , /by

Recent press supports our direction on selecting leading edge security technology partners. Not long ago, NetWitness found the most invasive Netbot in recent history.

Now our cloud-based monitoring solution partner, Alert Logic, discovered a serious bug with Facebook.

IDG reported “Facebook is fixing a Web programming bug that could have allowed hackers to alter profile pages or make restricted information public.

The flaw was discovered last week and reported to Facebook by M.J. Keith, a senior security analyst with security firm Alert Logic. Read more

Security as a Service (SaaS) Model?

/0 Comments/in /by

For clients who have limit capital expense budgets, we’ve created a suite of services to help clients meet the challenge of limited budget and need to maximum security solution benefit. With services in log management, threat management, file integrity management, vulnerability management, wireless devices security management and 24/7 monitoring, we’ve effectively resolved eight of the most challenging Payment Card Industry (PCI) requirements.

Instead of spending several hundred thousand dollars and even more in additional personnel, and equipment rack space among other things to launch these products yourself, why not consider our SaaS model where for just a few thousand dollars per month, you get the benefits of a latest technology, reduced work for your personnel, and greatly improved security operations server.

In traditional outsourcing models, the customer gives up visibility and control to their inner operations. Not in our model! You can have as much access, full control, and visibility to everything that our Security Operations Center sees. We’ll just handle it around the clock!

Kneber botnet – update

/2 Comments/in /by

Last month, our trusted partner, NetWitness, discovered the Kneber botnet, a dangerous new ZeuS botnet that infected over 75,000 systems in 2,500 organizations around the world. The full story is in the link below.

Kneber Botnet

And, we just received more follow-on information from an RSA report that shows most major U.S. corporations (up to 88 percent of the Fortune 500 companies) are likely affected by botnet activity from computers compromised by the Zeus data-stealing Trojan, according to the study released last Wednesday, 14-April-2010. For more information on this report, please see the link below.

Zeus Data Stealing Trojan

PathMaker Group offers a complete lineup of services and solutions in response to this serious issue. We can assess your network, determine if your systems are infected by Kneber/Zeus, and help you take the appropriate steps to remove it and prevent it from coming back. Call us immediately if you feel like your business is experiencing malware or worm attacks.

Review Us at favecentral.com