Cyber Access Control | MFA Enterprise Password Management | Access Smart

Archive for malware

Are you an SEO Cyber Mule? I was.

Cyber MuleAn SEO Cyber Mule or SEO Hack is when unauthorized links are embedded into your website without your knowledge for the sole purpose of increasing Google rankings. For Google to increase a site rankings they look for the number of one-way backlinks. That’s why the hackers do it. In most cases these links are to pornographic movies, material and services that have nothing to do with your business. These links are positioned so they don’t actually appear on the webpage, but Google can still see them when they send in the spiders. So why is this problem?

Other than the obvious reason that someone has injected code into your site without your permission, the bigger issue is that if Google discovers these links and deems them inappropriate, your site will be blacklisted. Blacklisting is when Google and other search engines no longer index your site. When someone is searching using your keywords, your site will never come up.  Google often never informs web owners that they have been blacklisted, and the effort to get off the list can be very time consuming. Read More→

Chicken Little Warns About Network Access Authentication

Network Access Authentication

Copyright: Walt Disney Productions

USB Smart Card Readers for Network Access Authentication are Still Safe.

A number of online computer news sites are abuzz about a security team’s prototype malware that hijacks USB smart card readers. It seems that a research team out of Luxembourg has issues a “Proof-of-Concept” malware attack that can take over your USB smart card reader. While any malware notice is important and needs to be monitored, business may be wondering the severity of the attack and if they need to rip out their smart card infrastructure because their network access authentication is in jeopardy.

Here are my thoughts:

  1. This is only a proof-of-concept and not a deployed attack.
  2. Every piece of computer hardware and software are susceptible to malware.
  3. Security relies on many barriers and layers. If you’re vulnerable to one attack you probably are vulnerable to many others.
  4. If the computer is vulnerable to malware, then other more dangerous programs will more likely be installed like key loggers or the Zeus Trojan Horse. In that case there is probably no need to attack the smart card since these other programs are far more destructive.

Conclusion:

Companies don’t need to rip out all their smart card readers and replace them with the expensive keypad ones. Smart card reader companies will look into the potential malware vulnerability and make whatever driver modifications necessary. IT needs to keep an eye out for any driver updates and install them.

Finally, security has many levels and points of attacks. If you are concerned about your company’s vulnerability then contact a consultant and ask for a security assessment. We list some leading companies on our site under the partners tab.

DNSChanger Trojan Faced Down by FBI

Unfortunately,an estimated 45,600 users will not be able to connect to the internet

malware data security threatsThis coming Monday morning may be unusually  tough for many Internet users and businesses. A nasty malware called  DNSChanger Trojan that infected computers and servers internationally will come to a tidy end as the FBI shuts down the infected servers hosting DNS. Unfortunately once these servers shut down an estimated 45,600 users will not be able to connect to the internet and resolving their connectivity issue won’t be easy either. To avoid an unnecessarily manic Monday utilize free tools such as Norton’s Power  Eraser http://security.symantec.com/nbrt/npe.aspx and for Apple systems http://macscan.securemac.com/

Scan systems as soon as possible and even if there is assumed integrity-scan anyways. Monday’s don’t need to be rougher than they already are. 

To read more about  DNSChanger Trojan, Federal Government Acts Against Trojan; Some Users May Lose Internet Access Monday by Ken Presti.

“A DNSChanger Trojan literally changes the infected computer’s DNS settings,” explained Marcus. “When a user opens up a browser and enters a web address, good DNS settings will take you to the proper website. But if you’ve got malicious DNS settings, the criminal can point you to whatever server they want. So it can be used in a lot of nasty and malicious ways. The FBI has taken control of a lot of these malicious servers, and on July 9th, they are going to shut down all of these servers. That means if you open up your browser and you are infected with this malware, you won’t be able to get to the Internet because it won’t be able to resolve your DNS to the correct addresses or anything else.”

Cyber Warfare: Chapter 6

Cyber Warfare: Techniques, Tactics and Tools for Security Practitioners by J. Andress and S. Winterfeld.

Cyber warfare is real. That’s why each Friday I will post a review on this book: Cyber Warfare: Techniques, Tactics and Tools for Security Practitioners, and today I am sharing what I am reading in…

Chapter 6: Physical Weapons. Cyber Warfare Techniques Tactics and Tools for Security Practitioners - Book review by Dovell Bonnett of Access Smart.com

Chapter 6 it’s all about physical weapons. A key point is how both the physical and logical worlds are tied together in cyberspace. Computers and networks need buildings, utilities, electricity, cooling, etc. to operate. But it is also true that software and applications are what run and manage this infrastructure. These two worlds have a symbiotic relationship. Therefore, the strategy in cyber warfare, as in conventional, is understanding all aspects of a system and determining where are the vulnerabilities.

Read More→

Smart Card Alliance Weakly Defends The Industry

The Smart Card Alliance offers platitudes but don’t identify the culprits!

Smart Card Alliance Weakly Defends The Industry - by Dovell BonnettThe Smart Card Alliance released their weak response to the recent Sykipot Tojan attack which hijacked the Department of Defense authentication smartcards. Unlike hypothetical attacks on smartcards (the Chinese Remainder Theorem Attack comes to mind with the use of a microwave oven and a calculator) this is a real threat to the security of one’s network and data but not so much to the smartcard itself.

The Sykipot Tojan is taking advantages of the flaws and lack of security in Adobe’s PDF documents (zero-day attack) and Microsoft’s Windows OS and anti-virus suppliers are not blocking infected attachments.

How are these attacks happening? The attacker sends a phishing or spear phishing email with a malware infected attachment to an unsuspecting person or employee. The employee opens the attachment and launches the attack. The malware is a keylogger that captures the PIN of the smartcard, reads the user’s certificates within Windows, and then allows the attacker to use this information to log into unauthorized accounts. Read More→