Category Archives: CyberSecurity

  • -

Report Says the Threat of “Going Dark” is Overstated

Category : CyberSecurity

A report from Harvard’s Berkman Center for Internet & Society says that
US law enforcement’s concerns about encryption allowing terrorists to
“go dark” overstate the problem. The report said that while encryption
may hinder some surveillance activity, the increasing spread of Internet
connected devices can “likely fill some of these gaps and … ensure
that the government will obtain new opportunities to” conduct
surveillance

Article: Cnet The Hill ComputerWorld ZDNet


  • -

Apache Server Default Configuration Exposes Tor Sites

Category : CyberSecurity

The default configuration for the Apache http server is exposing Tor
websites’ locations. Sites running Apache need to disable the mod_status
module that displays a server status page with sensitive information.

Article: SCMagazine


  • -

Safe Harbor Deadline Passed: Agreement Reached

Category : CyberSecurity

The deadline for the US and European Union negotiators to reach a new
Safe Harbor data protection agreement satisfactory to both entities was
January 31, 2016. The old arrangement was invalidated last fall after
the EU Court of Justice found that it did not adequately protect the
privacy of EU citizens

Article: Arstechnica


  • -

Cisco Jabber Client Found Vulnerable to STARTTLS downgrade attack

Category : CyberSecurity , DataBreach

Researchers at Synacktiv have found that the Cisco Jabber
client is vulnerable to a STARTTLS downgrade attack. The vulnerability
manifests due to a failure to validate if a XMPP connection has been
established over TLS. A man-in-the-middle attacker could exploit this
flaw and tamper with the XMPP connection to avoid TLS negotiation,
causing the client to establish a XMPP connection over cleartext. Cisco
has released a security advisory and updated software to address this
vulnerability.

Article; Cisco


  • -

KeyTalk biedt aanvullende beveiliging voor SAP (Persbericht)

Category : CyberSecurity

07.01.2016

KeyTalk is een internationaal opererend Nederlandse softwarebedrijf dat IT-beveiligingsoplossingen biedt gebaseerd op kortlevende digitale certificaten. Hiermee wordt bijvoorbeeld sterke VPN-authenticatie geboden en met name ook het veilig verbinden van “Internet of Things” apparaten. KeyTalk’s meest geïmplementeerde toepassing, “Secure Connect for Applications”, maakt gemakkelijke en betrouwbare authenticatie en een versleutelde verbinding mogelijk tot applicaties zoals SAP, Exact, AFAS, Salesforce en andere zonder gebruik van hardware Tokens of Software Token Generators.

KeyTalk geeft geautomatiseerd en veilig kortlevende client en server certificaten uit, gebaseerd op een combinatie van hardware herkenning en reguliere authenticatie op basis van username en password, waarna een veilige tweezijdig geverifieerde SSL verbinding wordt opgebouwd en data versleuteld heen en weer gaat. Dit biedt niet alleen de hoogst mogelijke beveiliging van de dataverbindingen, maar brengt ook gebruikersgemak, lage kosten en schaalbaarheid.

KeyTalk heeft strategische partnerships met bedrijven zoals Microsoft, Red Hat, IBM en verschillende anderen. Sinds kort is KeyTalk ook toegetreden tot het “SAP PartnerEdge Program for Application Development” dat aanvullende oplossingen stimuleert van derden bovenop het SAP technologieplatform.

Eind 2015 bundelde KeyTalk haar krachten met Innovice-IT (een Nederlandse cyber security adviesbureau), om haar “Secure Connect for Applications” oplossing te implementeren als een beveiligingslaag op SAP bij een groot internationaal bedrijf in de agrarische sector. Zoals steeds vaker gebruikelijk is, heeft deze onderneming SAP op “On Premise” in verschillende van haar vestigingen en is zij daarnaast bezig met een migratie naar SAP in de cloud. Medewerkers werken in toenemende mate buiten het traditionele bedrijfsnetwerk en zo ontstond een sterke behoefte aan additionele beveiliging op applicatieniveau (anders dan alleen username en password) zodat toegankelijkheid tot het ERP en andere applicaties via internet verantwoord mogelijk wordt.

KeyTalk en Innovice-IT hebben voor deze multinational binnen enkele weken doorlooptijd KeyTalk’s Secure Connect for SAP succesvol geïmplementeerd. Hierdoor is SAP in de Cloud (C4C) beveiligd toegankelijk door een combinatie van hardware herkenning (trusted devices) en kortlevende certificaten die dagelijks worden vernieuwd en worden gebruikt als login methode tot SAP (in combinatie met username en password). Als gevolg hiervan hebben alle medewerkers nu een enkele methode van authenticatie voor beide SAP-omgevingen (lokaal en in de Cloud).

Een dergelijke additionele beveiliging van ERP applicaties – zoals SAP – die privacygevoelige gegevens bevatten, is ook belangrijk in het licht van de per 1 januari in werking getreden ‘Wet Meldplicht Datalekken’. KeyTalk is een van de weinige organisaties die afdoende beveiligd gebruik van applicaties met privacygevoelige gegevens zoals SAP mogelijk maakt via internet.


  • -

Lenovo used a hidden Windows feature to ensure its software could not be deleted

Category : CyberSecurity

A recently uncovered feature – which had been swept under the rug – allowed new Lenovo laptops to use new Windows features to install the company’s software and tools even if the computer was wiped.

The oddity was first noted by Ars Technica forum user ‘ge814‘ and corroborated by Hacker News user ‘chuckup.’

The users discovered the issue in May when using a new Lenovo laptop that automatically and covertly overwrote a system file on every boot, which downloaded a Lenovo updater and installed software automatically, even if Windows was reinstalled from a DVD.

The only problem is that nobody actually asked for this software, and it persisted between clean installs of Windows. Lenovo was essentially exploiting a rootkit on its own laptops to ensure its software persists if wiped.

Article: Thenextweb


  • -

Globalstar location-tracking network vulnerable to hacking – researcher

Category : CyberSecurity

Location-tracking devices that communicate with a major satellite network operated by Globalstar Inc can have their transmissions intercepted or mimicked with false data, a U.S. security researcher said on Thursday.

Globalstar, of Covington, Louisiana, has sold hundreds of thousands or millions of the devices, which are widely used for tracking valuable shipments and assets.

The problem is that unlike Globalstar’s satellite phone services, data from the devices is not encrypted in transit, said Synack Inc researcher Colby Moore, who will present his findings at next week’s Black Hat security conference in Las Vegas.

Instead, the system changes frequencies and transmits a great deal of inconsequential data that can be discarded once an attacker figures out the methods involved, as Moore did.

Such systems “are kind of fundamentally broken from the get-go,” Moore said in a phone interview. “I ended up figuring out how to decode the data in transit.” In addition, the system does not make sure that the data is coming from the place it claims.

The flaw is an architectural issue that Moore said would be hard or impossible to patch. New software could be written to encrypt the traffic in future devices, but the technology is already embedded inside popular hardware without that functionality and no clear way to install it.

Article: Reuters


  • -

Ransomware Exploits Flash Flaw

Category : CyberSecurity

Ransomware known as CryptoWall is being used in attacks that exploit a

flaw in Adobe Flash Player for which Adobe issued a patch just last

week.

Article: The Register and Computerworld


  • -

Encryption is Often Implemented Incorrectly

Category : CyberSecurity

According to a report from Veracode, many software developers are not

implementing encryption correctly. This is due in part to inadequate

training and the complexity of crypto libraries.

article: Computerworld


  • -

Feds Say That Banned Researcher Commandeered a Plane

Category : CyberSafety , CyberSecurity

Chris Roberts, a security researcher with One World Labs, told the FBI agent during an interview in February that he had hacked the in-flight entertainment system, or IFE, on an airplane and overwrote code on the plane’s Thrust Management Computer while aboard the flight. He was able to issue a climb command and make the plane briefly change course, the document states.

Article: Wired


Search

Innovice-IT on Twitter

  1. Bas Eikelenboom
    Bas Eikelenboom: RT @InfoSecHotSpot: Unfilled cybersecurity jobs are expected to reach 1.8 million by 2022, up 20 percent from 1.5 million in 2015, accordin…

  2. Bas Eikelenboom

  3. Bas Eikelenboom
    Bas Eikelenboom: RT @RidT: A few observations on today's "online escalation" New York Times story. I see lots of people making assumptions and jumping to co…

  4. Bas Eikelenboom
    Bas Eikelenboom: RT @bellingcat: Bellingcat's @Timmi_Allen put together the following video demonstrating how various images of the Kokuka Courageous match…

  5. Bas Eikelenboom
    Bas Eikelenboom: RT @InfoSecHotSpot: AI and 5G will create an explosion in cybersecurity risks, says FBI agent and general counsel at $50 billion firm https…

Archive

Categories