admini – Page 126 – CyberSecurity Institute

Forensics for GPS Unit

Posted on March 17, 2010December 30, 2021 by admini

Cross Product
Blackthorn2
For forensics acquisition, examination and analysis platform for various platforms including Garmin, TomTom, and Magellan:
I like this product since it provides forensic quality data (including hashes).
Pricing: Being requested.

Device Seizure
• GPS Waypoints, Tracks, Routes…
Price: USD 199 per license

TomTom Specific

TomTology
Decoding of live data providing:
Home Location
Favourites
Recent Destinations
Last Journey Start and End Point (where available)
Stored Phonebook
Called Phone Numbers
Received Phone Numbers
Sent SMS Messages
Received SMS Messages
Location where TomTom was turned off

• Retrieving of deleted journeys from unallocated space proving same details as above for all recovered.

• Locating deleted phone numbers

• Locating deleted SMS Messages

Price: USD 250 per license

XACT
Retrieves location data.

Pricing: Being requested.

Not tools but useful pages of info:
Tom Tom GPS Forensics
Pinpointing TomTom location records: A forensic analysis

Database Security Lacking at Financial Services Firms

Posted on March 4, 2010December 30, 2021 by admini

“One of the most important things a company can do to assure their future success is to plug the holes in their security policies that were demonstrated in this study,” Larry Ponemon, head of the Ponemon Institute, said in a statement.

For instance, the survey of top security officials at 80 large financial firms found that 83 percent use real data, such as credit card or account numbers, when developing and testing applications.

For instance, 88 percent of the companies surveyed said they still use Social Security numbers as their primary identifier.

http://www.esecurityplanet.com/features/article.php/3868381/Database-Security-Lacking-at-Financial-Services-Firms.htm

Symantec Chief Says Cloud Security the Next Step

Posted on March 3, 2010December 30, 2021 by admini

Cyber attacks are shifting from being broad-based to being very targeted, Salem said.

Symantec’s 2010 State of Enterprise Security survey spoke with 2,100 CIOs and IT/security executives, and found 75 percent had been attacked in the last six months — and all of those had suffered some kind of data loss; it may have been intellectual property, financial or credit card data or the personal information of a customer.

Salem said that in 2008, Symantec added 1.6 million signatures to its antimalware software, more than it had in the prior 16 years combined.

Instead of efforts, such as signature-based malware detection, he talked up the concept of reputation-based security, an approach that leverages the knowledge of users around the world. Since adding reputation-based security to Norton 2009, Symantec has collected one billion reputation ratings and taken 177 billion reputation queries in the last six months.

http://www.esecurityplanet.com/features/article.php/3868161/Symantec-Chief-Says-Cloud-Security-the-Next-Step.htm

Crackdown on Mariposa: Botnet Infected 13 Million PCs

Posted on March 3, 2010December 30, 2021 by admini

Though security experts described the hacking trio as “relatively unskilled cyber criminals,” they managed to use Mariposa — the Spanish word for butterfly — to steal account login information for social media sites, online e-mail services, user names and passwords to banking accounts and credit card data by infiltrating more than 12.7 million compromised personal, corporate and government IP addresses in more than 190 countries.

Email Article Print Article Comment on this article Share Articles Digg del.icio.us Newsvine Facebook Google LinkedIn MySpace Reddit Slashdot StumbleUpon Technorati Twitter Windows Live YahooBuzz FriendFeed “Our preliminary analysis indicates that the botmasters did not have advanced hacking skills,” Pedro Bustamante, Panda Security’s senior research advisor, said in a blog posting detailing the attacks and subsequent investigation.

Related Articles Database Security Lacking at Financial Services Firms McAfee Fingers Microsoft IE Flaw in Google Attack Kneber Botnet Pierces 2,500 Organizations McAfee Finds Spike In Malware From China Investigators said the hackers attacked vulnerabilities in Microsoft’s Internet Explorer browser software to infect machines with the Mariposa bot client.

http://www.esecurityplanet.com/features/article.php/3868436/Crackdown-on-Mariposa-Botnet-Infected-13-Million-PCs.htm

State Of Application Security: Nearly 60 Percent Of Apps Fail First Security Test

Posted on March 2, 2010December 30, 2021 by admini

“The degree of failure to meet acceptable standards on first submission is astounding — and this is coming from folks who care enough to submit their software to our [application security testing] services,” says Roger Oberg, senior vice president of marketing for Veracode.

The data for Veracode’s State of Software Security Report comes from a combination of static, dynamic, and manual testing of all types of software across multiple programming languages — everything from non-Web and Web applications to components and shared libraries. Veracode tests commercial, internally developed, open-source, and outsourced applications, all of which were represented in its findings.

And nearly 90 percent of internally developed applications contained vulnerabilities in the SANS Top 25 and OWASP Top 10 lists of most common programming errors and flaws in the first round of tests, Oberg says.

Despite the relatively gloomy picture of developers still missing the mark initially on security, there were some bright spots in the report: Open-source software isn’t as risky as you’d think, and financial services organizations and government agencies tend to have more secure applications from the get-go; more than half of their apps passed as acceptable in the first submission to testing, according to Veracode’s report.

And it was the quickest to remediate any flaws: “It took about 30 days to remediate open-source software, and much longer for commercial and internal projects,” he says.

“There’s been intense focus on cross-site scripting, and there are lots of different libraries and utilities available to eliminate it, but it’s still extremely prevalent,” says Chris Eng, director of security research for Veracode. Eng says it’s likely due to a lack of education on how to quell XSS, plus it’s not uncommon to find 100 XSS bugs in one application.

http://www.darkreading.com/vulnerability_management/security/app-security/showArticle.jhtml?articleID=223100875&cid=RSSfeed

Verizon Offers Up Its Data Breach Framework

Posted on March 2, 2010December 30, 2021 by admini

“When our investigators are conducting a forensics investigation, they use this tool to collect, aggregate, analyze, and report… It becomes our data breach investigation report,” says Wade Baker, director of risk intelligence for Verizon Business.

Aside from offering a common format for reporting and sharing that data, the hope is that such a framework will facilitate and help organizations share breach information so investigators can find common threads among attacks and attackers, for instance.

VerIS — which is available today via a free download — can be used to supplement an organization’s existing methods for collecting attack data and analysis, or as a replacement.

Verizon’s Baker says half of all incidents his firm has investigated during the past couple of years have been related in some way.

http://www.darkreading.com/insiderthreat/security/attacks/showArticle.jhtml?articleID=223100886&cid=RSSfeed