FireSale HackBoy

Knowledge Shared By FireSale HackBoy...


The Art Of Exploitation...

Ethical Hacking

Security Experts...Same Techniques To Make Hacker's Stuff Useless.

Black Hat Hacking

Dark Side Of Hacking... In Short Destruction Of Cyber Stuff.

Digital Stuff

All The Digital Stuff Is Under The Influence Of Cyber Attacks... Be Safe

Tuesday, April 24, 2018

All Nintendo Switch Consoles Contain Unpatchable Chip-Level Flaw

By Waqas

Nintendo Switch has fans across the world; the gaming console

This is a post from Read the original post: All Nintendo Switch Consoles Contain Unpatchable Chip-Level Flaw

April 24, 2018 at 10:40PM

RSA 2018 Recap and Launch of OTX Endpoint Threat Hunter!

RSA 2018 was the best RSA ever from an AlienVault perspective! It was a “giant leap” for sure.

The booth was Out of This World:

We had hundreds of folks pop by for a demo or theater presentation.

The Big News! OTX Endpoint Threat Hunter Free Tool!!

The statistics on OTX participation are amazing – as of this writing 86018 participants, and 162K contibutions per day on average. The new free tool, OTX Endpoint Threat Hunter already has 443 downloads in less than a week of availability. Hear about it in the video below from Sacha Dawes and Russ Spitler.

Then there was a party jointly sponsored by AlienVault  where we gave out a lot of our famous lighted sunglasses 🙂

Oh and I got to catch up with Twitter buddies @uuallan @C_3PJoe @VinceintheBay @ChuckDBrooks and others!

The Security Bloggers Meetup

The big news was Javvad Malik winning the Most Entertaining Blog category with his personal blog.

I also got to catch up with many InfoSec luminaries. Here’s my favorite pic with @RSnake, an injured-but-smiling @indi303 & @alexlevinson:

It was an exhausting but very fun week indeed!


The post RSA 2018 Recap and Launch of OTX Endpoint Threat Hunter! appeared first on Cybersecurity Insiders.

April 24, 2018 at 09:10PM

Changes in the CIS controls and why you need to know

Have you heard of the top 20 Controls from the Center for Internet Security (CIS)? These are also known as the CIS common controls and they’re my favorite list of controls. Sure, PCI, NIST, CSA, SOX, FERPA, NERC, and HIPAA are good controls as well, but I prefer the common controls. The common controls are community and industry reviewed – high-level enough for anyone to use, and they’re prioritized. I could easily build these into a dashboard for every application, business unit, and team, which would help normalize risk profiles across any business.

So, have you ever looked over these common controls?! If not, take just a minute to review them. This high-level list of 20 information security controls is designed, if implemented properly, to eliminate most of the risks in your business. To implement the controls, you must have the right people, the right processes, and the right technology. In this blog I’ll be delving into the controls. We can talk more about the people and the process and the technology another time.

So let’s compare and contrast the controls against all the industry news about all the crazy new cybersecurity technologies and companies. For example, artificial intelligence is the current hot topic. You’ll notice that it doesn’t appear on the CIS list because before you employ artificial intelligence in your cybersecurity strategy you need to first make sure to cover the top 20 controls. (Like any good basketball team, you need to master the fundamentals before moving onto trick shots like the Harlem Globetrotters.)

Recently the Center for Internet Security updated their controls in a push to keep them current with the latest cybersecurity technologies. The ordering has been updated to reflect the current threat landscape, and the sub-controls have been updated to be clearer and more precise, implementing a single “ask” per sub-control. As a quick aside if you’re not familiar with the AWS shared responsibility model, here’s the link to review.

If you’re running any of your applications in the cloud, what you’re responsible for changes drastically. For example, if you’re running an EC2 server in AWS, you’re not responsible for the inventory of the hardware itself (how much CPU and MEM it has. But as SPECTRE has shown us, you need to know what CPU architecture you’re running on; so CIS control one applies in a limited way.

Here’s what has specifically changed in the control order:

Control #4: Continuous Vulnerability Assessment and Remediation – moved up to #3

Control #5: Controlled Use of Administrative Privileges – moved up to # 4

Control #3: Secure Configurations for Hardware and Software – moved down to #5

These are all good changes, in my opinion. The controls keep getting better as they age just like any fine whisky.

Now one of the fundamental reasons organizations don’t implement the controls is that they simply don’t have enough people, strong enough processes, or the right tools. One way to overcome these limitations is by using an automation platform, such as CloudPassage Halo, that can automate security processes and encompass broad toolsets. The automation frees people up so that they can focus on responding to security issues, which will allow them to focus on higher-order work.

Additionally, the controls are focused on traditional enterprise environments; however the world has changed. We now have containers, cloud service accounts, DevOps pipelines, and other new agile technologies. And if you take a minute and think about the risks that these controls are trying to manage, it’s easy to see that these all still apply in the cloud and with containers. So, using a common set of processes and training people all on the same platform will make it easier to accomplish your goals.

Some organizations have spent years deploying tools, building processes, and integrating them into a single SOC operation. Notice I mentioned earlier that this takes years… so, many organizations are behind. And if you’re behind you need to be looking at an automation platform that can be deployed quickly to leapfrog up to the current controls.

CloudPassage Halo can help with this. So if you’re interested in learning more about how Halo can help you tackle the 20 critical CIS controls, reach out and request a demo.

The post Changes in the CIS controls and why you need to know appeared first on Cybersecurity Insiders.

April 24, 2018 at 09:10PM

Check Out the Delta Risk Cyber Security Blog – Page 1

I have spent the most notable years of my career helping organizations improve their cyber security incident response plans. To do this effectively, we dive in, ask questions, consider scenarios, look at contingencies, and identify gaps. It has personally been very rewarding for me because planning is in my core – I rarely fly by the seat of my pants, and usually have multiple back up plans. But on August 25, 2017, I was blindsided by Hurricane Harvey.

The post Check Out the Delta Risk Cyber Security Blog – Page 1 appeared first on Cybersecurity Insiders.

April 24, 2018 at 09:10PM

World Backup Day 2018

Welcome to World Backup Day, the day in which hopefully everyone backs up the data on their devices. World Backup Day is of course very important to, after all, how else would we make a living? More than that, however, we feel nobody should ever lose data simply because data loss is so easily prevented. Cloudwards has put together an infographic and a quiz to help you understand backup. 

The post World Backup Day 2018 appeared first on Cybersecurity Insiders.

April 24, 2018 at 09:03PM

US healthcare firms hit by Orangeworm Malware

Symantec researchers have confirmed that a cybercrime group called ‘Orangeworm’ has succeeded in deploying a custom backdoor known as Trojan.Kwampirs in most of the databases owned by healthcare organizations in United States, Europe and some parts of Asia.

As per the discovery of Symantec, the targeted organizations include equipment manufacturers, IT service providers, pharmaceutical companies, and hospital networks.

The study carried out by California based cybersecurity firm has confirmed that ‘Orangeworm’ launches attack only after doing a lot of homework on the target which includes the type of data the organization holds, accessing its current security strategies and the value of the organization’s data on the dark web.

Researchers found that Kwampirs malware can be induced onto medical devices such as X-rays, and MRI machines and other medical equipment.

Presently the study did not detect any data transfer from the infected devices. It means that the espionage was being carried out to learn more about the machine and might also be a rehearsal for something big to happen in near future.

According to the telemetry gathered by Symantec, almost 40% organizations have become victims to the said malware attack within the healthcare industry.

And among the countries, US tops the list with 17% of healthcare firms becoming a victim to Kwampirs malware, followed by India with 7% and the United Kingdom at 5%.

Note- Symantec customers are protected against Orangeworm invasions by default with the help of Intelligence Services or WebFilter enabled products. The products include Web Security Services(WSS), ProxySG, Advanced Secure Gateway(ASG), Security Analytics, Content Analytics, Malware Analysis, SSL Visibility, and Packetshaper.

The post US healthcare firms hit by Orangeworm Malware appeared first on Cybersecurity Insiders.

April 24, 2018 at 08:56PM

Hackers find life-threatening vulnerabilities in Austrian ski lift control unit

By Waqas

Serious Vulnerabilities Identified in Austrian Ski Lifts Control System Can

This is a post from Read the original post: Hackers find life-threatening vulnerabilities in Austrian ski lift control unit

April 24, 2018 at 03:14PM