Security Protection – Harry Waldron MVP Rotating Header Image


Microsoft OOB update – MS14-068 Kerberos security patch

A few days ago, Microsoft released an out-of-band update  and this is beneficial to apply

Today, we released an out-of-band security update to address a vulnerability in Kerberos which could allow Elevation of Privilege. This update is for all supported versions of Windows Server and includes a defense-in-depth update for all supported versions of Windows. We strongly encourage customers to apply this update as soon as possible by following the directions in Security Bulletin MS14-068.

Mozilla Firefox – v34 to feature advanced search

As a complementary browser, v34 will provide improved security and functionality in next release

How often have you done a web search, already knowing that you would click the first result that looked like a Wikipedia page? Quite often? Then Firefox is about to make your life easier. With the new one click searches, you can instantly find what you are looking for across the web. When typing a search term into the Firefox search box, you will notice two new things: first, we improved the design of search suggestions to make them look a lot more organized. And second: there is an array of buttons below your search suggestions. These buttons allow you to find your search term directly on a specific site quickly and easily. We are shipping Firefox with a set of pre-installed search engines that are tailored to your language. You can easily show and hide them in your search preferences.

Leadership – Importance of positive attitude

John Maxwell’s Leadership blog is a favorite resource for Project Management advice.

QUOTE: A positive attitude can be a person’s greatest asset. In fact, an upbeat attitude can take people to places that their ability could never carry them on its own. Attitude acts like a booster rocket, lifting people to a higher altitude than they could otherwise climb.

While attitude alone won’t guarantee success, attitude is a difference-maker. All else being equal, attitude gives an advantage or edge over the competition. Therefore, whenever you have a choice to make between two business partners, vendors, or job candidates with similar credentials, pick the one with the better attitude.

A person’s attitude is more apparent in some conditions than in others. Here are three situations in which a person’s true attitude is likely to surface.

1.When they experience negative feelings
2. When they must deal with mundane details
3. When they face adversity

FaceBook – New Anti-Spam controls for NOV 2014

Facebook has recently improved anti-spam controls as noted below

QUOTE: Facebook announced this week that it has once again tweaked its News Feed algorithm based on a user survey, and will now devalue “overly promotional page posts.”

According to Facebook, they want to get rid of spammy page posts that push people to buy a product or download an app, encourage them to enter contests or sweepstakes and posts that simply reuse content from Facebook ads. Though concerns have already been raised that this change is simply a way for Facebook to boost its own revenue by moving advertising from promotional posts to Facebook ads, Facebook vehemently denied the new algorithm will lead to any more ads.

“This change will not increase the number of ads people see in their News Feeds,” the site wrote in its announcement. “The idea is to increase the relevance and quality of the overall stories – including Page posts – people see in their News Feeds. This change is about giving people the best Facebook experience possible and being responsive to what they have told us.”

FaceBook – New Privacy policy as of NOV 2014

FaceBook – New Privacy policy as of NOV 2014

Facebook has recently updated & improved their privacy policy.  Users may be prompted to review settings, which is always valuable over coming days (as I received notification this morning)

This week, Facebook announced another tool designed to further simplify its privacy policy and make it understandable to the layperson. The feature, called “Privacy Basics,” is a set of interactive guides that walk users through basic security questions, like how to delete content from the site and how to limit visibility in search. In addition to the new look, Facebook also edited the language in its privacy policy to make it less legal-sounding and complicated. It has also been dramatically shortened, down from about 9,000 words to only 2,700. “The idea here is to give people more accessible information about how Facebook works,” Erin Egan, the company’s chief privacy officer, told The New York Times. “It’s simpler, it’s easier to read.”

AntiVirus Trial Kits – Microsoft NOV 2014 study

Some users may not be versed in AV renewal process which requires users to pay for and activate annual licensing renewals promptly and accurately in trial version products.  There is danger in not keeping up after in the changing landscape of malware attacks.

QUOTE:    Do you have antivirus protection? “Of course I do,” you may say, “It came with the computer!” Don’t be so sure. Most pre-loaded antivirus products require renewal in three or six months. If you don’t renew, the product expires, and your protection takes a nose-dive. A recent blog post from Microsoft’s Tim Rains reveals that systems “protected” by an expired or out-of-date antivirus are almost as prone to infection as systems with no antivirus at all.

Looking specifically at consumer-owned computers, rather than those belonging to enterprise domains, Microsoft researchers determined that the MSRT removed malware from 0.6 percent of computers that have an active, correctly-configured antivirus installed. (Yes, they could dig deeper and identify which antivirus products missed malware, but that information isn’t something they release publicly).

The percentage of infected PCs with no antivirus at all was considerably greater—2.4 percent. Looking at PCs with antivirus protection present but disabled, they found 2.2 percent infected. That was also the percentage of infected PCs with expired antivirus. When the antivirus wasn’t expired but antivirus definitions were out of date, the infection rate was 1.9 percent.

In his blog post, Rains observed that “there was only a .2 percent different in the number of systems Microsoft cleaned of malware when comparing those that were not running security software to those that had expired security software.” In other words, an expired product is almost worthless. “In light of this information,” continued Rains, “we encourage people to verify that they are running up-to-date security software on their system. If they aren’t, there are many different free or paid options available.”

Security Awareness Podcasts – Social Engineering security site

The link below features 62 podcasts, most of which are around one hour in length:

QUOTE: Welcome to the Social-Engineer Podcast! The second Monday of each month we will be releasing a new and exciting episode, each with its own specific topic of the month.

Security Awareness Training Techniques for 2014

From the Social Engineering blog, excellent advice is shared for designing security awareness training programs

QUOTE: What’s the big band wagon that everyone is scrambling to jump on? It’s simple. Train employees on social engineering tactics. The article points out that more than half of security professionals say that social engineering tactics work so well because employees are not educated enough to combat them. Let’s break down what makes training effective according to learning theorists and social psychologists:

(1) Connect and Interact – You have to make a connection with your audience before they will care. Canned presentations don’t work as well as personal interaction.

(2) The right motivation – Training by itself is only a temporary patch because enough people want to believe it can’t happen to them.

(3) Lather, rinse, repeat: At the most, studies indicate that a phishing campaign with an educational message if “hooked” is only effective for about six months. Lessons need to be repeated and generalized. Rotate the types of phishing emails going out and give up-to-date education advice.

(4) Policy: It’s the ugly word that no one likes to talk about, but at some point it’s going to have to be addressed. If any employee consistently fails social engineering pentests despite education and mentoring, it is a good time to look at the effectiveness of your education program and the role that employee is allowed to play with  regards to company data.

Leadership – Expressing Gratitude improves Team Morale

John Maxwell shares excellent advice for IT and business leaders in being appreciative to team members and fostering that spirit in all aspects of the difficult role of leading others

QUOTE: The surest index of your spiritual and emotional well-being is the degree of gratitude in your life. Where does gratitude come from, and how can we grow in gratefulness?

1. Grateful people linger over life’s blessings
2. Grateful people live in the moment
3. Grateful people leave fear behind
4. Grateful people live on purpose
5. Grateful people love those beside them

WIRELURKER malware – Many Apple devices may be at risk

Apple users should be cautious in monitoring developments for this serious threat.  As protection emerges, users should quickly patch or fortify their systems and avoid risky documents or device connections.  

The Market Watch link notes that up to 800,000,000 devices are potentially at risk until improved protection and containment are in place. While the media often sensationalizes early reports, the technical capabilities of this malware are highly advanced with several “firsts” for the OSX platform.

QUOTE:   EXECUTIVE SUMMMARY – Palo Alto Networks recently discovered a new family of Apple OS X and iOS malware, which we have named WireLurker. We believe that this malware family heralds a new era in malware across Apple’s desktop and mobile platforms based on the following characteristics:

*  Of known malware families distributed through trojanized / repackaged OS X applications, the biggest in scale we have ever seen

*  Only the second known malware family that attacks iOS devices through OS X via USB

*  First malware to automate generation of malicious iOS applications, through binary file replacement

*  First known malware that can infect installed iOS applications similar to a traditional virus

First in-the-wild malware to install third-party applications on non-jailbroken iOS devices through enterprise provisioning WireLurker was used to trojanize 467 OS X applications on the Maiyadi App Store, a third-party Mac application store in China. In the past six months, these 467 infected applications were downloaded over 356,104 times and may have impacted hundreds of thousands of users.

WireLurker monitors any iOS device connected via USB with an infected OS X computer and installs downloaded third-party applications or automatically generated malicious applications onto the device, regardless of whether it is jailbroken. This is the reason we call it “wire lurker”. Researchers have demonstrated similar methods to attack non-jailbroken devices before; however, this malware combines a number of
techniques to successfully realize a new breed of threat to all iOS devices.

WireLurker exhibits complex code structure, multiple component versions, file hiding, code obfuscation and customized encryption to thwart anti-reversing. In this whitepaper, we explain how WireLurker is delivered, the details of its malware progression, and specifics on its operation.

We further describe WireLurker’s potential impact; methods to prevent, detect, contain and remediate the threat; and Palo Alto Networks enterprise security platform protections in place to counter associated risk.

WireLurker is capable of stealing a variety of information from the mobile devices it infects and regularly requests updates from the attackers command and control server. This malware is under active development and its creator’s ultimate goal is not yet clear.