Remember, the Columbus InfoSec Summit is this week. It starts Monday afternoon and runs through Tuesday.
I will be speaking on Monday at 5:30 in Track 1 and my topic is a deep dive into Tor hidden nodes, including how to get business intelligence from them.
Come and say hello. Have a cup of coffee or just a chat. We look forward to seeing you and wish the ISSA a great event!
MSI is proud to announce the immediate availability of the HoneyPoint Console version 4.0!
The new version of the Console for HPSS is now available for Windows, Linux and Mac OS X. In addition to the Console, new installer tools and documentation is also available.
The new Console finally includes operation as a service/daemon WITHOUT the need to have the GUI running. That’s right, finally headless consoles that work immediately with SEIM and other monitoring tools. Configuration of the Console and management is still available through the GUI, but headless operation is now at the core of the Console product line!
Other improvements include bug fixes, increased error handling, better memory management, improved installers and installation tools and much much more. If you haven’t upgraded your Console or seen the new 4.0 Console yet, we think you will find it much improved.
To obtain the new Console, refer to your QuickStart Guide. It is now available through the HoneyPoint distribution site. No changes to the database or license key are required, however, you must have a current license to qualify for the upgrade. Please back up your Console databases prior to upgrading, though we have experienced no issues with the upgrade process.
Thanks, as always, for choosing HoneyPoint Security Server and MSI. We value your partnership and trust.
Now that Windows XP is end-of-lifed, it is wise to replace it at home and in businesses of all sizes. Malware and vulnerabilities for XP are likely to skyrocket over the coming months, making it a very unsafe platform, indeed.
To help with replacement, we at MSI went shopping for some deals on Windows 7 and Windows 8 for you. Here are the deals we found on newer Windows software. Please note, we have no affiliation with any of these vendors and can’t recommend them in particular. We simply found the best prices we could identify for Windows OS. Your milage and paranoia may vary.
Here are the deals we could find:
For one PC license of Windows 7 Pro for as low as $69.99.
If you need more than one, the lowest is $219.99.
For Windows 8 Pro – $79.94 for single computer use.
The price is $199.99 for multiple computer to use Windows 8 Pro.
We hope that helps some of you who still need to upgrade. Until next time, thanks for reading & stay safe out there!
Just a reminder that #CMHSecLunch is Monday, 4/14/14 from 11:30 to 1 at the North Market.
Come out and hang with friends, both old and new. The whole gang will be there, so spend some time.
As always, you can read more about the event, tell us you’re coming or see the schedule here.
Hope to see you there. Bring a buddy or at least a smile! 🙂
If you use OpenSSL anywhere, or use a product that does (and that’s a LOT of products), you need to understand that a critical vulnerability has been released, along with a variety of tools and exploit code to take advantage of the issue.
The attack allows an attacker to remotely tamper with OpenSSL implementations to dump PLAIN TEXT secrets, passwords, encryption keys, certificates, etc. They can then use this information against you.
You can read more about the vulnerability itself here.
THIS IS A SERIOUS ISSUE. Literally, and without exaggeration, the early estimates on this issue are that 90%+ of major web sites and software packages using OpenSSL as a base are vulnerable. This includes HTTPS implementations, many mail server implementations, chat systems, ICS/SCADA devices, SSL VPNs, many embedded devices, etc. The lifetime of this issue is likely to be long and miserable.
Those things that can be patched and upgraded should be done as quickly as possible. Vendors are working on patching their implementations and products, so a lot of updates and patches will be forthcoming in the next few days to weeks. For many sites, patching has already begun, and you might notice a lot of new certificates for sites around the web.
Our best advice at this point is to patch your stuff as quickly as possible. It is also advisable to change any passwords, certificates or credentials that may have been impacted – including on personal sites like banking, forums, Twitter, Facebook, etc. If you aren’t using unique passwords for every site along with a password vault, now is the time to step up. Additionally, this is a good time to implement or enable multi-factor authentication for all accounts where it is possible. These steps will help minimize future attacks and compromises, including fall out from this vulnerability.
Please, socialize this message. All Internet users need to be aware of the problem and the mitigations needed, even for personal safety online.
As always, thanks for reading, and if you have any questions about the issues, please let us know. We are here to help!
MSI is proud to announce that a Rand report that we contributed to is now available. The report details the underground economy and provides insights into the operation, intelligence and flow of the underground markets.
You can download a free copy of the report here.
We are happy to support research projects such as these and they represent yet another way that MSI fulfills our promise to give back to the security community. If you have questions about this project or about our other contributions, please reach out to me on Twitter (@lbhuston).
Brent will be speaking again this year at the ISSA Security Summit in Columbus.
This year he has an interesting topic and here is the abstract:
A Guided Tour of the Internet Ghetto :: The Business Value of Tor Hidden Services
Following on the heels of my last set of talks about the underground value chain of crime, this talk will focus on a guided tour of the Internet Ghetto. You may have heard about Tor, the anonymizing network that rides on top of the Internet, but this talk takes you deep inside to visit the slums, brothels & gathering places of today’s online criminals. From porn to crimes against humanity, it is all here.
This talk will discuss Tor hidden services, help the audience understand what they are, how they operate, and most importantly, how to get business and information security value from them. If you think you know the dark side of the net, think again! Not for the feint of heart, we will explain some of the ways that smart companies are using hidden services to their benefit and some of the ways that playing with the dark side can come back to bite you.
Take aways include an understanding of Tor, knowledge of how to access and locate hidden services and underground content, methods for using the data to better focus your business and how to keep an eye on your kids to make sure they aren’t straying into the layers of the onion.
Come out and see us at the Summit and bring your friends. It’s always interesting and a great event to catch up with peers and learn some amazing new stuff. See ya there!
At MSI, we know security doesn’t exist for its own sake. The world cares about business and so do we. While our professional and managed service offerings easily empower lines of business to work with data more safely, we also offer some very specific business process focused security services.
Attackers and criminals go where the money is. They aren’t just aiming to steal your data for no reason, they want it because it has value. As such, we have tailored a specific set of security services around the areas where valuable data tends to congregate and the parts of the business we see the bad guys focus on most.
Lastly, we have also found several areas where the experienced eyes of security experts can lend extra value to the business. Sometimes you can truly benefit from a “hacker’s eye view” of things and where it’s a fit, we have extended our insights to empower your business.
Here are some of the business focused offerings MSI has developed:
MSI knows that your business needs security around the most critical data and the places where bad guys can harm you the worst. We’ve built a wide variety of customized security solutions and offerings to help organizations harden, monitor and protect the most targeted areas of their organization. At MSI, we know that information security means business and with our focused security offerings, we are leading the security community into a new age.
At a Glance Call Outs:
Variety of business focused services
M&A offerings
Assessments of systems that move money
Fraud-based real world testing
Business partner & supply chain security
Executive protection
Key Differentiators:
Focused on the business, not the technology
Reporting across all levels of stakeholders
Specialized, customizable offerings
Capability to emulate & test emerging threats
Thought leading services across your business
After the powerful launch of TigerTrax last week, we have put together a webinar for those folks looking to learn more about our TigerTrax™ services and offerings. If you want to hear more about social media code of conduct monitoring, passive analysis and assessments, investigation/forensics and threat intelligence enabled by the new platform, please RSVP.
Our webinar will cover why we built TigerTrax, what it does and how it can help you organization. We will discuss real life engagements using the TigerTrax platform across a variety of verticals and looking at social, technological and trust issues. From data mining threat actors to researching supply chain business partners and from helping pro-sports players defend themselves against accusations to monitoring social media content of key executives, the capabilities and examples are wide ranging and deeply compelling.
Register for the webinar by clicking here. Our team will get you registered and on the way to leveraging a new, exciting, powerful tool in understanding and managing reputational risk on a global scale.
The webinar will be held Wednesday, March 12, 2014 at 3 PM Eastern time. Please RSVP for an invitation. Spots are limited, so please RSVP early.
As always, thanks for reading. And, if you would prefer a private briefing or discussion about TigerTrax, give us a call at (614) 351-1237 x206 and we will get a specialist together with you to help identify how MSI can help your organization.
March’s CMHSecLunch is scheduled for March 10, 2014. The time is 11:30 to 1pm Eastern. The location this month is the Tuttle Mall food court. We usually meet pretty close to the middle of the place, but a bit away from the giant germ ball fountain. 🙂
I will not personally be able to attend this month, but will be back in full swing for the April edition. So enjoy this month without me and I we can break bread together in a short while.
As usual, you can register for the event (not needed), and find more details here. CMHSecLunch is open to all, free to attend and has been a tradition now in the security community for a couple of years. So, grab a friend, have some food and engage in some great conversation. We can’t wait to see you!