Privilege Escalation Vulnerability that existed in Check Point Software, Untangle survey finds SMBs continue to struggle with IT Security, Tufin delivers enhanced Visibility and Topology modeling for Cisco ACI Migration, and how the OS that poweredf smartphones started from failure!
Full Show Notes: https://wiki.securityweekly.com/ES_Episode152
Visit https://www.securityweekly.com/esw for all the latest episodes!
To learn more about our sponsors visit: The Security Weekly Sponsor’s Page
- Protecting Your Road Warriors from Cyber Hazards – While we have been specifically talking about your employees that travel, if your organization is like most, they do not comprise all, or even a majority of, your mobile workforce. Long commutes and regional personnel shortages, combined with advances in remote collaboration technologies, mean that mobile workers are becoming the norm. It is estimated that 70% of the global workforce works remotely at least once a week and 53% at least half of the week. By 2023, the global mobile workforce is expected to hit 1.88 billion. Okay, great, there are more mobile workers. However, how do enterprises test the security of mobile endpoints? In a phishing attack, for example, how do I know I am reaching workers who work remotely without extensive OSINT? And, once an attacker lands on a remote workers laptop, what can they do to move into the organization? Or do they need to? Does it come down to just protecting the identity and the credentials?
- A Privilege Escalation Vulnerability Existed In Check Point Software – How do we know our security software is also secure? According to the researchers, there existed a privilege escalation vulnerability in the software targeting the Check Point Endpoint Agent (CPDA.exe) and Check Point Device Auxiliary Framework (IDAFServerHostService.exe).
- Untangle Survey Finds SMBs Continue to Struggle with IT Security
- BeyondTrust Expands Privileged Access Management Cloud Leadership with Enhanced SaaS Solutions
- Tufin Delivers Enhanced Visibility & Topology Modeling for Cisco ACI Migration
- Device Authority enhances IoT security platform KeyScaler for Microsoft Azure IoT and announces HSM Access Controller – This is a great platform for IoT and addressed many of the issues we face with IoT security: Most recently Microsoft Azure IoT has been in the spotlight with more customers and partners requiring an end-to-end service offering to enhance and manage their security operations which help them to accelerate and leverage their investments in IoT implementations. KeyScaler reduces complexities and risk through automation for device registration, onboarding, provisioning and management of credentials for IoT devices that connect to Azure IoT Hub. These security enhancements prevent the cloning of devices connected to Azure, and also provides secure soft storage to protect keys.
- Unix at 50: How the OS that powered smartphones started from failure – Very cool article, in summary, hurray for open-source: The free distribution of Unix stopped in 1984, when the government broke up AT&T and an earlier settlement agreement that prohibited the company from profiting off many Bell Labs inventions expired. The Unix community had become accustomed to free software, however, so upon learning that AT&T would soon be charging for all copies of Unix and would prohibit alterations to the source code, Richard Stallman and others set about re-creating Unix using software that would be distributed to anyone free of charge—with no restrictions on modification. They called their project “GNU,” short for “GNU’s Not Unix.” In 1991, Linus Torvalds, a university student in Helsinki, Finland, used several of the GNU tools to write an operating system kernel that would run on PCs. And his software, eventually called Linux, became the basis of the Android operating system in 2004.
- Vulnerability Remediation Fight for the Users – This backs up the “App, User, Data” security model: Users often are a cause of frustration for us when it comes to security, so there’s a bit of a stigma that comes with supporting users. (ID10T!) Whether it’s in the form of a phishing victim, accidentally installed malware, configuration mistake, or some other user error, there’s only so much we as security professionals can do to lower the risk. For the things that are more outside of our influence, we try to correct behaviors with security awareness, secure code development, and internal social engineering training. However, if we can proactively help our users by taking steps to secure our back end systems that we do have control over, no matter how small the risk may seem, each “fix” will be another cumulative brick in our walls to help protect the environment.
- Pitfalls to Avoid in Ransomware Incident Response Plans | SecurityWeek.Com – I believe this is an important one to test: Assuming backups will eliminate the chance of having to pay a ransom to recover data.
- We have exciting news about the Security Weekly webcast program: We are now partnered with (ISC)2 as an official CPE provider! If you attend any of our webcasts, you will be receiving 1 CPE credit per webcast! Register for one of our upcoming webcast with Zane Lackey of Signal Sciences, Ian McShane from Endgame, or Stephen Smith and Jeff Braucher of LogRhythm (or all 3!) by going to securityweekly.com/webcasts If you have missed any of our previously recorded webcasts, you can find our on-demand library at securityweekly.com/ondemand
- Security Weekly will be at Hacker Halted in Atlanta, GA this October 10th-11th! EC-Council is offering our listeners a $100 discount to attend the two day conference. Use discount code HH19SW when you register or go to securityweekly.com/hackerhalted and register there! Make sure you checkout the keynote (Paul Asadoorian) and Mr. Jeff Man’s talk as well!