Posts

Image
FOR IMMEDIATE RELEASE: JUNE 28, 2017

Contact: Anchor Technologies, Inc. Peter Dietrich (410) 295-7601

Anchor Technologies, Inc. Launches a Cyber Academy Delivering real-world cyber education from seasoned experts providing a quick and affordable path for IT professionals.
COLUMBIA, MD, June 28, 2017 – Anchor Technologies, Inc. (Anchor), a cybersecurity consulting firm headquartered in Columbia, Maryland, announced today that it is expanding its services offerings to include cybersecurity education and training.With over fifteen years focused on cybersecurity, Anchor has leveraged that experience to launch a cyber academy, the Anchor Center for Cyber Skill (ACCS) designed to fill a gap in the market for real-world cyber education and skillsets. “This is not your typical training program”, said Anchor President and CEO, Peter Dietrich.“The classes will be led by our seasoned team members, each with over a decade of active, real-world cyber experience.” The ACCS training program will focus on thr…

Weekly Infosec News Brief: 11-18 June 2017

Image
Microsoft Patch Tuesday Fixes Massive Batch of Vulnerabilities, Including One Being Actively Exploited Microsoft's "Patch Tuesday" this month fixes 94 vulnerabilities, 27 of which involve potential remote code execution (generally the worst type of vulnerability). The most concerning vulnerability is CVE-2017-8543, a vulnerability in the Windows Search service that Microsoft says is already being actively exploited by malicious parties in the wild. The Search service is remotely accessed via Server Message Block (SMB), the same service that the ETERNALBLUE exploit (abused by WannaCry) abused -- organizations should ensure that the SMB protocol is not exposed outside their firewall.
https://blogs.technet.microsoft.com/msrc/2017/06/13/june-2017-security-update-release/
https://blog.qualys.com/laws-of-vulnerabilities/2017/06/13/microsoft-fixes-94-security-issues-in-massive-june-update
https://www.scmagazine.com/microsoft-releases-patch-tuesday-fixes-including-wannacry-defense…

Weekly Infosec News Brief: 5-11 June 2017

Image
OneLogin Breach -- Attackers May Be Able to Decrypt Data A consistent recommendation of most security professionals has been for users and organizations to adopt single sign-on and secure password management programs. These programs, many of them cloud-based, reduce the need for users to remember a host of different passwords, thus making it easier for them to choose strong, unique passwords. While this is generally good advice, it is crucial to choose a provider with a strong security track record of their own. OneLogin, a single sign-on provider popular with corporate users, was compromised two weeks ago, and revealed last week that the attackers also obtained keys that may allow them to decrypt the stolen data. In the past, major breaches of password managers (such as LastPass) have apparently led to no true data loss, because the stolen data was strongly encrypted, and the keys were securely stored separately from the data. OneLogin users are advised to update their master passwo…

Weekly Infosec News Brief: 15-21 May 2017

Image
End of WannaCry Panic Should Result in Vigilance, not Relief, Experts Warn
The massive WannaCry ransomware worm that spread with frightening speed the week more last fizzled out as quickly as it began. However, the story should be taken as a wake-up call for US organizations, not as cause to breathe a sigh of relief. In many ways, the WannaCry malware was amateurish and simple; the only impressive part was the use of the ETERNALBLUE exploit to enable its quick spread. It was easily disabled, and incorporated little in the way of anti-analysis and anti-detection techniques. If more determined and skillful folks leverage that same exploit (as it appears some may already be doing), we could see much more devastating results. Please ensure that all your Windows machines are fully-patched, particularly with the MS17-010 patch from March. Also, check your external network to see if you have any SMB services exposed (TCP port 445) and seek to block access from the Internet to that service (o…

Weekly Infosec News Brief: 01-07 May 2017

Image
Clever and Widespread Google Phishing Campaign Raises Concerns Last week a new worm spread rapidly through the Internet. It used a very convincing (because it was partly genuine) Google Docs invitation to lure Google users into giving access to their Gmail accounts, then copied itself to addresses in the victim's contacts. Repeating this process led to a rapid storm of emails. Google took action within an hour to remove the rogue app from users' account permissions and stem the tide of emails, but the success of the tactic shows the risk inherent in cloud-based accounts like this -- a quieter version of the same tactic could easily compromise a handful of people without attracting much attention. Selecting and authorizing specific file-sharing services for your organizational data is a good idea, as is ensuring users are trained in how to use them (and what NOT to do).
https://arstechnica.com/security/2017/05/dont-trust-oauth-why-the-google-docs-worm-was-so-convincing/https://…

World Password Day?

In honor of "World Password Day," we're providing some thoughts and tips to improving the security of the passwords you use. For better or worse (and in many cases it's definitely worse), passwords are still the primary authentication mechanism we use to control access to most computing resources. While multi-factor authentication is becoming more common (and it's a great thing to use if you can), much of our digital life still depends on the humble password.


Really I don't even like the name, "World Password Day," because I'm trying to get people to think of them as "passphrases" -- as in multiple words separated by spaces, meaning quite a bit longer than we are used to using. A natural-languge phrase is easy to type, easy to remember, and (if it's long enough) very difficult to guess or crack. When I say long, you should be thinking at least 15 characters long. Remember, spaces are characters, too!


Here are our key tips to make y…

Weekly Infosec News Brief: 27 Mar-2 Apr 2017

Unpatched Vulnerability in Microsoft IIS 6.0 Web Services Announced A serious vulnerability in Microsoft Internet Information Server (IIS) 6.0 was publicized last week when someone posted proof-of-concept exploit code to GitHub. The vulnerability was apparently known to some hacker groups previously, and has been exploited in attacks since last summer, but its existence was not well-known and the ability to exploit it was not widespread. IIS 6.0 runs on Windows 2003 Server, which is no longer supported by Microsoft, so no patch for this flaw is expected to be released. Still, there are hundreds of thousands of publicly-accessible websites still running on IIS 6.0, so this is a serious issue.
Critical Vulnerability Discovered in IIS 6.0 Web Services VMWare Issues Patches for Critical VM-Escape Flaws in Multiple Products Since virtual computing technology was popularized in the 2000s, the greatest security concern has been the possibility of "virtual machine escape," or the ab…