ES Episode24

From Paul's Security Weekly
Jump to: navigation, search

Episode Audio

Enterprise Security Announcements

ITPro.TV Annoucenment: "Quick announcement, ITProTV has updated their course library to include:

CompTIA Project+ DNS Tech Skills CyberPatriot Training CyberSecurity Analyst+ Installation, Storage, and Compute with Windows Server 2016 Networking with Server 2016

  • Mention the Online Survey


Enterprise Security News

  1. SecureAuths new security feature aims to protect careless mobile users - Interesting: Instead of displaying a confirmation button in sign-in alerts, the patent-pending system generates a set of random characters similar to the image-based CAPTCHA test used by websites use to combat bots. A reference image then appears on the login screen of the service that is being accessed. Users must select the matching character in the alert to authorize the access attempt, which they can’t do if the login screen was opened by someone else.
  2. Gurucul CEO Named Female Entrepreneur of the Year - Saryu Nayyar Receives Bronze in the 2016 Stevie® Awards for Women in Business Pretty cool, I've met her, and really appluad what Gurucul has accomplished in this space under her leadership.
  3. Splunk Extends Reach into AWS - There is a free service and a $3 / month version: The latest version of Splunk App for AWS provides access to enhanced dashboards, billing insights into multiple types of AWS instances, and integrated machine learning algorithms that identify cost optimization opportunities as well as potential security issues.
  4. Palo Alto Networks automates cloud security deployment on Amazon Web Services - This is a mouthful: Using a combination of AWS Lambda, CloudFormation Templates, and Amazon CloudWatch services, along with bootstrapping and XML API automation features supported by the VM-Series, joint customers can now automatically scale the cyber breach prevention capabilities of the Palo Alto Networks Next-Generation Security Platform as their AWS workload demands fluctuate.
  5. The Cybersecurity Skills Shortage: Threat AND Opportunity for IT? - This is important advice for enterprises: The right combination of skills, technologies, and processes can maximize the business value of the skills already in place at your organization. That combination can also help your organization to deal with any difficulties in expanding your cybersecurity team, by instead expanding the reach of the people you already have and the knowledge and experience they possess.
  6. OneLogin Delivers First-Ever Multi-Environment AWS User Resource Provisioning - announced the industry’s first multi-account, multi-role single sign-on solution for Amazon Web Services (AWS) access management. This further secures AWS environments by enabling cloud development and operations teams to access AWS resources using least privileged access — even for complex environments consisting of many accounts and roles. Could this be displaced by Amazon creating its own single-sign on and account management platform? or will Amazon just buy one of the players in the space?

Technical Applications:

How do we defend against attackers successfully exploiting:

  1. Weak Domain User Passwords
  2. Broadcast Name Resolution Poisoning (aka WPAD attacks)
  3. Local Administrator Attacks (aka Pass the Hash)
  4. Cleartext Passwords Found in Memory (Mimikatz)
  5. Insufficient Network Access Controls

Reference: http://www3.praetorian.com/how-to-dramatically-improve-corporate-IT-security-without-spending-millions-report.html