From Paul's Security Weekly
Enterprise Security Weekly #88
Recorded April 25, 2018 at G-Unit Studios in Rhode Island!
- Go to itpro.tv/securityweekly and use the code Secweekly30 to try it FREE for 7 days, and receive 30% off your monthly membership for the lifetime of your active subscription.
- Check out our On-Demand material! Some of our previously recorded webcasts are now available On-Demand at: securityweekly.com/ondemand.
- Check out SOURCE Boston 2018 from May 9th - 10th! Go to sourceconference.com and register using the code SW75WMKW to get a $75 discount!
Interview: Eddy Bobritsky and Lenny, Minerva Labs
Tech Segment: Eyal Neemany, Javelin Networks
1) Recon to map the domain forest trusts
2) Recon to hunt cross-domain admins
3) Stealing credentials of the cross-domain admins
4) Lateral Movement and compromising of additional domains.
The topic for this discussion will be about how we can improve testing for endpoint security solutions. There are two different levels of testing:
- Testing solutions during an evaluation stage
- Testing deployed solutions to ensure they are working and monitoring the gaps in coverage
- RSA Spotlight: VMware And Sophos Discuss Latest Innovations - VMware is continuing to build its name in the security space with updates to its AppDefense application, a product that protects workloads by monitoring them against their intended state. AppDefense initially supported applications running on vSphere-based virtualized and cloud environments, and has now been expanded to containers.
- Tackle Five Top Security Operations Challenges With Threat Intelligence - More than 80 percent of cybersecurity professionals polled by SANS (PDF) say that threat intelligence is providing them value. Most organizations are seeing value simply by aggregating massive volumes of global threat data into a central repository for sharing.
- Fortinet receives recommended rating in NSS Labs latest advanced endpoint protection test report - Highly skeptical, and not of Fortinet, but how the tests were conducted: In this year’s test, which included a record 20 vendors, FortiClient demonstrated a 100% block rate on exploits, document and script-based malware, as well as web and offline threats, with zero false positives
- Showcases Latest Products to Protect Data Security at IP Expo Manchester - latest products and features built on the Varonis Data Security Platform, including Varonis Edge, which extends data security from the core to the perimeter by analyzing devices such as DNS, VPN, and web proxies to detect security events, such as brute-force attacks, DNS tunnelling and credential stuffing.
- Twitter bans Kaspersky Lab from advertising on its platform
- SANS Experts Share Five Most Dangerous New Attack Techniques - The five threats outlined are: 1. Repositories and Cloud Storage Data Leakage 2. Big Data Analytics, De-Anonymization, and Correlation 3. Attackers Monetize Compromised Systems Using Crypto Coin Miners 4. Recognition of Hardware Flaws 5. More Malware and Attacks Disrupting ICS and Utilities Instead of Seeking Profit
- WinMagic survey Finds Most Companies Wont be Ready for EU GDPR Legislation on 25th May - Only half (51%) of companies say they have all the systems in place that will allow them to remove EU Citizen data from servers upon the request, including back-ups, in accordance with Articles 16 & 17 of GDPR. Worryingly, a fifth (21%) do not yet have any systems in place.
- Survey: Endpoints Still Vulnerable to Breaches Despite Advancements in Antivirus Technologies - Minerva Labs announced the results of a survey of 600 IT security professionals which found endpoint security solutions are failing to provide adequate protections to address today’s security threats, specifically malware. A majority of the respondents surveyed indicated a heightened concern of a major malware breach in the coming year and acknowledged that they require more than an antivirus (AV) solution on the endpoint to combat the rising threat.
- Oracle NetSuite Looks to Bring AI to SMBs