Thursday, 20 November 2014

Enhancing your cyber defence through a physical security assessment

Physical Security Assessments can be viewed as a penetration test against the physical infrastructure of an organisation. Instead of the assessment of computer networks and services, buildings and physical locations are being assessed. During this type of assessment the overall physical security of the location of a building, the facilities and the access controls are in scope. Physical security is often overlooked and the consequences of a physical breach can have the same impact as a computer breach.


Monday, 10 November 2014

Vulnerability Scanners you should know about

The discovery and patching of security vulnerabilities can be a very difficult and a time-consuming task, especially without the use of a proper vulnerability scanner. 

The following, is a list of the most well-known vulnerability scanners currently available in the market. A security consultant should spend some time to familiarise himself/herself with these scanners. Find the scanner that is most suitable for your needs and use it to scan your network infrastructure for security vulnerabilities. Go through the reports these scanners generate and engage in remediating the vulnerabilities discovered. This can be an invaluable experience when it comes to becoming able to understand security issues affecting large network infrastructures. 

Some of these scanner can be used under a free license for personal use. 

01) Nessushttp://bit.ly/1prtrZ3

02) Nexposehttp://bit.ly/1NHBSML

03) CORE Impact Pro - http://bit.ly/19e7dWC

04) OpenVAShttp://bit.ly/1NHCdPy

05) QualysGuardhttp://bit.ly/1MUn52l

06) MBSA (Microsoft Baseline Security Analyser) - http://bit.ly/1MJ2NCE

07) Secunia PSIhttp://bit.ly/1iiTjGR

08) Retinahttp://bit.ly/1MBNHzo

09) Acunetix - http://bit.ly/1PA8rfA

10) SAINTscannerhttp://bit.ly/1RLtB9A

11) GFI Lan Guardhttp://bit.ly/1RLt8V2

If you know of a vulnerability scanner that you have used and it is worth mentioning here, let me know and I will add it to the list. 

Wednesday, 15 October 2014

POODLE SSLv3 Vulnerability

Bodo Möller, Thai Duong and Krzysztof Kotowicz from Google who discovered this, released a security advisory which you can find on OpenSSL website [2]. 
The Padding Oracle On Downgraded Legacy Encryption aka #POODLE vulnerability, has already a good write-up [1]. Jesper Jurcenoks explains the vulnerability on his blog [3] in a very detailed manner but at the same time, easy to understand. I am happy to see that Jesper used for his blog-post the logo I made for the poople vulnerability! :) Also, if you are thirsty for more technical details, you should also read this blog-post from ImperialViolet [4]. If you want to see some statistics on how vulnerable we are today in regards to this, you should read this article on netcraft [5]. The following post outlines the steps on how to disable SSLv3 [6]. If you wanna do a quick test and see if your browser supports SSLv3 regarding the poodle vulnerability, then you can visit: www.poodletest.comOn the other hand, www.howsmyssl.com can provide some useful information about the SSL/TLS client you used to render its page. Last but not least, if you need to a server given its domain name for this vulnerability, you may use www.poodlescan.com

CVE­-2014-­3566 has been allocated for this protocol vulnerability.

I had an idea for a logo for this vulnerability which I posted on twitter when the vulnerability came out and I would like to share it with you. We are trying to ditch SSLv3 for quite some time now, the logo had to look a little bit old style, retro and maybe vintage. Let me know what you think. ( you are free to use this logo, it would be nice if you reference it with: @drgfragkos )



Do you want to test manually?
Use this command: 
openssl s_client -connect google.com:443 -ssl3
If the handshake fails then the server doesn't support SSLv3 

Sunday, 12 October 2014

Backdoors on Web Applications

There are different types of backdoors being used and deployed, depending on what kind of system/service is being targeted, how stealth it needs to be and how persistent. In this instance, we are discussing backdoors being uploaded through Web Applications to your Web Server, in order to provide access to unauthorised third-parties. 

Wednesday, 1 October 2014

MasterCard Global Risk Management Conference in Ireland

I was very excited to be invited by MasterCard EU (@MasterCardEU) to participate in a discussion panel during the Global Risk Management Conference #GlobalRisk [1] which took place in Ireland this year. Sysnet (@Sysnetgs) published an article regarding the event [2] on their blog. 

A variety of talks and presentations about the security of transactions, fraud, micro-payments, biometrics and trends in CyberCrime made the conference extremely interesting. MasterCard wanted to explore the increasing scope, scale, and complexity of cyber crime impacting the industry. After the recent events regarding breaches, the latest trends, and new attack vectors that criminals are employing, it is an opportunity to discuss and share lessons learned and best practices to impede Cyber Crime.