Compensating Security Controls for Windows Server 2003 Security

JON OLTSIK | April 26, 2016

article image
It is common knowledge by now that Microsoft will end-of-life Windows Server 2003 as of July 14, 2015 and no longer provide software maintenance or support. Trend Micro’s Deep Security product can be helpful here by providing network, system and anti-malware security controls across physical, virtual, and cloud systems running W2K3.

Spotlight

SecurityXploded

SecurityXploded is a popular Infosec Research & Development Organization offering FREE Security Softwares, latest Research Articles and FREE Training on Reverse Engineering & Malware Analysis. So far it has published 50+ research articles and 100+ FREE security softwares. Most of these softwares have been listed and received top awards from leading download sites including Softpedia, BrotherSoft etc.

OTHER ARTICLES

Cybersecurity Must Be Embedded in Every Aspect of Government Technology

Article | March 17, 2020

Cybersecurity has never been more important for every level of our government. The hacking attempts at major federal agencies have raised the profile of nefarious actors who use their highly advanced cyber skills to exploit both security and the vulnerabilities created by human error. Just last month, the Department of Defense confirmed that computer systems controlled by the Defense Information Systems Agency had been hacked, exposing the personal data of about 200,000 people. Additionally, the Department of Justice recently charged four members of the Chinese military for their roles in the 2017 Equifax breach that exposed the information of 145 million Americans. The hackers were accused of exploiting software vulnerability to gain access to Equifax’s computers. They are charged with obtaining log-in credentials that they used to navigate databases and review records.

Read More

Here’s What Universities Need to Know About Cyber-Attacks

Article | June 1, 2021

Over the last year, the education delivery model has changed rapidly. Universities have learnt to operate entirely remotely and now that learning may resume in person, a hybrid education model will likely continue. The transition from physical to online models happened so quickly that it left many IT networks exposed to serious harm from outside forces. With a hybrid model, there is likely a widening attack surface area. A recent spate of attacks suggests that cyber-criminals are taking notice of the seemingly infinite weaknesses in learning centers defenses. But why? One of the primary reasons is that universities operate large corporate-sized networks, but without the budgets to match. Add to that, teachers and students aren’t given training to use and connect their technology in a safe way. To avoid falling victim to devastating cyber-attacks which often have dire consequences, we share three lessons universities need to quickly take on board. Your Research is Valuable to Cyber-Criminals There is a hefty price tag on some of the research conducted by universities, which makes it particularly attractive to cyber-criminals. The University of Oxford’s Division of Structural Biology was targeted in February by hackers snooping around, potentially in search of information about the vaccine the university has worked on with AstraZeneca. It’s not just gangs of cyber-criminals targeting research facilities, last year Russian state backed hackers were accused by official sources in the US, UK and Canada of trying to steal COVID-19 vaccine and treatment research. With world-leading research hidden in the networks of universities, its unsurprising that last year over half (54%) of universities surveyed said that they had reported a breach to the ICO (Information Commissioner’s Office). The research conducted by many UK universities makes them an attractive target for financially motivated cyber-criminals and state-sponsored hackers in search of valuable intellectual property. To add insult to injury, ransomware attackers are doubling their opportunity for pay off by selling off the stolen information to the highest bidder, causing a serious headache for the victims while potentially increasing the value of their pay-out. Personal Information of Students and Staff Can Easily Fall into the Wrong Hands Based on tests of UK university defenses, hackers were able to obtain ‘high-value’ data within two hours in every case. In many cases, successful cyber-attacks are followed by not only a ransom note demanding payment for the recovery of frozen or stolen data, but also the added threat of sharing any sensitive stolen information with the public.

Read More

A Closer Look at the Microsoft Exchange Server Cyberattacks

Article | May 13, 2021

We recently posted an article that highlighted the high-profile Microsoft Exchange hack that impacted hundreds of thousands of organizations across the globe. (This article offered some recommendations on how this could have been avoided as well as a special three-month offer to help any company who may have been affected.) Since this cyber attack, even more details are emerging. For example, the White House recently urged victims to quickly patch applications and systems and pushed for them to do it as quickly as possible. One senior administration official emphasized that the window to update these systems could be measured in hours, not even days.

Read More

Ryuk: Defending Against This Increasingly Busy Ransomware Family

Article | February 12, 2020

On December 16, 2019, the U.S. Coast Guard disclosed a security incident at a facility regulated by the Maritime Transportation Security Act (MTSA). Forensic analysis suggests that the incident might have begun when an employee clicked on a link embedded in a phishing email.This action enabled a threat actor to set Ryuk ransomware loose on the facility’s network. Ultimately, the infection spread to all IT network files, leading Ryuk to disrupt the corporate IT network and prevent critical process control monitoring systems from functioning properly. Phishing is one of the primary infection vectors for most ransomware families, but there’s an interesting twist with this particular family. As noted by Malwarebytes, a typical Ryuk attack begins when a user opens a weaponized Microsoft Office document attached to a phishing email. Opening the document causes a malicious macro to execute a PowerShell command that attempts to download the banking trojan Emotet. This has the ability to download additional malware onto an infected machine that retrieves and executes Trickbot.

Read More

Spotlight

SecurityXploded

SecurityXploded is a popular Infosec Research & Development Organization offering FREE Security Softwares, latest Research Articles and FREE Training on Reverse Engineering & Malware Analysis. So far it has published 50+ research articles and 100+ FREE security softwares. Most of these softwares have been listed and received top awards from leading download sites including Softpedia, BrotherSoft etc.

Events