CoreSight - leading Australian security - CoreSight - leading Australian security

SAP NetWeaver Vulnerability - Fix or Secure?

The recent disclosure that thousands of Internet-facing SAP NetWeaver implementations are vulnerable to severe compromises will no doubt send some admins scurrying to their security team.

But the release of this information raises a question - is it preferable to fix each vulnerability or secure the environment? We definitely lean to the latter, but see much of the former (and also are sympathetic to some of the reasons why this occurs). In this instance with the SAP NetWeaver vulnerability one of the frustrating things if trying to fix the vulnerability is that without access to the code you are completely dependent on a fix being provided by the vendor. And this is similar for just about any off the shelf web applications. (It also applies to databases - think the Oracle vulnerabilities).

Imperva Q1 2011 Web Application Attack Report

Imperva's most recent report on web application attacks found that on average these applications were attacked around 27 times per hour.

Across the Internet between December 2010 and May 2011, Imperva discovered and categorised more than 10 million individual attacks targeting both business and government sites. The majority of these were automated attacks - and on average web applications under automated attacks received an up to 25,000 attacks an hour - or 7 attacks each second.

BeyondTrust Plans DLP Boost to Windows User Privilege Management Following a strategic acquisition, CoreSight partners BeyondTrust recently announced the forthcoming PowerBroker Desktops DLP Edition, to help organisations filter and contain sensitive data. John Mutch, CEO at BeyondTrust stated, “The acquisition of GentleSecurity and the launch of our PowerBroker Desktop DLP solution add a very important technology to our vision of securing the perimeter within.” The existing version of PowerBroker Desktops has seen significant interest in the Australian market with a number of clients taking advantage of capability to remove administrator rights from Windows PCs. Rather than enhancing security and control at the expense of productivity, PowerBroker Desktops allows end users to remain productive by elevating privileges for applications, software installs, system tasks, scripts, control panel applets and more. Read more...	RSA SecurID – Three BIG Questions Well there’s plenty of RSA in the news at the moment and this is – unashamedly – one more. But with a little twist. Whilst only time will tell us the details of the breach, we take a look below at not only authentication but some of the wider issues the RSA breach highlights. What is this beast? Our guess – SecurID client information has been compromised, possibly along with information about token serial numbers, seed records, and details of which client is associated with each token. Why do we suspect this? Read more...
WikiLeaks – A Message for the Execs Hi [name] ... because of WikiLeaks you need to …. (insert self-serving statement here). OK, we’re a little cynical, but there's been quite a few emails starting similar to the line above about.. But what we do think is that WikiLeaks presents a great opportunity to sell IT security to the ‘executive suite’. WikiLeaks is undoubtedly high profile, and (most!) executives can easily make the mental leap to their sensitive data. We reckon it’s an opportune time to hammer home a few key points to the exec team: Data leakage happens all the time, sometimes without the organisation’s knowledge. This one just happens to be very public! There is a criminal marketplace for the trade of personally identifiable information, financial records and so on. Data can escape by numerous means including human error, theft or fraud from inside or out, or in an automated fashion via malware and bots. Whilst your IT security team probably can’t thwart all attempts to get at sensitive information, through vigilance and quick reactions the damage can be greatly minimised. So what’s the potential payoff for you, assuming you can get some exec recognition of these points? Read more...	Cricket Victoria use BeyondTrust Cricket Victoria recently made some headlines around their use of the BeyondTrust PowerBroker for Windows Desktops product, with an article published in CIO Magazine. The partnership between BeyondTrust and CoreSight - whilst relatively new - is proving effective, as clients such as Cricket Victoria prove. Rebecca Brown, IT Manager at Cricket Victoria said of the (Windows Desktops) product, “Rolling it out took about 48 hours. All we had to do was make sure everyone who checks in on the network upgraded to the software via our group policies. The length of the rollout has been more about removing administrator privileges than installing the PowerBroker Software. To get an understanding of how you can remove local user admin rights - and still give users the capabilities they need, then access more resources via this site, or at the BeyondTrust site.
MarketScope for Enterprise Single Sign-On 2010 Gartner MarketScope for Enterprise Single Sign-On Report The business case for implementing enterprise single sign-on (ESSO) has solidified. Factors driving ESSO implementations are high password-related help desk costs and the need for shared workstation support in clinical environments. However, improved user convenience is usually the most deeply seated need. In September, Gartner released the 2010 Gartner MarketScope for Enterprise Single Sign-On. This report provides up-to-date ratings for vendors such as Microsoft Sentillion, Passlogix, IBM, Evidian, Novell and Imprivata. SSO vendors are evaluated on critical decision making criteria such as product offerings, pricing, company viability and customer experience. Read more...	From Least Privilege to Best Privilege on your Windows Desktops By Darren Mar-Elia, Microsoft Group Policy MVP Long-time Windows engineer and current Microsoft Group Policy MVP, Darren Mar-Elia, knows balancing the needs of the user with the needs of security folks has always been a huge challenge. Users want access to everything, all the time—they want to be able to browse anywhere and install any software they find to get their job done. On the other side, the security folks want to protect an organisation’s assets—be they customer information, intellectual property or the ability to sell a product. These seemingly incongruous needs often come to a head on the Windows desktop, which is the main entry point for the user into an enterprise network. In his new whitepaper, From Least Privilege to Best Privilege on your Windows Desktops, released October 2010, Dr Mar-Elia examines this age-old struggle and will help you understand how you can find the right balance “Best Privilege.”
Driving Profitability through Information Security Astaro eBook aimed at increasing productivity in your workforce CoreSight partner, Astaro Corporation have released an eBook titled “Driving Profitability through Information Security”. The eBook, wriiten and published by Astaro, describes how organisations can use information security to increase productivity and profitability is available here. It provides tips for using content filtering, VPN connections and protecting a company’s reputation, all of which can impact an organisation’s profits. "Most organisations realise that it is necessary to secure their networks, but what many do not realise is that the same tools that stop spam and block hackers can also be used to increase profits," said Bob Darabant, Vice President Americas, Astaro Corporation. "When organisations use security tools to their full potential they can help make employees more productive and the organisation will be more efficient resulting in higher profits." Read more...	VASCO advises schools to secure their online platforms Schools and universities are increasingly using online platforms to distribute and exchange information, such as course documents and online exams. These same online platforms also serve as an administrative tool, containing personal data on students and staff. CoreSight partner, VASCO Data Security, a leading software security company specialising in authentication products, has recently urged schools and universities as well as their students to be more careful and aware of security issues when using online platforms for educational purposes. Today, many students use their own PC or laptops, or those supplied by the educational institution to access course materials such as PowerPoint presentations or texts eliminating the need to disseminate paper versions in class. Students are able to examine these documents or print them anywhere and anytime. The same way, students can submit their assignments and papers on the Internet. These online platforms provide a strong administrative tool, collecting data on students and teachers alike from tasks such as changing a personal address, selecting course preferences, grading, submitting expense reports or booking resources. Read more...
Attachmate Reflection Standard Suite 2011 Helping Organisations Seamlessly Integrate Mainframe Access From Windows 7 Attachmate Corporation has announced the availability of Attachmate Reflection Standard Suite 2011. This next-generation terminal emulation software securely connects browser and Windows-platform users to legacy applications to help organisations manage enterprise IT complexities, standardise on a single host connectivity solution and confidently migrate to Microsoft Windows 7. Reflection 2011 includes unparalleled support for modern operating environments and virtualisation technologies, and leverages key Microsoft Windows 7 and Office 2010 productivity features. Attachmate's solutions have earned the Compatible with Microsoft Windows 7 logo, demonstrating its applications are designed and tested specifically for Windows 7, reducing application conflicts and instilling organisations with confidence as they migrate to Windows 7. Read more...	Imperva Launches Hacker Intelligence Initiative Two New Hacking Schemes Uncovered Using Surveillance & Hack-Back Techniques Leading data security specialist, Imperva, recently announced a research effort aimed at better understanding cyber criminal conduct, large scale cyber attacks and the evolution of underground cyber crime. The research unvailed as Hacker Intelligence Inititaive (HII) "will help uncover the trends, techniques and tactics utilised by today’s cybercriminals" says Imperva CTO, Amichai Shulman. "Modern cyber defenses need to keep pace with this growing industry and our intelligence initiative will help uncover the trends, techniques and tactics utilised by today’s cybercriminals.” Imperva's HII researchers will conduct and release research on attacks as they are uncovered. Read more...