Skip to main content

Network Monitoring News - Dec 2016

IP Cameras - Update Camera Firmware now.
In a blog post published today, Austrian security firm SEC Consult said it found two apparent backdoor accounts in Sony IPELA Engine IP Cameras — devices mainly used by enterprises and authorities. According to SEC Consult, the two previously undocumented user accounts — named "primana" and "debug" — could be used by remote attackers to commandeer the Web server built into these devices, and then to enable "telnet" on them.

Network Monitoring News - Nov 2016

Nymaim Malware Targets High-Level Managers
A new version of the Nymaim malware family targets high-level managers with attached malicious Word documents and installs ransomware and banking trojans on their machines. Services like ContentCatcher Detonator are a must have, where email attachments are executed in a safe environment so their activity can be reviewed and intentions verified. This puts information about the attachment into the hands of your company's security administrator. Educating your end users is also an essential safety measure.

Network Monitoring News - Aug 2016

Windows 20 Year Patch
Microsoft has finally patched MS16-087. Simply put, Windows does not check/validate the driver it installs when it connects to a new printer. Since printer drivers are installed with full system rights you can see why this could be a problem. If an attacker takes control of or emulates a network/internet printer they can push just about any malicious code they like to the end users machine and gain full administrator access.

Network Monitoring News - July 2016

Symantec and Norton Antivirus
If you are running Symantec and Norton Antivirus you will need to patch your systems immediately as all products contain multiple vulnerabilities. Exploitation of these products could allow hackers to take complete control of your systems. A total of 24 products are affected across all platforms.

Symantec has released patches and hotfixes which should be deployed as quickly as possible. The ease of attack and the popularity of Symantec products will make this a very popular target.

Network Monitoring News - June 2016

Network Segmentation
As we build out our networks, we should start thinking about how to properly segment users and assets. Segmenting networks has been best practice for a long time now, but is rarely implemented. With the new normal of malware, we can greatly reduce our attack surface by limiting exposure to our critical systems. This also allows us to focus monitoring efforts where they will be most effective.

Flat networks are simple and have little management overhead, but this comes at a cost. Flat networks offer little protection as well.

Network Monitoring News - May 2016

Threat Report
"Most organizations today rely on the walls and moats of yesteryear, thinking they are defending against catapults and cannons, while the attackers are instead using drones and highly targeted stealth technology." HPE 2016 Cyber Risk Report is spot on. Firewalls and Antivirus are old technology. They just cannot do the job by themselves any longer. Unfortunately, this is all many of us have as far as network security is concerned.

Network Monitoring News - Apr 2016

Business Disruption
There seems to be a shift in attack methodology. Years ago, attackers wanted it known that they hacked your company. It was a feather in their cap. The last few years we have been dealing with low and slow attacks with hackers trying to remain hidden and maintain access for as long as possible so they could steal as much intellectual property as possible. It appears now that attackers are moving back to making their hacks very public. The main difference now is that they are motivated by money, not the recognition.