Security Software & Tools Tips – March 2019

In this monthly post, we try to make you aware of five different security related products.
This is a repost from my personal website Ulyaoth

This month we have chosen for the following:
* Venom
* Nishang
* Kautilya
* Burp Suite
* MISP

Venom

Information from the Venom website:

Venom is a multi-hop proxy tool developed for penetration testers using Go. You can use venom to easily proxy network traffic to a multi-layer intranet, and easily manage intranet nodes.

Website:

https://github.com/Dliv3/Venom

Nishang

Information from the Nishang website:

Nishang is a framework and collection of scripts and payloads which enables usage of PowerShell for offensive security, penetration testing and red teaming. Nishang is useful during all phases of penetration testing,

Website:

https://github.com/samratashok/nishang

Kautilya

Information from the Kautilya website:

Kautilya is a toolkit which provides various payloads for a Human Interface Device which may help in breaking in a computer during penetration tests.

Website:

https://github.com/samratashok/Kautilya

Burp Suite

Information from the Burp Suite website:

Burp Suite is the leading software for web security testing_
Thousands of organizations use Burp Suite to find security exposures before it’s too late. By using cutting-edge scanning technology, you can identify the very latest vulnerabilities. Our researchers frequently uncover brand new vulnerability classes that Burp is the first to report. Burp Suite constantly raises the bar of what security testing is able to achieve.

Website:

https://portswigger.net/

MISP

Information from the MISP website:

MISP – Open Source Threat Intelligence Platform & Open Standards For Threat Information Sharing.

Website:

https://www.misp-project.org/

Photo by Jordan Harrison on Unsplash

Windows Zero-Day Emerges in Active Exploits

This blog post is a summary of this week’s Information Security News put together by our Security Incident Response Team (SIRT).

A just-patched vulnerability in the Windows operating system that was previously unknown up until last week is being actively exploited in the wild; it opens the door for full system takeover.

Discovered by Vasily Berdnikov and Boris Larin of Kaspersky Lab on St. Patrick’s Day this year, the flaw (CVE-2019-0859) is a use-after-free issue in the Windows kernel that allows local privilege escalation (LPE). It’s being used in advanced persistent threat (APT) campaigns, the researchers said, targeting 64-bit versions of Windows (from Windows 7 to older builds of Windows 10).

Read more

Top 5 Security News

This DDoS Attack Unleashed the Most Packets Per Second Ever. Here’s Why That’s Important.

DNS Hijacking Abuses Trust In Core Internet Service

OEM Presentation Platform Vulnerabilities

TinyPOS: Handcrafted Malware in Assembly Code

World Password Day – what (NOT!) to do

WHEN BUSINESS CONTINUITY IS KEY

Semantix, Scandinavia’s largest language company, chose Basefarm as their managed service provider to manage their business critical applications. High availability, security expertise and flexible solutions were on the wish list during the procurement process.

“Basefarm presented an ability to handle the criteria we had, while also having the operational capacity to match the size of Semantix. Besides having the technical know-how and the financial stability, they are able to deliver flexible and specialized solutions,” says Mats Zetterberg, IT Operations Manager at Semantix.

Read the whole customer case here – Semantix customer case 

Want to know more about Basefarm and what we can offer you?

Basefarm – Complete Service Responsibility 

Security Software & Tools Tips – May 2019

In this monthly post, we try to make you aware of five different security related products.
This is a repost from my personal website Ulyaoth

This month we have chosen for the following:
*
angr
* Brakeman
* Moloch
* OSXCollector
* Zeek

angr

Information from the angr website:

angr is a python framework for analyzing binaries. It combines both static and dynamic symbolic (“concolic”) analysis, making it applicable to a variety of tasks.

Website:

https://angr.io/

Brakeman

Information from the Brakeman website:

Brakeman is a security scanner for Ruby on Rails applications. Unlike many web security scanners, Brakeman looks at the source code of your application. This means you do not need to set up your whole application stack to use it. Once Brakeman scans the application code, it produces a report of all security issues it has found.

Website:

https://brakemanscanner.org/

Moloch

Information from the Moloch website:

Moloch augments your current security infrastructure to store and index network traffic in standard PCAP format, providing fast, indexed access. An intuitive and simple web interface is provided for PCAP browsing, searching, and exporting. Moloch exposes APIs which allow for PCAP data and JSON formatted session data to be downloaded and consumed directly. Moloch stores and exports all packets in standard PCAP format, allowing you to also use your favorite PCAP ingesting tools, such as wireshark, during your analysis workflow.

Website:

https://molo.ch/

OSXCollector

Information from the OSXCollector website:

OSXCollector is a forensic evidence collection & analysis toolkit for OSX.

Website:

https://yelp.github.io/osxcollector/

Zeek

Information from the Zeek website:

Zeek is a powerful network analysis framework that is much different from the typical IDS you may know. While focusing on network security monitoring, Zeek provides a comprehensive platform for more general network traffic analysis as well. Well grounded in more than 20 years of research, Zeek has successfully bridged the traditional gap between academia and operations since its inception. Today, it is relied upon operationally by both major companies and numerous many educational and scientific institutions for securing their cyberinfrastructure.

Website:

https://www.zeek.org/

Image by methodshop from Pixabay

New Initiative Aims to Fast-Track Women into Cybersecurity Careers

This blog post is a summary of this week’s Information Security News put together by our Security Incident Response Team (SIRT).

A new professional development initiative will give 100 women the opportunity to revamp their careers and prepare for new roles in cybersecurity in only 100 days…

Read more

 

Top 5 Security News

What’s Behind the Wolters Kluwer Tax Outage?

Avoid a Security Endgame: Learn About the Latest “Avengers” Scam

Critical Flaw in Cisco Elastic Services Controller Allows Full System Takeove

Turla LightNeuron: An email too far

Hackers steal US$41 million worth of Bitcoin from cryptocurrency exchange

Image by Gerd Altmann from Pixabay

IOT specialist IIOX adopts Flexible Engine for business agility in the cloud

Leading industrial IoT platform developer IIOX has selected Flexible Engine, the public cloud service from Orange Business Services, for its global expansion and to avoid vendor lock-in.
Headquartered in Sweden, the IIOX cloud-based platform collects, harmonizes, aggregates and distributes machine data in real time, turning data into useful insight and knowledge. Its customers include energy supplier E.ON and companies in automatic meter reading and the agricultural sector.

IIOX has been a Basefarm customer for a number of years and has been extremely satisfied with the quality of the service delivery. But with its contract up for renewal and the recent acquisition of Basefarm by Orange Business Services, the company was open to a new solution that would support its expansion plans. Up until this point, IIOX had a server infrastructure from Basefarm, which was managed in-house and could not scale geographically.

IIOX was looking for a secure, scalable, fully-managed platform that supported a container orchestration system, having redesigned their applications to use Kubernetes. It also wanted to avoid any vendor lock-in or upfront costs.

At the same time, they wanted to move to a fully managed system, so they could concentrate on their core business and not have to worry about retaining in-house skills. They tried Flexible Engine, our innovative solution based on OpenStack, and they liked its flexibility, scalability and security features.

IIOX is starting its Flexible Engine deployment in Europe, with plans to deploy to other regions. Basefarm is managing the local initiative in the Nordics, with Orange Business Services providing global support. As well as Flexible Engine services, such as Kubernetes and Apache Kafka stream processing, there will also be a fully-managed Cassandra distributed database from Orange Business Services.

This will work around the pay-as-you-go model that IIOX was looking for. Orange Business Services also reassured IIOX regarding compliance that could arise from globalizing the solution.

Avoiding vendor lock-in

Designed to help migrate applications to the cloud, Flexible Engine is based on OpenStack technology and public cloud services infrastructure.

As the cloud market consolidates, vendor lock-in is a growing concern for enterprises, according to IDC’s information technology predictions for 2019. IDC believes that as part of this trend, enterprises will look for providers that can integrate multi-cloud services. OpenStack, unlike Amazon AWS or Microsoft Azure, supports a number of proprietary technologies and can successfully operate in bare metal and hypervisor environments.

When it comes to OpenStack and Kubernetes – they are seen as a great match. According to Openstack.org, OpenStack now runs the largest number of enterprise network and storage systems, allowing containers to be seamlessly integrated into the enterprise environment.

IIOX is on trend. Enterprise interest in the applications container market continues to grow, driven by enterprises looking to manage infrastructures more efficiently and meet their digital transformation goals on time. 451 Research believes the applications container market will hit more than $2.1 billion this year and more than $4.3 billion in 2022.

Moving forward

IIOX is one of the first joint deals for Orange Business Services and Basefarm, highlighting the large portfolio of services directly through a console pay-as-you-go mode. At the same time, it underscores the power of local control and global reach that will support IIOX in its ambitious expansion plans as the industry appeal of IoT rapidly accelerates.


Joakim Karlsson

Joakim Karlsson, based in Stockholm, Sweden, is the Business Development Manager covering Cloud Business in the Nordic region. He has been in the IT industry for 20 years – nine of those years at Microsoft – and his extensive experience is an asset in helping Orange customers navigate the cloud domain. In his spare time, Joakim likes to golf, play paddle tennis and spend time with his family and friends.

Secretary General gives keynote speech on NATO’s adaption to cyber threats

This blog post is a summary of this week’s Information Security News put together by our Security Incident Response Team (SIRT).

“Cyber attacks are becoming more frequent, more complex and more destructive. From low-level attempts to technologically sophisticated attacks. They come from states, and non-state actors. From close to home and from very far away. And they affect each and every one of us.” said the NATO Secretary General Jens Stoltenberg at the Cyber Defence Pledge Conference, London yesterday.

Read more

 

Top 5 Security News

UK provided evidence to 16 NATO allies of Russia hacking campaigns

Core Elastic Stack Security Features Now Available For Free Users As Well

Google Stored G Suite Users’ Passwords in Plain-Text for 14 Years

Hacker Disclosed 4 New Microsoft Zero-Day Exploits in Last 24 Hours

Tor Browser for Android is available through the Play Store

 

 

Security Software & Tools Tips – June 2019

In this monthly post, we try to make you aware of five different security related products.
This is a repost from my personal website Ulyaoth

This month we have chosen for the following:
* Attack Surface Analyzer
* Bandit
* Infection Monkey
* NetSpot
* Splunk

Attack Surface Analyzer

Information from the Attack Surface Analyzer website:

Attack Surface Analyzer is a Microsoft-developed open source security tool that analyzes the attack surface of a target system and reports on potential security vulnerabilities introduced during the installation of software or system misconfiguration.

Website:

https://github.com/microsoft/AttackSurfaceAnalyzer

Bandit

Information from the Bandit website:

Bandit is a tool designed to find common security issues in Python code. To do this Bandit processes each file, builds an AST from it, and runs appropriate plugins against the AST nodes. Once Bandit has finished scanning all the files it generates a report.

Website:

https://github.com/PyCQA/bandit

Infection Monkey

Information from the Infection Monkey website:

The Infection Monkey is an open source Breach and Attack Simulation (BAS) tool that assesses the resiliency of private and public cloud environments to post-breach attacks and lateral movement.

Website:

https://www.guardicore.com/infectionmonkey/

NetSpot

Information from the NetSpot website:

Use NetSpot to visualize, manage, troubleshoot, audit, plan, and deploy your wireless networks.

Website:

https://www.netspotapp.com/

Splunk

Information from the Splunk website:

Splunk turns machine data into answers with the leading platform to tackle the toughest IT, IoT and security challenges. Use Splunk to search, monitor, analyze and visualize machine data.

Website:

https://www.splunk.com/

Image by Pete Linforth from Pixabay