Cyber Precrime - Defensive Information Security
Call
Cyber Precrime Pro-Active Defense
Cyber Precrime Home Page
Cyber Precrime Services Paage
SAINT Extreme Security
Cyber Precime Web Cast
Sophos Security Software
Cyber Precrime Contacts page
A virus doesn't hate or care it just happens
User ID
Password
 
The FAIL Zone

7/31/09-8/06/09
Police Computers Paralysed
Flagstaff(AZ) Police Dept and Coconino County Sheriff's Office have been down since Tuesday (6/28/09). 10 days after the initial system outage, staff still inconvienced but it looks like the worst is behind them. Countywide at 40 sites, more than 1,800 workstations had to undergo the debugging process. Costs are not available at this time. Looks like the culprit has been Conficker Strains A and D.

11/3/2009
FBI Warns of Fradulant ACH Transfers
Washington D.C. Customers who use online banking services are advised to contact their financial institution to ensure they are employing all the appropriate security and fraud prevention services their institution offers.

FBI Press Release

Banking Securely Online PDF

(ACH) Automated Clearing House

11/6/2009
Visa Data Security Alert - Targeted Hospitality Sector Vulnerabilities
Memory Parsing Vulnerability is actively targeting and being exploited within the hospitality industry. This vulnerability is being carried out by hackers in which they install debugging software on point-of-sale systems in order to extract full magnetic strip data from volatile memory, otherwise known as RAM

2/26/2010
Wyndham Hotels Hacked Again!!!
The break-in occurred between late October 2009 and January 2010. It affected an undisclosed number of company franchisees and hotel properties that Wyndham manages. Wyndham warned customers of a second breach in August 2009. Also, in Aug 2008 Wyndham also lost 480,000 credit card records to hackers at its Phoenix, AZ location.

Wyndham, operates Days Inn, Ramada and Super 8 motels.

4/26/2010
Microsoft DLL Hijacking Vulnerability

To summarize it, when an application dynamically loads a DLL without specifying a full path, Windows tries to locate the DLL by searching through a set of directories, known as DLL Search Order, which consists of

1. The directory from which the application loaded
2. The system directory
3. The 16-bit system directory
4. The Windows directory
5. The current working directory (CWD)
6. The directories that are listed in the PATH environment variable

Now, if the attacker discovers a vulnerable application they can place a malicious DLL and a file to be opened by the vulnerable application (to set the current working directory) on a remote orWebDav share so that the malicious DLL gets dynamically loaded to handle the designated file type.

A number of proof of concept exploits are out and there are reports that the issue has been actively exploited in the wild.

Microsoft has released guidance and tools for mitigating the issue both for the end users and for developers. Unfortunately, there must be hundreds of applications affected by the issue and it will take some time for their developers to fix them. In the mean time, it is important to follow the Microsoft Guidance to mitigate the threat.

This is a 'low-skill' exploit and is very scary since it affects all Microsoft Systems and cannot be easily fixed.

 
Secure Networks

Information Security Cyber Precrime's mission: ascertain your current system's security posture and provide sufficient security to reduce your risk to acceptable levels at the best available price. Systems can range from a single computer to enterprise-wide networks.
"Top Performers"
Kaspersky Internet Security 2010

Sophos Endpoint Security & Data Protection
Data Loss Protection (DLP)
• Anti Malware Protection & Application Control
• Network Access Control (NAC)

  • Content Monitoring
  • Client Firewall
  • Win, MAC, Linux & UNIX

SC Magazine Rates Sophos 5 stars in all 5 catagories

Learn More
Sophos Security Suite for Small Business

SAINT Vulnerability Management System
SAINT Vulnerability Scanner
•SAINT Exploit
• WebSAINT/WebSAINT Pro

  • SAINTbox Appliance
  • SAINT Manager Console

SC Magazine Rates SAINT 5 stars in all 5 catagories

Learn More

Kaspersky Internet Security 2010

"PCI-DSS An Introduction For Managers"
"The time bomb within your Merchant Account which could cripple your business."

  • Cyber Precrime Awareness Series Exclusive

Learn More

Sophos Anti-Virus ChallengeFREE Single Computer Security Scan
  • Test your existing Anti-Virus Protection with SOPHOS
  • Scans without the need to uninstall or disable your existing protection
  • Uses a single scan to detect viruses, spyware and adware
  • Detects zero-day threats using unique behavioral Genotype Protection
  • Requirements: Windows Server 2003, Windows Vista, Windows XP, Windows 2000 (includes 64-bit editions)
  • DOWNLOAD NOW
Anti-Virus Independent Testing

Independent Testing Our "Top Performers" products are strong contenders within their respective fields. The tests cover several important criteria and are quite intensive. Before purchasing any software product, it is recommended to select the applications features which are most important to your service.

The Alert Zone

Deadline 7/1/2010
 Old POS PED's Must Go!
Point of Sale PIN Entry Devices which are not tamper-evident or tamper-resistant must be removed from production.

Popular PED's targeted by criminals- VeriFone: PINpad 101, 201 and 2000
-VeriFone: Everest model P003-3xx
-Hypercom: S7S and S8
-Ingenico: eN-Crypt 2400 (also known as the C2000 Protégé).

Deadline 7/13/2010
Microsoft Support Ends
XP SP2 will no longer be supported. IE6 & IE7 on XP Prof SP2 also will no longer be supported. If you want security updates upgrade to SP3.

Win 2000 Professional & All Server Editions not longer supported.

Win 2003 Professional & All Server Editions reaches end of first support phase. Second Phase ends 7/14/2015.

View MS Lifecycle Support Page

9/29/2010
PRIMARY STUXNET INDICATORS
Stuxnet uses four zero-day exploits (two of which have been patched) and takes advantage of a vulnerability also exploited by Conficker, which has been documented in Microsoft Security Bulletin MS-08-067.c

The known methods of propagation include infected USB devices, network shares, STEP 7 Project files, WinCC database files, and the print spooler vulnerability addressed by MS-10-061.d
The malware also interacts with Siemens SIMATIC WinCC or SIMATIC STEP 7 software. Exact software versions and configurations that may be affected are still being analyzed.



Homeland Security Terror Alert

Contact Cyber Precrime for Testing & Remediation

 

 

 

 
Cyber-Precrime © 2009-2010 • Privacy PolicyTerms Of Use