Notices
General Discussion and Debate Discuss, Debate, and Converse with other Honda-Tech members in a mature, intelligent manner.
Sponsored by:
Sponsored by:

Today in InfoSec

 
Old 05-15-2019, 09:58 AM
  #976  
C-A-P-S CAPS CAPS CAPS
 
The GreenD16's Avatar
 
Join Date: Jun 2002
Location: Stuck in traffic on the capital beltway.
Posts: 1,443
Default Re: Today in InfoSec

Originally Posted by shamoo View Post
Update on our security pre-assessment. Went through some of our documentation/policies/procedures. I think the vendor was trying not to laugh lols.
Your vendor just realized he is getting a new GT3 RS when he is done.
The GreenD16 is online now  
Old 05-15-2019, 10:41 AM
  #977  
Will you make something up for me please?
 
shamoo's Avatar
 
Join Date: Sep 2001
Location: SoCal
Posts: 6,149
Default Re: Today in InfoSec

Originally Posted by Mattb16teg View Post
From what I've been apart of, some of the SOPs these Auditors look for are laughable.
It could be literally a 1 step process and they want a written SOP for it.
That's what the HIPPA portion is stating. Usually we can show evidence of something with a screenshot, but they need the written policy. I can understanding having something written about password complexity, but having documentation of password audit states is a bit weird.

Originally Posted by The GreenD16 View Post
Your vendor just realized he is getting a new GT3 RS when he is done.
Luckily I'm not paying them that much. I drive a hard bargain.
shamoo is offline  
Old 05-15-2019, 10:44 AM
  #978  
Honda-Tech Member
 
black_EM1's Avatar
 
Join Date: Dec 2004
Posts: 3,384
Default Re: Today in InfoSec

Originally Posted by shamoo View Post
Two of our big competitors (higher annual revenue than us by a lot) were hit by Ransomware. Some type of ryuk variant (https://research.checkpoint.com/ryuk...ampaign-break/).

One of them completely down for 3-4 days and ~$6-8M revenue per day lost (75K+ computers/servers affected). The other one (which hit this past Saturday) had about 5 sites down.

Symantec put out a rapid release - https://www.symantec.com/security-ce...sr-mixed30days

I'm pretty scared it'll hit us, but oh well. Both these companies had Symantec and/or Sophos for endpoint protection.
SEP is a joke which can be bypassed completely from the process side.
black_EM1 is offline  
Old 05-15-2019, 10:48 AM
  #979  
Will you make something up for me please?
 
shamoo's Avatar
 
Join Date: Sep 2001
Location: SoCal
Posts: 6,149
Default Re: Today in InfoSec

Originally Posted by black_EM1 View Post
SEP is a joke which can be bypassed completely from the process side.
What do you mean by "process side"?

EDIT: Do you mean simply disabling it on the user side? We have GPO policies in place as well as on the SEP server that prevent users from doing that.
shamoo is offline  
Old 05-15-2019, 11:17 AM
  #980  
Honda-Tech Member
 
ford9n's Avatar
 
Join Date: Jan 2015
Location: Colorado
Posts: 19
Default Re: Today in InfoSec

anyone see the cisco router vulnerabilities that came out recently
ford9n is offline  
Old 05-15-2019, 11:40 AM
  #981  
Will you make something up for me please?
 
shamoo's Avatar
 
Join Date: Sep 2001
Location: SoCal
Posts: 6,149
Default Re: Today in InfoSec

Originally Posted by ford9n View Post
anyone see the cisco router vulnerabilities that came out recently
Yep. Impacts ASA 550x, ISR 4xxx, and ASRs.

https://tools.cisco.com/security/cen...513-secureboot

Edit: Other Cisco advisories/alerts released:

https://tools.cisco.com/security/cen...ationListing.x
shamoo is offline  
Old 05-15-2019, 11:58 AM
  #982  
Honda-Tech Member
 
black_EM1's Avatar
 
Join Date: Dec 2004
Posts: 3,384
Default Re: Today in InfoSec

Originally Posted by shamoo View Post
What do you mean by "process side"?

EDIT: Do you mean simply disabling it on the user side? We have GPO policies in place as well as on the SEP server that prevent users from doing that.
I can't copy/paste the commands (don't really want to lol), but if you Google this; it will come up. It requires RDP on Windows, can be done via process on Mac. Just some off hand knowledge to have!
black_EM1 is offline  
Old 05-15-2019, 12:06 PM
  #983  
C-A-P-S CAPS CAPS CAPS
 
The GreenD16's Avatar
 
Join Date: Jun 2002
Location: Stuck in traffic on the capital beltway.
Posts: 1,443
Default Re: Today in InfoSec

There is also another big RDP vulnerability out.
The GreenD16 is online now  
Old 05-15-2019, 12:17 PM
  #984  
Honda-Tech Member
 
96dxB16's Avatar
 
Join Date: Jul 2002
Location: yay area, ca, usa
Posts: 519
Default Re: Today in InfoSec

Originally Posted by The GreenD16 View Post
There is also another big RDP vulnerability out.
https://portal.msrc.microsoft.com/en.../CVE-2019-0708

Windows... not even once..
96dxB16 is offline  
Old 05-15-2019, 12:22 PM
  #985  
Honda-Tech Member
 
ford9n's Avatar
 
Join Date: Jan 2015
Location: Colorado
Posts: 19
Default Re: Today in InfoSec

Originally Posted by shamoo View Post
Yep. Impacts ASA 550x, ISR 4xxx, and ASRs.

https://tools.cisco.com/security/cen...513-secureboot

Edit: Other Cisco advisories/alerts released:

https://tools.cisco.com/security/cen...ationListing.x
it seems some are simple software upgrades, but the trust anchor bug is much more problematic.

anyone out there using anything besides cisco in any large scale?
ford9n is offline  
Old 05-15-2019, 12:44 PM
  #986  
Will you make something up for me please?
 
shamoo's Avatar
 
Join Date: Sep 2001
Location: SoCal
Posts: 6,149
Default Re: Today in InfoSec

Originally Posted by 96dxB16 View Post
Yep. We're testing that at one of our smaller sites now. If no issues, will roll it out.

Apparently it was bad enough that Microsoft put out updates for Windows XP and 2008r2.
shamoo is offline  
Old 05-15-2019, 05:52 PM
  #987  
Honda-Tech Member
 
tony_2018's Avatar
 
Join Date: Nov 2005
Location: Austin, Tx
Posts: 12,673
Default Re: Today in InfoSec

Damn it Intel....
tony_2018 is offline  
 
Related Topics
Thread
Thread Starter
Forum
Replies
Last Post
Knightsport
General Discussion and Debate
42
12-05-2017 05:00 AM
signalpuke
General Discussion and Debate
49
08-12-2016 01:41 PM


Thread Tools
Search this Thread
Quick Reply: Today in InfoSec


Contact Us - About Us - Archive - Advertising - Cookie Policy - Privacy Statement - Terms of Service

© 2019 MH Sub I, LLC dba Internet Brands

We are a participant in the Amazon Services LLC Associates Program, an affiliate advertising program designed to provide a means for us to earn fees by linking to Amazon.com and affiliated sites.