All posts tagged security

eDellRoot – the Security Hole within some Dell Machines

It was only a few months ago when Lenovo were accused of installing hidden adware in their computers, but now Dell have also been accused of a similar matter with a plugin dubbed eDellRoot. Like Lenovo’s Superfish adware, it has been discovered that Dell have been sending out PC’s and laptops with a hidden security hole called eDellRoot. This means specific affected computers are being shipped from manufacture with a pre-installed trusted root certificate (called eDellRoot) that can intercept HTTPS encrypted traffic for any website the user visits. Dell have swiftly come forward announcing that eDellRoot is an unintentional security…

Top

It’s Not Always About Flashy Security Widgets

At Signal Networks, we believe basic security ‘hygiene’ is a must for any organisation whatever their size, location or budget. Ensuring your business is up-to-date and actively protecting itself from any hackers or opportunists needs to be a standard practice that is constantly maintained. In the same way you’d brush your teeth for a few minutes every day, you need to be protecting your IT network from security threats for a few minutes every day. These steps do not need to take up all of your time, and in some instances, once you’ve put the groundwork in place, they can…

Top

Cyber Security Monitoring and Logging Guide reported by Crest

A report called ‘Cyber Security Monitoring Guide’ has been released by Crest detailing how organisations need to focus their resources and attention deeper on security monitoring and logging issues to help detect potential Cyber-Security attempts. Crest, a “not for profit organisation that serves the needs of a technical information security marketplace” detailed their findings in the form of a guide. The aim of this guide is to provide practical advice how organisations can “manage logs effectively, deal with suspicious events, use cyber security intelligence and address challenges” providing focus on the following points: Identify potential indicators of compromise (IOC) at an early…

Top

5 Sentences Your In-house IT Department Should Never Say

If you are a small business chances are you have been battling on your own with the challenges that computers have thrown at you. As a mid-sized company, you may be experiencing the growing pains that come with additional equipment and licenses. There are many challenges for SME’s, but having your own in-house IT department is rarely cost effective. Here at Signal Networks, we use our collective knowledge and work as a team to ensure your IT requirements are in safe hands. With many years of experience in all areas of information technology, inclusive of servers, networking, storage management, architecture…

Top

LastPass Security Breach

The popular password storage service LastPass announced earlier this week that there has been a LastPass Security breach in which its user’s main passwords could be compromised. On June 15th 2015, LastPass emailed it’s users a notification alerting them to the LastPass security breach stating that their team “discovered and blocked suspicious activity” on their network. Through their investigations they have found “no evidence that encrypted user vault data was taken, nor that LastPass user accounts were accessed” however the investigation has shown that “LastPass account email addresses, password reminders, server per user salts, and authentication hashes were compromised”. They have advised…

Top

The Power Triangle

Blackhat recently organised a webinar titled ‘enterprise defence and why you’re most likely doing it all wrong’ where Mariano Nunez (CEO and co-founder of Onapsis) and Tom Parker (Chief Technology Officer and Vice President of Security Services at Fusion) attempted to “critically examine enterprise level issues which remain prevalent in many large corporations and provide unnecessary opportunity to the adversary for gaining initial beach heads and moving laterally to achieve end goal proximity”. In this webinar Mariano Nunez expressed a need for a power triangle approach as there is a consistent rise in business critical vulnerabilities within SAP, some of…

Top

Heuristic or Signature based Malware Detection

In the world of virus definitions there are two ways an application can spot a virus using malware detection:  Signature Based: where an application has been given samples of code specific to the malicious software Heuristic Based: where an application has been told what applications do in the past to spot malicious software Imagine a door man at the local night club. He has been told not to let in specific people. Hes been told not to let in John, Bob or Sam as they are trouble makers but everyone else can get through. This is an example of signature…

Top

98% of UK firms are lacking data insurance

The UK Government has announced that almost 98% of large UK firms are lacking data insurance which should work alongside measures such as remote offsite backup and mail archiving to help a company recover should they suffer from a serious cyber-attack. The Minister for the Cabinet Office- Francis Maude confirmed that cyber threats remain “one of the most significant – and growing – risks facing UK business” with “81% of large businesses and 60% of small businesses having suffered a cyber-security breach in the last year, and the average cost of breaches to business nearly doubling since 2013”. The report highlights…

Top

Hashing Passwords

Hashing passwords differs to encrypting passwords in that they contain irretrievable information. If you encrypt a block of data, there would exist a way to decrypt it back to its original form. Hashes create a 128 bit hash value (this typically consisting of a 32 digit hexadecimal number). The use of hashing passwords (in particular MD5) can be used to confirm receipt of files in their original form. If a user was to run the MD5 algorithm on an exe file, it should be identical the other end. The recipient can then run the same MD5 algorithm on the file…

Top

Car Manufacturers Unprepared against Security Breaches to Cars

With the increase in the amount of technology provided in cars, it’s been noted that most car manufactures are in fact unprepared for the rise in security breaches to cars. Most car manufactures incorporate the latest technology in their cars to maximise the users comfort and traveling style. However they don’t fully understand the types and amount of security breaches to cars that can be associated with such technology. This is according to a report generated from the office of U.S Senator Ed Markey titled ‘Tracking and Hacking: Security & Privacy Gaps Put American Drivers at Risk’. Within this report, it…

Top
1 2 3 6 Page 1 of 6

Call us 0333 370 2202

Or email us: enquiries[@]signalnetworks.co.uk