Solving a Cyber Crime Case Like Sherlock Holmes

POSTED BY
0
Solving a Cyber Crime Case like Sherlock Holmes

Solving a Cyber Crime Case like Sherlock HolmesIT security managers lay a lot of emphasis on conducting log forensics investigations. According to the SANS 2013 Digital Forensics Survey, 57% of the respondents said that they conduct forensic investigations to “find and investigate incidents as they are occurring” and 75% of the respondents said they conduct forensic investigations to “find and investigate incidents after the fact”. Detecting the activity of hackers is never easy. Enterprises may have the best of network security solutions to detect network anomalies and threats, but critical resources still continue to get compromised.

All IT security managers have to put themselves in the shoes of Mr. Sherlock Holmes to solve cyber cri…

8 Log Management Habits of Highly Effective IT Security Managers

0
Log Management Habits

blog_sep2014-19In today’s business environment, data is the source that drives organizations in the proper direction. Data enables planning, forecasting, and strategy. For example, retailers rely on customer behavior data to drive more sales, and CEO’s rely of past performance data to make effective decisions. Similarly, IT security professionals rely on log data generated by their IT network infrastructure to secure their networks from threats, attacks, and breaches. The IT infrastructure of any organization includes network devices (routers, switches, firewalls, etc.), systems (Windows, Linux, etc.), and business-critical applications that generate a huge amount of log data.

This log data is a gold mi…

Combat Advanced Cyber Attacks With Shared Security Intelligence

0
Combat Advanced Cyber Attacks With Shared Security Intelligence

(Originally published in Cyber Defense Magazine, Black Hat special edition)

shared-security-intelligence

​In this information age, even the mightiest of enterprises and governments across the globe are worried about cyber-attacks. Not a single day passes by without a story about a hack or a compromise or an identity theft involving data related to a large number of users. Cyber security is increasingly becoming complex, and cyber-attacks have truly emerged a global crisis.

An analysis of some of the recent high profile breaches reveals that the threat landscape is rapidly evolving into a more dangerous ground with highly targeted attacks and advanced persistent threats (APTs) leading the way.

Traditionall…

IT Security and Auditing Framework – A Glass Half Full or Half Empty?

0

Log Management, Compliance Reporting and SIEM

Corporate islands with no connectivity to the external world and/or employees seeking permission to share company critical information with an outsider are not options that ensure protection from information thefts. Not a day goes by without a security breach or espionage attempt in the media. It doesn’t matter whether it’s an internal or external hack caused by a deliberate or inadvertent action. The IT guy is made accountable for the security gaps and is asked to revisit the policies to ensure that such incidents don’t recur.

We can all say thanks to the built-in logging mechanism in devices, systems and applications, which help track e…

ManageEngine’s EventLog Analyzer Advances the Cloud with ActiveState Stackato

0

The cloud, once known as the future of IT, is now part of modern IT infrastructure. With the growing acceptance of BYOD and employees soliciting critical business-service access on the move, the cloud is ideally suited to balancing these current market trends. It helps IT organizations be cost effective and deliver better IT services.

If you’re currently evaluating or have already implemented a cloud infrastructure in your business, you know it can be a tricky project with a lot of unanswered questions. This is especially true if statutory compliance acts such as PCI DSS, FISMA, HIPAA, and/or SOX govern your company. You need to consider a sound information security plan to detect abnormal access to …

ManageEngine EventLog Analyzer Secures Gold Award

0

We are excited to announce that ManageEngine EventLog Analyzer recently took home the Gold Award from WindowsSecurity.com. Deb Shinder, MVP (Enterprise Security) reviewed the product before bestowing this award.

We want to thank WindowsSecurity.com for giving us an opportunity to have our product thoroughly reviewed by Shinder, a seasoned security professional. Thank you Deb for setting aside some time to evaluate EventLog Analyzer.

“The vendor (ManageEngine) actually cares about what the IT pros using their solution want and need” Shinder said “This solution manages to be extremely full featured without being complicated. Despite a couple of moments of confusion as I got acquain…

PCI DSS 3.0: Shifting focus on daily review of ‘security-relevant’ logs to identify suspicious activities [Part-3]

0

Ever since the release of the PCI DSS version 3.0 change highlights by the PCI Security Standards Council (PCI SSC), stakeholders of payment card industry and security analysts have been busy interpreting the proposed regulations. While many of the sections explained in the change highlights document require clarity, one thing was crystal clear – v3.0 expects the stakeholders to focus their log-review efforts on ‘identifying suspicious activity’ and not merely collecting them religiously and performing a generic review.

pci-compliance-log-management

Even in PCI 2.0, Requirement 10 is all about activity logs – collection, transmission, storage and daily review of logs from the devices and sys…

5 Top Targets for Today’s Hackers

0

Black Hat USA bills itself as “the show that sets the benchmark for all other security conferences.” While most conferences tend to over-promote themselves, given the activity at this year’s show, that actually might be something of an understatement.

From the defense of government surveillance delivered by NSA Director General Keith Alexander to briefings on the coming “cryptopocalypse” and the risks associated with embedded devices and the Internet of Things, Black Hat reminds us that a little bit of paranoia is warranted in today’s connected world.

Here are my leading candidates for surprising, damaging ways criminal hackers are breaching our online security and val…

Spate of shocking cyber attacks on universities jolt academia

0

It is hauntingly clear – cyber criminals have set their eyes firmly on universities, research institutions, and centers of higher learning in the United States and other parts of the world. If the cyber attacks of the past few weeks are any indication, universities are now facing the biggest threat to information security.

Attack landscape

  • On July 17, 2013, personal information of more than 72,000 staff members (past and present) of the University of Delaware in Newark was compromised. Hackers  obtained the information (names, addresses, social security numbers, etc.) by exploiting the vulnerability in a third-party software that the university used.
  • On July 18, 2013, during a routine security sca

Your Net Worth Is Online – And Less Safe Than Ever

0

The Black Hat USA 2013 conference, which kicks off tomorrow in Las Vegas, brings together the brightest minds in IT security each year — those who are responsible for perpetrating and protecting against the latest hacks and vulnerabilities. And not a second too soon, since every week seems to usher in another security catastrophe.

This week’s shocker was the outing of a hole in mobile device SIM cards, by Karsten Nohl, the founder of Security Research Labs in Berlin. Nohl was able to send a virus to the SIM card through a text message, then eavesdrop on calls, make purchases through the phone and even impersonate the phone’s owner. He did all this in under two minutes using an everyday PC and estimate…