Go Premium for a chance to win a PS4. Enter to Win

x

Vulnerabilities

A vulnerability is a weakness which allows an attacker to reduce a system's information assurance. Vulnerability is the intersection of three elements: a system susceptibility or flaw, attacker access to the flaw, and attacker capability to exploit the flaw. To exploit a vulnerability, an attacker must have at least one applicable tool or technique that can connect to a system weakness, known as the attack surface. Vulnerability management is the cyclical practice of identifying, classifying, remediating, and mitigating vulnerabilities. Other vulnerabilities include security risks, security defects and constructs in programming languages that are difficult to use properly.

Share tech news, updates, or what's on your mind.

Sign up to Post

Phishing emails are a popular malware delivery vehicle for attack. While there are many ways for an attacker to increase the chances of success for their phishing emails, one of the most effective methods involves spoofing the message to appear to come from a trusted source. Ready to learn more?
1
Free Tool: IP Lookup
LVL 11
Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

A new hacking trick has emerged leveraging your own helpdesk or support ticketing tools as an easy way to distribute malware.
1
The Cyber News Rundown brings you the latest happenings in cyber news weekly. Who am I? I’m Connor Madsen, a Webroot Threat Research Analyst, and a guy with a passion for all things security. Any more questions? Just ask.
2
The recent Petya-like ransomware attack served a big blow to hundreds of banks, corporations and government offices The Acronis blog takes a closer look at this damaging worm to see what’s behind it – and offers up tips on how you can safeguard yourself from future ransomware attacks.
2
This article investigates the question of whether a computer can really be cleaned once it has been infected, and what the best ways of cleaning a computer might be (in this author's opinion).
2
 
LVL 12

Expert Comment

by:Andrew Leniart
Comment Utility
An interesting and well thought out article Thomas. Thanks for writing it.  

Whilst I continue to stand by the opinions I've shared before on this topic, you've presented some interesting points to ponder here, the VM options in particular. With regards to this though;
the malware cannot spread outside of that VM
I'd add that while not a common occurrence, it's not beyond the realms of possibilities for an infection to escape a VM and also infect the host operating system. Correct network and sharing configurations of a virtual machine [and its host] are of particular importance here.

 Thanks for sharing.
0
 
LVL 30

Author Comment

by:Thomas Zucker-Scharff
Comment Utility
Andrew,

Thanks for the comment.  I realize that there is a possibility of malware spread outside a vm. The thing is I have never personally  seen this happen. I have generally seen quite the opposite..
0

Did you know that more than 4 billion data records have been recorded as lost or stolen since 2013? It was a staggering number brought to our attention during last week’s ManageEngine webinar, where attendees received a comprehensive look at the many intricate ways privileged accounts can compromise Active Directory environments.


On the subject of “Tracking and Securing Privileged Users in Active Directory”, Derek Melber, technical evangelist for the ADSolutions team at ManageEngine, outlined that number as Microsoft's own observation.


That’s why companies like ManageEngine are working to educate users and provide simple-to-use tools for protecting the popular Active Directory infrastructure.


Melber explained that when companies are breached, they usually aren’t aware of the breach for up to 146 days. That means a hacker can be in your organization with domain administrator credentials, undetected, for 5 months—something Melber appropriately described as a “terrifying level of access.” According to Microsoft’s research timeline, when the first host is compromised (typically a desktop) the admin domain credentials are compromised in two days or less.


So how do companies combat these risks and stay ahead of hackers?


Melber said a great place to start is to follow these 5 steps for tracking and securing privileged credentials:


  1. Run reports on privileged access accounts
  2. Analyze data from these reports
  3. Configure settings
  4. Monitor settings and access
  5. Set up alerts for when access changes


These steps help companies follow the practice of creating a least privileged environment, something ManageEngine believes in. Following this for all endpoints, Melber explained companies can reduce vulnerabilities within Internet Explorer by 100%.


Individual privileged accounts, however, aren’t the only thing to monitor. Melber discussed the importance of following the same protocol with privileged groups. In privileged groups, users have uninhibited access to important files. He gave the example of a privileged group member accessing financial servers and backing up files or folders, regardless of the permissions set on those documents.


In order to audit this activity, tools are needed to run reports and control access. With the right tool, Melber says it’s possible to track access, monitor settings and behaviors, configure password resets, receive real-time alerts, and launch automatic reports.


“It all goes back, unfortunately, to breaches. Attackers are one step ahead of us. Attackers are using configurations against us. We need to flip that around. We need to know who has privileges. We can then help reduce the breaches that are in our environment,” says Melber.


For more details on tips provided in this webinar—or to watch the presentation—click here.


*Please email Derek Melber with any Active Directory questions at derek@manageengine.com


3
Doxware
If you thought ransomware was bad, think again! Doxware has the potential to be even more damaging.
2
One of the biggest threats facing all high-value targets are APT's.  These threats include sophisticated tactics that "often starts with mapping human organization and collecting intelligence on employees, who are nowadays a weaker link than network components" (Curry et al., 2011).
0
I've been an avid user and supporter of Malwarebytes Premium Version 2.x for years. It's an excellent product that runs alongside just about any Anti-Virus application without issues. It seems to have an uncanny ability to pick up many things that Anti-Virus applications occasionally miss.
1
 
LVL 1

Expert Comment

by:agieryic
Comment Utility
I am an IT consultant and I also support the Malwarebytes premium 3.05 version. I've been testing a few chosen clients Windows 7 installations by upgrading version 2.22 version 3.05. Below are some of my notes that I emailed to Malwarebytes customer support. There are many similarities to the experiences as mentioned above in this post

I performed a full uninstall per directions provided below. Afterward, I used the mentioned Uninstaller tool and rebooted the PC
the PC is running Windows 7 professional

I then reinstalled the Malwarebytes version 3.05
-      updated the database
-      however, the malware protection module will not start. It just shows “starting”. So basically a malware protection is off.
- rebooted the PC again. The malware protection module started this time.
- On this PC and other PCs where I installed the Malwarebytes premium 3.05, it shows successfully installed and up-to-date  (whether it's a clean install or in in-place upgrade from version 2.2) - however,

 when I go to's perform a scan, I get a summary that says the scan was complete but it says zero item scanned in the timestamp is 00
- basically,  it says that it successfully ran a scan and completed - and it all happened in 100th of a second maybe I'm exaggerating)
but my point is, there are zero files scanned and zero for that timeframe

it is New Year's Eve holiday, I hope to get an answer after January 1, 2017
0
Provide an easy one stop to quickly get the relevant information on common asked question on Ransomware in Expert Exchange.
3
When ransomware hits your clients, what do you do?
When ransomware hits your clients, what do you do?

MSPs: Endpoint security isn’t enough to prevent ransomware.
As the impact and severity of crypto ransomware attacks has grown, Webroot fought back, not just by building a next-gen endpoint solution capable of preventing ransomware attacks but also by being a thought leader.

If you're not part of the solution, you're part of the problem.  

Tips on how to secure IoT devices, even the dumbest ones, so they can't be used as part of a DDoS botnet.  Use PRTG Network Monitor as one of the building blocks, to detect unusual traffic patterns.
0
Sacm-Alert
This story has been written with permission from the scammed victim, a valued client of mine – identity protected by request.
3
Ransomware
Ransomware continues to be a growing problem for both personal and business users alike and Antivirus companies are still struggling to find a reliable way to protect you from this dangerous threat.
4
 
LVL 38

Expert Comment

by:Mahesh
Comment Utility
Hi
If you could please post / incorporate some examples as well how Ransomware encrypt our data and further ask for payments to decrypt data..it will be really helpful.
Unless we come to know what exactly it can target, we would not realize its impact and importance
Article looks well and can give good start

Mahesh.
0
SHARE your personal details only on a NEED to basis. Take CHARGE and SECURE your IDENTITY.
How do I then PROTECT myself and stay in charge of my own Personal details (and) - MY own WAY...
0
Today, still in the boom of Apple, PC's and products, nearly 50% of the computer users use Windows as graphical operating systems. If you are among those users who love windows, but are grappling to keep the system's hard drive optimized, then you should read this article.
3
threat model
Envision that you are chipping away at another e-business site with a team of pundit developers and designers. Everything seems, by all accounts, to be going easily.
1
 
LVL 66

Expert Comment

by:Jim Horn
Comment Utility
Hi Shakshi

Thanks for your submission.  889 words, completely original content, and reads fairly well.  The technical aspects of this article seem pretty solid, but I'm going to send this back to Draft / Author Review for some general readability editing.  When you're done go ahead and resubmit and I'll review from there.

Please separate paragraphs with a blank line, as without that an article can resemble a 'word wall' where everything jumbles together and can be difficult to read.

>fruitful dispatch, inculcate, buttonhole, the prerequisite in a venture, Addedly, ingressed, environ
These words are rarely used and may confuse people.  Keep in mind that if these are local slang than it might not translate well to a global audience.  I can appreciate that you're trying to tell a story and be somewhat entertaining in the process, but just make sure you don't lose people in the translation.

>as it were, Addedly,
There are some phrases here that do not add value and can be deleted.

>Now let's take a brief about what Threat modeling is: Threat modeling does not include
Please define something by what it is, not what it is not.  The 'is not' stuff can always be added later.

>STRIDE & DREAD.
If terms are going to be introduced but not defined please at minimum provide a link to a definition.

Please provide a conclusion.

Feel free to self-promote in the 'About the Author' section, especially if you have other publications that readers of this one may be interested in reading.

For a lot more recommendations on how to score maximum points on articles check out Top 10 Ways To Write Rock Star Technical Articles

Thanks in advance.  I look forward to seeing this as a finished product.
Jimbo
0
cybersecuritty
Read about achieving the basic levels of HRIS security in the workplace.
1
 
LVL 6

Author Comment

by:Oscar Waterworth
Comment Utility
It was a mistake, thanks for having such a keen eye.
0
Cyber or not!
Transferring data across the virtual world became simpler but protecting it is becoming a real security challenge.  How to approach cyber security  in today's business world!
3
cloud
Cybersecurity has become the buzzword of recent years and years to come. The inventions of cloud infrastructure and the Internet of Things has made us question our online safety. Let us explore how cloud- enabled cybersecurity can help us with our businesses and ultimately lives.
0
Put Machine Learning to Work--Protect Your Clients
Put Machine Learning to Work--Protect Your Clients

Machine learning means Smarter Cybersecurity™ Solutions.
As technology continues to advance, managing and analyzing massive data sets just can’t be accomplished by humans alone. It requires huge amounts of memory and storage, as well as high-speed processing of the cloud.

This is a short article about OS X KeRanger, and what people can do to get rid of it.
0
 
LVL 14

Author Comment

by:Justin Pierce, CEH
Comment Utility
Hi Ericpete,

Sorry for the reference to Intego and my site. I've removed the lines that you've asked to be taken out. Again, I'm sorry for the mishap.

Thank you for your time and take care.

vr,

Justin
0
Crypto Ransomware
You cannot be 100% sure that you can protect your organization against crypto ransomware but you can lower down the risk and impact of the infection.
5
A brand new malware strain was recently discovered by security researchers at Palo Alto Networks dubbed “AceDeceiver.” This new strain of iOS malware can successfully infect non-jailbroken devices and jailbroken devices alike.
3
Getting hacked is no longer a matter or "if you get hacked" — the 2016 cyber threat landscape is now titled "when you get hacked." When it happens — will you be proactive, or reactive?
7
 
LVL 17

Expert Comment

by:Kyle Santos
Comment Utility
Good job.
0
 
LVL 6

Author Comment

by:Teksquisite
Comment Utility
Thank you Kyle :)
0
The intent is not to repeat what many has know about Ransomware but more to join its dots of what is it, who are the victims, why it exists, when and how we respond on infection. Lastly, sum up in a glance to share such information with more to help family and loved ones from being the next victim.
5
 
LVL 27

Expert Comment

by:MAS
Comment Utility
Thanks Btan. Really helpful. Appreciated your effort.
0
 
LVL 65

Author Comment

by:btan
Comment Utility
No worries. There are many other good article and you can check out the FAQ too.
0
In every aspect, security is essential for your business, and for that matter you need to always keep an eye on it. The same can be said about your computer network system too. Your computer network is prone to various malware and security threats that revolve around your software and other applications. These threats can greatly affect your work and bring downfall to your business. This is the reason why you should seek the service of a reputed web application external penetration testing services company. It will help you ensure the security of your firm's network.

Unlike other manual security systems, external penetration testing services provided by a professional help you analyze your network vulnerabilities in a comprehensive manner. You can get rid of all the vulnerabilities with the combination of scanning tools and various other methods of manual penetration. These tools are designed specifically for preventing your system from any sort of data theft or identity theft.

Using penetrating testing tools will help you determine the extent to which your data or information can be compromised or in a position of vulnerability. There are end number of web application penetration testing companies that bring forth different types of tools and techniques for identifying and analyzing the common threats that can occur while using any online platform.

The penetrating testing process involves assessment of the network security and computer by imitating an attack on your…
4

Vulnerabilities

A vulnerability is a weakness which allows an attacker to reduce a system's information assurance. Vulnerability is the intersection of three elements: a system susceptibility or flaw, attacker access to the flaw, and attacker capability to exploit the flaw. To exploit a vulnerability, an attacker must have at least one applicable tool or technique that can connect to a system weakness, known as the attack surface. Vulnerability management is the cyclical practice of identifying, classifying, remediating, and mitigating vulnerabilities. Other vulnerabilities include security risks, security defects and constructs in programming languages that are difficult to use properly.