It could have been stopped!
Catbird vSecurity detects and prevents these types of security attacks.
- In Hours, Thieves Took $45 Million in A.T.M. Scheme
- Many of today’s payment processors rely on virtual infrastructure for portions of their payment operations. Extensive use of virtual networks and other virtual network components renders traditional network security devices obsolete. While the exact nature of the breach has not been reported by major news organizations, it’s likely that some portion of the infrastructure was virtualized. If that was the case, Catbird's extensive network security monitoring and enforcement would have helped detect the breach. The NY Times reported:
“Hackers infiltrated the system of an unnamed Indian credit-card processing company that handles Visa and MasterCard prepaid debit cards. Such companies are attractive to cybercriminals because they are considered less secure than financial institutions, computer security experts say.”
Some of the largest payment processors rely on Catbird to secure their virtual infrastructure precisely because it delivers the network security and compliance visualization necessary to protect their virtual infrastructure. It Could Have Been Stopped™ with Catbird vSecurity TrustZones.
- China Cyberspies Outwit U.S. Stealing Military Secrets
- It’s a safe bet to assume that QinetiQ Group relied on virtual systems for much if not all of it’s data processing. The new software-defined data center requires network-based controls that reside inside the virtual switch fabric. Catbird vSecurity could have detected these intrusions at the virtual switch layer and provided the option for automated enforcement actions.
Data centers today are built on top of virtual infrastructure, where traditional network security devices are unable to detect and enforce security on virtualized network components. The Department of Defense and it’s contractors are no exception, they depend on virtual systems for most data center and field level operations. Catbird vSecurity was purpose-built to complement their existing security infrastructure and provide the visibility and enforcement needed to detect this type of intrusion.
- Verizon’s 2013 Data Breach Investigations Report
- This report highlights “the compromise-to-discovery timeline” or the lag between the time an organization has been breached and the time it discovers the breach—as measured in months or years rather than hours or days. Yet again, an argument for the criticality of automated security monitoring and enforcement. Catbird vSecurity provides unparalleled automated network security within virtual and hybrid infrastructure, ensuring that unauthorized activity on the virtual infrastructure is quickly detected and mitigated. It Could Have Been Stopped™ with Catbird vSecurity TrustZones.
- VM researchers post rude awakening about virtualization security
- A virtual machine stealing information from another virtual machine running on the same piece of hardware? That's not supposed to happen. Virtual machines run various tasks on a single computer rather than relying on a separate machine to run each one. The assumption is that one can’t eavesdrop or tamper with the other. But now a technique reported in a paper, “Cross-VM Side Channels and Their Use to Extract Private Keys,” by Yinqian Zhang of the University of North Carolina, Chapel Hill, and computer scientist colleagues from the University of North Carolina, University of Wisconsin, and RSA Laboratories, suggests a different story. (phys.org) It Could Have Been Stopped with Catbird vSecurity TrustZones.
- Tridium’s Niagara Framework: Marvel of connectivity illustrates new cyber risks
- Government and business leaders in the United States and around the world are rushing to build better defenses —and to prepare for the coming battles in the digital universe. To succeed, they must understand one of the most complex, man-made environments on Earth: cyberspace. (Whitney Shefte, Sohail Al-Jamea and Robert O’Harrow Jr./The Washington Post) It Could Have Been Stopped with Catbird vSecurity TrustZones.
- Warp Trojan from China said to fool routers into spreading Windows malware
- Security firm says Chinese malware spreads infections through trick involving unsolicited ARP requests to routers)
Catbird Trustzones, deployed according to best practices, would have prevented this type of attack.
- Oracle won’t patch four-year-old zero-day in TNS listener
- Oracle has issued a security bulletin this week, recommending customers consider workarounds to address a long-standing zero-day vulnerability in nearly all versions of its database management system. Rothacker suggests the real problem has nothing to do with the miscommunication that led to the attack code being released. The problem, he said, is that Oracle has known about this very serious vulnerability for four years and done nothing to fix it. "How many other problems do they know about that they haven't fixed?" he asked. It Could Have Been Stopped with Catbird vSecurity TrustZones. Catbird TrustZones, when deployed in a best practice configuration, will detect and prevent a MITM attack aimed at the Oracle TNS vulnerability.
- Symantec declares pcAnywhere safe to use
- Symantec has said that its pcAnywhere software is now safe to use, with free upgrades offered to users.
According to Reuters, the company has now determined that the current version of pcAnywhere is safe, provided it has been updated with a security patch released on 23 January.
Company spokesman Brian Modena said it is offering free upgrades to pcAnywhere 12.5 at no charge to all customers, even those using old editions that would not typically qualify for support. He also said that while Symantec is advising all users to upgrade, they can safely continue using versions 12.0 and 12.1 if they download a second software patch released on 27 January. It Could Have Been Stopped with Catbird vSecurity TrustZones.
- SCADA vulnerability imperils critical infrastructure, feds warn: Secret accounts open control systems to attack
- An electronic device used to control machinery in water plants and other industrial facilities contains serious weaknesses that allow attackers to take it over remotely, the US agency that safeguards the nation’s critical infrastructure has warned. It Could Have Been Stopped with Catbird vSecurity TrustZones. Catbird zones and network access control could have helped protect against this attack.
- Computer Virus Shuts Down Georgia Hospital
- Malware in a Georgia hospital’s computer system forced it to turn away patients, highlighting the problems and vulnerabilities of computerized systems...The problem likely was caused by a worm infection, which would have spread rapidly across the hospital's network. Foul play isn't suspected, and the problem may be caused by something as simple as a USB drive brought into the facility by an employee. It Could Have Been Stopped with Catbird vSecurity TrustZones.
- Hackers Likely Have Japanese Warplane, Nuclear Data
- InformationWeek, October 25, 2011 – Attackers likely accessed sensitive data relating to military aircraft, missiles, and nuclear power plant designs and safety systems, said Japanese defense officials.
It Could Have Been Stopped with Catbird vSecurity TrustZones. Catbird could have helped stop this blended/persistent threat attack by:
- Catbird TrustZones and ZACL would have detected and blocked the egress of data from the compromised systems to the outside server (in China).
- Catbird PharmingShield would have detected the breach of the websites and their subsequent use to Pharm out the attack to the web site users.
- ICS-ALERT-11-343-01—CONTROL SYSTEM INTERNET ACCESSIBILITY
- December 09, 2011 – On October 28, 2010, ICS-CERT published an alert titled "ICS-ALERT-10-301-01—Control System Internet Accessibility" on the ICS-CERT web page. The alert warned control system owners and operators that a search engine called SHODANa
ICS-CERT is tracking and has responded to multiple reports of researchers using SHODAN, Every Routable IP Project was being used to locate Internet facing control systems. ICS-CERT is issuing this new alert to warn of an uptick in related activity and urge asset owners and operators to audit their control systems configurations and verify whether or not they are susceptible to an attack via this vector.
It Could Have Been Stopped with Catbird vSecurity TrustZones. Catbird can detect and prevent this type of attack by:
- Using Catbird, our customers can use external network discovery and vulnerability scanning to detect internet facing systems.
- Using Catbird's XCCDF capabilities the secure configuration, default password reset, and continuous monitoring may be performed.