Firewalls are Important, but they’re Not Enough

Firewalls are Important, but they’re Not Enough

Firewalls are an essential part of your IT security infrastructure. In fact, in many cases, they are the foundation and rightfully so. It’s important to note, however, that the target has changed and so have the perpetrators. These days, the masterminds behind cyber-attacks are infinitely more sophisticated than they once were. Many will stop at nothing to achieve the results they’re after – gaining access to sensitive data and exploiting it for their criminal purposes. Unfortunately, most companies have not shifted their focus to account for these changes. The current ideology is that hackers install agents on your network and let them do the work. They install them in what we like to call the Red Zone. This is the weakest part of your network – the spot where your PC and device are located.  Not coincidentally, this also happens to be where most human decisions are exposed on your network; for example, which website to go to, what file to download, and what e-mail to open. Legacy Security Measures are No Longer Sufficient Perhaps even just as recently as a decade or so ago, firewalls and sandboxes were enough to keep hackers at bay. Unfortunately, those hackers have developed newer, better and more effective ways to get around these security measures. They are relentless in their efforts to identify and expose network vulnerabilities and legacy protections are simply no match for their complex tactics. To complicate matters, most businesses now operate remotely at least a portion of the time. Thanks to mobile and cloud technology, individuals, teams and even entire companies can perform just about every duty imaginable...

Firewall: Start, Stop, Fail; The Red Zone

Firewalls are an essential part of your IT security infrastructure; they are the foundation. However, the target has changed, and most companies have not changed their focus. The current ideology is that hackers install agents on your network and let them do the work. They install them in the Red Zone. This is the weakest part of your network. This is the spot where your pc and device are located.  This is also where most human decisions are exposed on your network. For example, which website to go to, what file to download, and what e-mail to open. This is where the tools of the future need to work. We know who and where you are. In war it is easier to identify who attacked you than who is going to attack you. This is where the Red Zone will help turn the tables on would be hackers and hacking corporations. As a person in business you need to make sure your IT strategy is up to date. The next war will not be fought in the board room or the battlefield; it will be fought in the Red Zone. I have outlined the place and time in  (Time till live)   Sean Galliher CEO...

TTL time till live

TTL(Time Till Live ) Why Time Til Live (TTL) is a Critical Factor in Your Cyber Security Cyber-crime has become much more sophisticated than ever before. No longer are the threats simply a kid playing in the basement. The cyber war has become a billion dollar industry, netting malware companies and hackers millions. As corporate IT departments attempt to keep these companies out, CEOs and presidents need to remember that they may have a handful of people fighting a war against hundreds, maybe thousands of programmers who are working 24/7 to successfully get their hands on sensitive data. What is Time Til Live? What many organizations fail to realize is that the true threat of cyber-attacks lies not in the initial breach but in the time it takes to discover the intrusion. The longer hackers are able to go undiscovered, the more havoc they can wreak and the greater the damage they’ll be able to do to your network. The time that elapses between the initial breach of a network by an attacker and the discovery of that breach by the victim is known as “time til live” and it’s something that could seriously be costing your company money. One recent report indicates that the average time it takes to discover a successful breach is close to 150 days. For many, it could be much longer. Imagine the kind of damage a hacker could do if given months to extract the information they’re after while going completely undetected. Sadly, it is these prolonged and sophisticated attacks that many organizations fail to consider. Thankfully, understanding TTL presents the opportunity for...

firedragon on the radio

Sean Galliher are CEO will be appearing on the radio here is the link http://computeramerica.com/2015/10/20/intel-cyber-black-ops/

press release

FireDragon Breathes New Fight Against Cyber Attacks High-end, Lower Cost Cyber Security for Every Business PR Newswire SACRAMENTO, Calif., Aug. 12, 2015 SACRAMENTO, Calif., Aug. 12, 2015 /PRNewswire/ — After years of experience, research and frontline technology, Cyber Black Ops, Inc. announces the North American launch of FireDragon, the best answer to the growing cyber attack invasion on U.S. industry. FireDragon provides quality cyber security to small and mid-sized businesses, as well as the larger companies, at a cost they can all afford. According to the Ponemon Institute, the annual cost, per company, of U.S. cyber crime, in 2014, was $20.8 Million in financial services; $14.5 Million in technology; $12.7 Million in communications and $8.6 Million in retail. And that is only among the attacks that were made public. Most large companies receive multiple attacks daily or don’t know they’ve been breached. Cyber Black Ops, Inc. CEO, Sean Galliher, says, “While the majors like Target, Home Depot, eBay and Chase Bank receive the most public exposure when their security is invaded, the fact is that between 2012 – 2013, cyber attacks on small to mid-sized businesses increased 61%.” With a cost of about $900,000 per attack, loss of customers and taking up to one year to recover from damages to their operations or reputation, 60% of those companies had to close their doors within six months. It’s additionally reported that 31% of all cyber attacks are aimed at companies with less than 250 employees. Galliher says, “Cyber criminals assume that these smaller companies don’t believe they’re likely targets for attack, aren’t paying attention to their security or simply can’t...

Fire Dragon is here

Fire dragon 1.0 ver release and ready for shipping Please contact reseller or us for demos and pricing Thanks Firedragon Security

Fire Dragon in Korea

American security company which puts on Korean market among other foreign markets, becomes the talk of the town. Fire Dragon, which is security solution company based in California, USA, sets out the market with APT(Advanced Persistent Threat) solution which is optimal for the Korean environment. Fire Dragon also proceeds International Common Criteria (CC) certification to enter the domestic public market. In this interview, the global APT company ­ Fire Dragon ­ announced a strategy to enter the public market. < Sam Elkholy (Chief Operating Officer) and Jong Gwang, Kim ( Representative of Insec security) cooperate Korean security business. > 10th, Sam Elkholy, Chief Operating Officer (COO) of Fire Dragon, says  “Korean market is the most dynamic market in the world.” said that “If we get proved by Korean customers, then it would be just a matter of time to expand business into world.” Since there are many cyber security threats in Korea, Fire Dragon plans to run their business in Korea as a Testbed. Fire Dragon contends for victory through APT solution which is focused on Small & Medium Business(SMB). This product provides the services in Hangul(Korean Language) and also supports specific­environments application which is familiar with Korean environments like popular ERP service among Korean companies. The service and support of the product are taken responsible by Insec Security(NYSE Jong Gwang, Kim). They also place the malicious code analysts for this project. The APT solution from Fire Dragon senses abnormal pattern in network, based on behavior detection technique and send it to the sandbox to analyze. By analyzing and detecting entire network traffics, the sensor separates suspicious packets. Also...

5 Myths of Virtualization Security: You May Be More Vulnerable Than You Think

  Myth No. 1: My Existing Endpoint Security Will Protect My Virtual Environment While most traditional endpoint security solutions are virtual-aware and provide some low levels of protection for virtual environments, this protection is too limited. It simply isn’t enough to cope with modern threats. Also, the performance brain, especially in large deployments, can cripple your virtual machines. Depending on the virtualization platform used — VMware, Citrix, Microsoft, etc. — your traditional endpoint security suite probably can recognize virtual endpoints. In many cases, however, this physical software can’t bring its full toolset of antimalware to the virtual world, and it can perform only basic tasks, like on-access scanning. Worse, traditional endpoint security software can create security gaps as a result of slowing down the network — like security being disabled altogether. Myth No. 2: My Existing Antimalware Doesn’t Interfere With My Virtual Environment Operations The truth is, it does. Performance issues actually can create security gaps that didn’t exist in your physical environment. Traditional endpoint security uses an agent-based model. Basically, each physical and virtual machine has a copy of the security program’s agent on it, and this agent communicates with the server while performing its security tasks. This works fine for physical machines, but if you have 100 virtual machines, then you have 100 instances of this security agent plus 100 instances of its malware signature database running on a single virtual host server. This high level of duplication causes massive performance degradation and wastes tons of storage capacity. In this model, if a dozen of your virtual machines simultaneously start running a normal security scan, all the...

Banking malware sniffs out data sent over HTTPS

Careful online banking users can sometimes spot that something is amiss when malware installed on their computer pops up phishing pages or adds fields to legitimate banking forms. But the Emotet banking malware doesn’t bother with that, and sniffs out data sent over secured connections instead. According to Trend Micro researchers, German users are particularly in danger from this malware family, although infections have also been spotted in the rest of the EMEA region, as well as in North America and the Asian-Pacific region. The variants targeting German users are delivered to the victims via fake bank transfer notifications and shipping invoices. Clicking on the embedded links triggers the download of the malware. The first thing that the malware then does when run is contact its C&C, from which it downloads additional files, including the configuration file that contains information about targeted banks. “Another downloaded file is a .DLL file that is also injected to all processes and is responsible for intercepting and logging outgoing network traffic. When injected to a browser, this malicious DLL compares the accessed site with the strings contained in the previously downloaded configuration file,” the researchers explained. “If strings match, the malware assembles the information by getting the URL accessed and the data sent. The malware saves the whole content of the website, meaning that any data can be stolen and saved.” The malware is also capable of hooking into a number of network APIs, which allow it to sniff out data sent over...

Labs Report Sees Mobile Malware Abuse Trust in Early 2014

McAfee Labs today released the McAfee Labs Threats Report: June 2014, revealing mobile malware tactics that abuse the popularity, features, and vulnerabilities of legitimate apps and services, including malware-infested clones masquerading as the popular mobile game Flappy Birds. The report highlights the need for mobile app developers to be more vigilant about the security of their apps, and encourages users to be mindful when granting permission requests that criminals could exploit for profit. The manipulation of legitimate mobile apps and services played a key role in the expansion of mobile malware at the beginning of 2014. McAfee Labs found that 79 percent of sampled clones of the Flappy Birds game contained malware. Through these clones, perpetrators were able to make phone calls without user permission, install additional apps, extract contact list data, track geo-location, and establish root access for uninhibited control over anything on the device, including the recording, sending, and receiving of SMS messages. Other examples of trusted mobile app and service features being manipulated for criminal gain include: Android/BadInst.A: This malicious mobile app abuses app store account authentication and authorization to automatically download, install, and launch other apps without user permission Android/Waller.A: This Trojan exploits a flaw in a legitimate digital wallet service to commandeer its money-transfer protocol and transfer money to the attacker’s servers Android/Balloonpopper.A: this Trojan exploits an encryption method weakness in the popular messaging app WhatsApp, allowing attackers to intercept and share conversations and photos without users’ permission “We tend to trust the names we know on the internet and risk compromising our safety if it means gaining what we most desire,” said Vincent...