Firewall: Start, Stop, Fail; The Red Zone

Firewalls are an essential part of your IT security infrastructure; they are the foundation. However, the target has changed, and most companies have not changed their focus. The current ideology is that hackers install agents on your network and let them do the work. They install them in the Red Zone. This is the weakest part of your network. This is the spot where your pc and device are located.  This is also where most human decisions are exposed on your network. For example, which website to go to, what file to download, and what e-mail to open. This is where the tools of the future need to work. We know who and where you are. In war it is easier to identify who attacked you than who is going to attack you. This is where the Red Zone will help turn the tables on would be hackers and hacking corporations. As a person in business you need to make sure your IT strategy is up to date. The next war will not be fought in the board room or the battlefield; it will be fought in the Red Zone. I have outlined the place and time in  (Time till live)   Sean Galliher CEO...

TTL time till live

TTL(Time Till Live ) Why Time Til Live (TTL) is a Critical Factor in Your Cyber Security Cyber-crime has become much more sophisticated than ever before. No longer are the threats simply a kid playing in the basement. The cyber war has become a billion dollar industry, netting malware companies and hackers millions. As corporate IT departments attempt to keep these companies out, CEOs and presidents need to remember that they may have a handful of people fighting a war against hundreds, maybe thousands of programmers who are working 24/7 to successfully get their hands on sensitive data. What is Time Til Live? What many organizations fail to realize is that the true threat of cyber-attacks lies not in the initial breach but in the time it takes to discover the intrusion. The longer hackers are able to go undiscovered, the more havoc they can wreak and the greater the damage they’ll be able to do to your network. The time that elapses between the initial breach of a network by an attacker and the discovery of that breach by the victim is known as “time til live” and it’s something that could seriously be costing your company money. One recent report indicates that the average time it takes to discover a successful breach is close to 150 days. For many, it could be much longer. Imagine the kind of damage a hacker could do if given months to extract the information they’re after while going completely undetected. Sadly, it is these prolonged and sophisticated attacks that many organizations fail to consider. Thankfully, understanding TTL presents the opportunity for...

firedragon on the radio

Sean Galliher are CEO will be appearing on the radio here is the link http://computeramerica.com/2015/10/20/intel-cyber-black-ops/

press release

FireDragon Breathes New Fight Against Cyber Attacks High-end, Lower Cost Cyber Security for Every Business PR Newswire SACRAMENTO, Calif., Aug. 12, 2015 SACRAMENTO, Calif., Aug. 12, 2015 /PRNewswire/ — After years of experience, research and frontline technology, Cyber Black Ops, Inc. announces the North American launch of FireDragon, the best answer to the growing cyber attack invasion on U.S. industry. FireDragon provides quality cyber security to small and mid-sized businesses, as well as the larger companies, at a cost they can all afford. According to the Ponemon Institute, the annual cost, per company, of U.S. cyber crime, in 2014, was $20.8 Million in financial services; $14.5 Million in technology; $12.7 Million in communications and $8.6 Million in retail. And that is only among the attacks that were made public. Most large companies receive multiple attacks daily or don’t know they’ve been breached. Cyber Black Ops, Inc. CEO, Sean Galliher, says, “While the majors like Target, Home Depot, eBay and Chase Bank receive the most public exposure when their security is invaded, the fact is that between 2012 – 2013, cyber attacks on small to mid-sized businesses increased 61%.” With a cost of about $900,000 per attack, loss of customers and taking up to one year to recover from damages to their operations or reputation, 60% of those companies had to close their doors within six months. It’s additionally reported that 31% of all cyber attacks are aimed at companies with less than 250 employees. Galliher says, “Cyber criminals assume that these smaller companies don’t believe they’re likely targets for attack, aren’t paying attention to their security or simply can’t...

Fire Dragon is here

Fire dragon 1.0 ver release and ready for shipping Please contact reseller or us for demos and pricing Thanks Firedragon Security

Fire Dragon in Korea

American security company which puts on Korean market among other foreign markets, becomes the talk of the town. Fire Dragon, which is security solution company based in California, USA, sets out the market with APT(Advanced Persistent Threat) solution which is optimal for the Korean environment. Fire Dragon also proceeds International Common Criteria (CC) certification to enter the domestic public market. In this interview, the global APT company ­ Fire Dragon ­ announced a strategy to enter the public market. < Sam Elkholy (Chief Operating Officer) and Jong Gwang, Kim ( Representative of Insec security) cooperate Korean security business. > 10th, Sam Elkholy, Chief Operating Officer (COO) of Fire Dragon, says  “Korean market is the most dynamic market in the world.” said that “If we get proved by Korean customers, then it would be just a matter of time to expand business into world.” Since there are many cyber security threats in Korea, Fire Dragon plans to run their business in Korea as a Testbed. Fire Dragon contends for victory through APT solution which is focused on Small & Medium Business(SMB). This product provides the services in Hangul(Korean Language) and also supports specific­environments application which is familiar with Korean environments like popular ERP service among Korean companies. The service and support of the product are taken responsible by Insec Security(NYSE Jong Gwang, Kim). They also place the malicious code analysts for this project. The APT solution from Fire Dragon senses abnormal pattern in network, based on behavior detection technique and send it to the sandbox to analyze. By analyzing and detecting entire network traffics, the sensor separates suspicious packets. Also...

5 Myths of Virtualization Security: You May Be More Vulnerable Than You Think

  Myth No. 1: My Existing Endpoint Security Will Protect My Virtual Environment While most traditional endpoint security solutions are virtual-aware and provide some low levels of protection for virtual environments, this protection is too limited. It simply isn’t enough to cope with modern threats. Also, the performance brain, especially in large deployments, can cripple your virtual machines. Depending on the virtualization platform used — VMware, Citrix, Microsoft, etc. — your traditional endpoint security suite probably can recognize virtual endpoints. In many cases, however, this physical software can’t bring its full toolset of antimalware to the virtual world, and it can perform only basic tasks, like on-access scanning. Worse, traditional endpoint security software can create security gaps as a result of slowing down the network — like security being disabled altogether. Myth No. 2: My Existing Antimalware Doesn’t Interfere With My Virtual Environment Operations The truth is, it does. Performance issues actually can create security gaps that didn’t exist in your physical environment. Traditional endpoint security uses an agent-based model. Basically, each physical and virtual machine has a copy of the security program’s agent on it, and this agent communicates with the server while performing its security tasks. This works fine for physical machines, but if you have 100 virtual machines, then you have 100 instances of this security agent plus 100 instances of its malware signature database running on a single virtual host server. This high level of duplication causes massive performance degradation and wastes tons of storage capacity. In this model, if a dozen of your virtual machines simultaneously start running a normal security scan, all the...

Banking malware sniffs out data sent over HTTPS

Careful online banking users can sometimes spot that something is amiss when malware installed on their computer pops up phishing pages or adds fields to legitimate banking forms. But the Emotet banking malware doesn’t bother with that, and sniffs out data sent over secured connections instead. According to Trend Micro researchers, German users are particularly in danger from this malware family, although infections have also been spotted in the rest of the EMEA region, as well as in North America and the Asian-Pacific region. The variants targeting German users are delivered to the victims via fake bank transfer notifications and shipping invoices. Clicking on the embedded links triggers the download of the malware. The first thing that the malware then does when run is contact its C&C, from which it downloads additional files, including the configuration file that contains information about targeted banks. “Another downloaded file is a .DLL file that is also injected to all processes and is responsible for intercepting and logging outgoing network traffic. When injected to a browser, this malicious DLL compares the accessed site with the strings contained in the previously downloaded configuration file,” the researchers explained. “If strings match, the malware assembles the information by getting the URL accessed and the data sent. The malware saves the whole content of the website, meaning that any data can be stolen and saved.” The malware is also capable of hooking into a number of network APIs, which allow it to sniff out data sent over...

Labs Report Sees Mobile Malware Abuse Trust in Early 2014

McAfee Labs today released the McAfee Labs Threats Report: June 2014, revealing mobile malware tactics that abuse the popularity, features, and vulnerabilities of legitimate apps and services, including malware-infested clones masquerading as the popular mobile game Flappy Birds. The report highlights the need for mobile app developers to be more vigilant about the security of their apps, and encourages users to be mindful when granting permission requests that criminals could exploit for profit. The manipulation of legitimate mobile apps and services played a key role in the expansion of mobile malware at the beginning of 2014. McAfee Labs found that 79 percent of sampled clones of the Flappy Birds game contained malware. Through these clones, perpetrators were able to make phone calls without user permission, install additional apps, extract contact list data, track geo-location, and establish root access for uninhibited control over anything on the device, including the recording, sending, and receiving of SMS messages. Other examples of trusted mobile app and service features being manipulated for criminal gain include: Android/BadInst.A: This malicious mobile app abuses app store account authentication and authorization to automatically download, install, and launch other apps without user permission Android/Waller.A: This Trojan exploits a flaw in a legitimate digital wallet service to commandeer its money-transfer protocol and transfer money to the attacker’s servers Android/Balloonpopper.A: this Trojan exploits an encryption method weakness in the popular messaging app WhatsApp, allowing attackers to intercept and share conversations and photos without users’ permission “We tend to trust the names we know on the internet and risk compromising our safety if it means gaining what we most desire,” said Vincent...

Hackers Arrested by US

U.S. authorities said Monday they have disrupted two sophisticated types of computer malware used to steal millions of dollars from people all over the world. The Gameover Zeus botnet, a network of virus-infected computers, targeted thousands of small businesses. And Cryptolocker, a software that encrypts files on computers, was used to extract ransom payments from computer owners who wanted access to their files Federal prosecutors also announced charges against 30-year-old Evgeniy Bogachev, who they say led a gang of cyber criminals in Russia and Ukraine that was running Gameover Zeus. The United States is in talks with Russian authorities to try to secure Bogachev’s arrest and have him sent to the U.S. for trial. But that remains an unlikely outcome at this point. Gameover Zeus was responsible for more than $100 million in losses among U.S. victims, and up to one million computers worldwide were infected since 2011, according to the FBI. Since emerging in 2013, Cryptolocker has been used to attack about 200,000 computers, half of which were in the U.S. In its first two months, criminals extorted an estimated $27 million from victims, Deputy Attorney General James Cole said Monday. David Hickton, U.S. attorney in Pittsburgh, whose office filed the charges, said the action was intended to help “hundreds of thousands of computer users who were unwittingly infected and victimized.” Among the victims, Hickton said, was the police department in Swansea, Mass.; it paid a ransom to cyber criminals to restore access to its files after its systems were infected by Cryptolocker. In the case of Gameover Zeus, one victim lost $6.9 million from a fraudulent wire...