#TBT – Let’s take it all the way back to 1984 and The Karate Kid

by Viewfinity 13. November 2014 15:19

Let’s set the stage; It’s 1984, Los Angeles California, and the All Valley Karate Tournament is coming to a close. We all know how it goes; wrought with tension and emotion, against all odds, the hurt and exhausted Daniel Larusso musters up his strength to defeat Johnny Lawrence with a simple yet harrowing Crane Kick, to win the championship.

 

 

 

This very Crane Kick has become an iconic 80’s movie scene, which has been copied and parodied countless times. This week one of our Waltham, Mass. neighbors, Boston Dynamics, found a new and exciting way to pay homage to this powerful movie moment. The company recently posted a video of their robot, Ian, performing that very same crane kick stance.

 

 Ian is no Terminator, another iconic 1984 character, but one thing is definitely for sure, there is no way even Mr. Miyagi could have predicted the amazing technology that would allow this robot to move with such flow and precision.

 

 

 

So here’s the ultimate question – who do you think would win in a fight, Daniel-San or the Terminator?

Share with us your best Throw Back Thursday technologies and we will post them on our blog too!

 

 

 

Be the first to rate this post

  • Currently 0/5 Stars.
  • 1
  • 2
  • 3
  • 4
  • 5

Tags:

Microsoft Security Bulletin Summary for October 2014: Vulnerabilities Connected to Users with Local Admin Rights

by Alex Shoykhet 10. November 2014 13:30

The most recent Microsoft Security Bulletin outlined several vulnerabilities which are preventable with the removal of admin rights.  For information on how Viewfinity can help remove the risk of these vulnerabilities, and many other security loopholes associated with excess admin rights contact us at: info@viewfinity.com or 800-455-2010.

  1. Microsoft Security Bulletin MS14-058
    Critical
    Win32k.sys Elevation of Privilege Vulnerability - CVE-2014-4113.

    An elevation of privilege vulnerability exists when the Windows kernel-mode driver improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode.
    An attacker could then install programs; view, change, or delete data; or create new accounts with full administrative rights.

  2. Microsoft Security Bulletin MS14-061
    Vulnerability in Microsoft Word and Office Web Apps Could Allow Remote Code Execution (3000434)
    CVE-2014-4117
    A remote code execution vulnerability exists in the way that Microsoft Office software parses certain properties of Microsoft Word files. If an attacker is successful in exploiting this vulnerability, and if the current user is logged on with administrative user rights, the attacker could take complete control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

  3. Microsoft Security Bulletin MS12-060
    Important. Vulnerability in Windows OLE Could Allow Remote Code Execution (3000869)

    This security update resolves a privately reported vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if a user opens a Microsoft Office file that contains a specially crafted OLE object. An attacker who successfully exploited this vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administrative user rights, an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Customers whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

  4. Microsoft Security Bulletin: MS14-062
    Vulnerability in Message Queuing Service Could Allow Elevation of Privilege (2993254)

    This security update resolves a publicly disclosed vulnerability in Microsoft Windows. The vulnerability could allow elevation of privilege if an attacker sends a specially crafted input/output control (IOCTL) request to the Message Queuing service. Successful exploitation of this vulnerability could lead to full access to the affected system. By default, the Message Queuing component is not installed on any affected operating system edition and can only be enabled by a user with administrative privileges. Only customers who manually enable the Message Queuing component are likely to be vulnerable to this issue.

  5. Microsoft Security Bulletin MS14-056
    Cumulative Security Update for Internet Explorer (2987107)

    This security update resolves fourteen privately reported vulnerabilities in Internet Explorer. The most severe of these vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Internet Explorer. An attacker who successfully exploited these vulnerabilities could gain the same user rights as the current user. Customers whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights.

  6. Microsoft Security Bulletin MS14-063
    Vulnerability in FAT32 Disk Partition Driver Could Allow Elevation of Privilege (2998579)

    This security update resolves a privately reported vulnerability in Microsoft Windows. An elevation of privilege vulnerability exists in the way the Windows FASTFAT system driver interacts with FAT32 disk partitions. An attacker who successfully exploited this vulnerability could execute arbitrary code with elevated privileges.

Be the first to rate this post

  • Currently 0/5 Stars.
  • 1
  • 2
  • 3
  • 4
  • 5

Tags:

Get Ready For the Holiday Season with Tips for Keeping Your Credit Card Protected

by Viewfinity 3. November 2014 13:46

It's November, which means, brisk air, warm clothes, and lots of shopping as the holidays will be here in the blink of an eye. We came across a great article that weighs out some different payment methods that you can use this year, and the best steps to take to keep your credit cards safe while shopping. There is nothing that brings down holiday cheer more than having your accounts compromised. Take a look at this article, it's very helpful.

 

Credit.Com News - A Holiday Shopping Season Guide to Protecting Your Credit Card

 

Be the first to rate this post

  • Currently 0/5 Stars.
  • 1
  • 2
  • 3
  • 4
  • 5

Tags:

R.I.P. Security Breaches

by Viewfinity 31. October 2014 09:04

The scary truth is that most organizations will experience a security breach. Yet on a daily basis, we talk to IT security professionals who are committed to securing their environment; however, they are faced with multiple options regarding IT security software. It is clear there isn't a one size fits all solution.In honor of Halloween, the below infographic illustrates methods for closing down security loopholes related to local admin rights and application monitoring. Also be sure to check out our webinar on Wednesday: Steps Hackers Take to Infiltrate Windows Infrastructures and Least Privilege Application Control.

 

 

Be the first to rate this post

  • Currently 0/5 Stars.
  • 1
  • 2
  • 3
  • 4
  • 5

Tags:

The State of POS: Protecting Yourself and Your Company from Devastating Data Breaches

by Viewfinity 23. October 2014 10:50

2013 was labeled “The Year of the Mega Breach” as more and more consumer facing companies were ravaged by devastating POS attacks. 2014 has done nothing but prove that these types of attacks are only getting faster, more frequent, and harder to detect.   

Attend our Nov 5th webinar:
 Steps Hackers Take to Infiltrate Windows Infrastructures and Least Privilege Application Control

The fact is that IT professionals are doing everything they can to prevent these breaches. Unfortunately, as quickly as security practices adapt, so do hackers and advanced malware.  Where there is no one-size-fits-all security solution, here are select insights from industry experts sharing their knowledge, and knowledge is power.

Jon Oltsik, Senior Principle Analysts for ESG

  “If Target used some type of application controls (from Bit 9, Kaspersky, McAfee, Viewfinity etc.)… it may have bad a better fighting chance.”

SANS 5 Quick Wins:  #1 Application whitelisting; #5 Reduce the number of users w/ admin privileges

 

Mike Rothman, Securosis, Reducing Attack Surface with Application Control:  

In Reducing Attack Surface with Application Control, we look at the double-edged sword of application control, detail a number of use cases where it fits well, and define selection criteria to consider for the technology.

Paul Ducklin, 2009 winner of the AusCERT Director’s Award for Individual Excellence in Computer Security
Ducklin stresses the importance of ensuring that 3rd party vendors and contractors are amply protected, especially if the POS vendors access your networks remotely. More here.

Steven Norton, The Wall Street Journal
“Rolling out EMV technology in brick-and-mortar stores is a step in the right direction, but it won’t solve the entire security problem. While it can significantly reduce fraud, it doesn’t take in to account online transactions and may not help companies identify larger threats to the point-of-sale systems.”  Steven Norton: Security Breaches Trigger Retail’s Big Players to Call for Major Tech Challenges

Tracy Kitten, Bank Info Security
“By educating merchants about compliance with the Payment Card Industry Data Security Standard, or, in some cases, even providing network security services to their merchant customers, banking institutions are playing a more aggressive role in ensuring card fraud associated with point-of-sale attacks is contained.” Tracy Kitten: Banks: How to Stop POS Breaches

When it comes to POS and retail security breaches, unfortunately there is no easy button, no simple fix, but the strongest weapon you have is knowledge.  First and foremost organizations should adhere to the principle of least privileges; removing admin rights can eliminate a large number of security loopholes. Application whitelisting on POS devices ensure that only approved applications are running. Finally visibility into these activities with proper monitoring and forensic analysis can help accelerate threat detection and remediation in the event that a breach does occur.       

USE CASE BREAKDOWN: Eradicate Nuisance Help Desk Calls – Movado Group Inc.

by Viewfinity 13. October 2014 16:36

USE CASE BREAKDOWN: Eradicate Nuisance Help Desk Calls – Movado Group Inc.

Movado Group Inc. implemented a corporate initiative to lock down its endpoint environment to improve security.  Once administrator rights had been removed, Movado deployed Viewfinity Privilege Management and use automated policies that resolve the challenges that present due to the removal of  admin rights. In addition to the reduction in time-consuming support related requests that occurred prior to lock down, such as reimaging of malware infected machines, Movado Group Inc. was able to completely eradicate nuisance help desks calls within their environment.

Movado Group Inc. - Use Case Webcast

Movado Group Inc. - Full Case Study

 
   

Fast Facts

Project Scope: Eliminate nuisance calls due to removal of admin rights and improve end user productivity through faster resolution of IT issues.

  • Multiple sales and distribution offices around the world, with over 1300 employees
  • Workforce is comprised of 1100 endpoints 60/40 laptop/desktop
  • 10% of staff are mobile workers and 30% work in retail locations

The Situation Breakdown

Challenge #1: With a locked down environment employees were unable to perform day-to-day tasks like printer installs, application upgrades etc. which were required for their job functions.

Solution: Using Viewfinity, Movado Group Inc., was able to run an audit of their environment for 30 days, identifying applications and processes which required admin privileges.

Result: Within a month of rolling out Viewfinity, Movado Group Inc. realized a complete eradication of nuisance calls. End users were able to be self-reliant, handling day-to-day task such as printer installs and java updates without having to be granted admin rights.

Challenge #2: The Movado Group IT staff spent a great deal of time making desk-side visits to fix small problems, negatively impacting productivity as users waited for tech support to arrive, and taking up valuable time for IT staff.

Solution: Movado Group Inc. was able to establish proactive policies to handle elevation needs automatically. The policies were predefined to fit actual user needs based on the Viewfinity Audit previously run.

Result: Rolling out Viewfinity helped to control unproductive downtime and predict potential problem areas. End users are able to run updates and install necessary applications on their own but the system is streamlined and controlled from the backend. End users maintain the independence and control they require being in regional offices but still receive the security benefits of a locked down environment.

 

USE CASE BREAKDOWN: Increase Security While Decreasing Costs – Process-Based Privilege Management – Apex Companies

by Viewfinity 3. October 2014 16:27

Increase Security While Decreasing Costs – Process-Based Privilege Management

 

Apex Companies uses Viewfinity to increase their IT security and harness the process-based privilege management capabilities to lower desktop management costs for a maximized ROI. Below is a breakdown of their success story as well as a recording to their live use case presentation.

Apex Companies - Use Case Webcast

Apex Companies - Full Case Study

 

 

 

Fast Facts

Project Scope: Remove administrator rights from all employees without impeding user productivity
  • IT staff is very lean, with only three support members responsible for all endpoints spanning 35 geographically disbursed branch offices
  • Apex saves hundreds of thousands of dollars in desktop management costs per year with Viewfinity
  • IT typically performed well over 500 installs on an annual basis, ranging from simple upgrades to full application installs – Viewfinity reversed the previously ineffective and costly method of deploying updates and handling installs

The Situation Breakdown

Challenge #1: Must enforce stringent policies for network and system access

Solution: Move to a fully locked down environment with privilege elevation on the application level, which removes the need for providing individual users or groups access to admin rights.

Result: Viewfinity allows Apex Companies to pre-define policies and granularly manage end-user privileges, thus meeting company compliance requirements.

Challenge #2: Need to ensure all software is installed legally and that all applications have valid licenses

Solution: Application whitelisting to allow control of which processes, applications, versions etc. are allowed to run within the environment.

Result: “Viewfinity’s reporting allows me to quickly ascertain which applications are installed, how many are installed, when they were installed, and on which computers. I use this information to budget as well as to maintain license legality… With Viewfinity I have very accurate, complete information.”

Challenge #3: Need to provide timely support to end users despite lean IT staff and geographically dispersed end users

Solution: Pre-defined policies and application whitelists can enable end users to perform simple tasks (upgrades, installs, settings) without having to contact IT support for help.

Result: Because of Viewfinity’s whitelisting capabilities, users no longer need to contact Apex IT in order to perform routine updates or whitelist installs. Viewfinity allowed Apex to realize a reduction of hundreds of thousands of dollars in desktop management costs per year.

 

  

National Cyber Security Awareness Month - October 2014 – Viewfinity Brings it Back to the Basics

by Viewfinity 1. October 2014 12:46

It’s that time of year again; time to fill your ears with cyber security news, info, and tips… even more than we do already.

 

 

Last year we celebrated the month by introducing a customer use case presentation series; if you missed that you can still see all of the presentations here. This year there seems to be a constant influx of data breaches, hitting companies small and large. With some 75 Million records compromised this year to date, we’ve decided to bring it “back to the basics” this year and share information that will help organizations fortify security foundations with best practices like removing admin rights and monitoring which applications are running in your environment, which will help detect and filter out rogue applications.

Yesterday we kicked off CSA month with a 30 minute webinar which drew in over 500 live attendees – Best Practices for Removing Admin Rights: A Step-by-Step approach. If you didn’t get a chance to see it live you can access the recording here.

Stay tuned.  All through October we will share webcasts, blogs, use case presentations and other programs to help you build a stronger foundation for IT security.

 

 

Be the first to rate this post

  • Currently 0/5 Stars.
  • 1
  • 2
  • 3
  • 4
  • 5

Tags:

Patch Management | Principle of Least Privileges | Privilege Management | Security | Security Protection

Mike Rothman, Securosis, Hindsight For-the-Win

by Mary Rose 25. September 2014 11:25

This week Mike Rothman of Securosis, a premier security analyst firm, delivered a realistic point of view on his daily soapbox related to the hindsight preaching that happens after an IT security breach.  His assessment justly presents a factual take on all the considerations related to business and technology decisions as a company evolves its IT security defenses.  Every day we meet with and talk to IT Security professionals who are faced with multiple decision points, and these folks are working ever so hard to stay ahead and make the best choices.  As Mike states, “It is disingenuous to make assumptions about what they did or didn’t do and why, so I will not.”  We agree.  And, self-servingly, are also here to offer a product that provides whitelisting and management of local admin rights for those who may want to budget for this line of defense in 2015.

 

Image Source: Securosis Blog https://securosis.com/blog/hindsight-ftw
 

Be the first to rate this post

  • Currently 0/5 Stars.
  • 1
  • 2
  • 3
  • 4
  • 5

Tags:

FORBES: $62 million in costs estimated so far in regarding the Home Depot breach

by Viewfinity 19. September 2014 13:31

Forbes reports “With 56 Million Cards Compromised, Home Depot's Breach Is Bigger Than Target's

Home Depot estimates that the breach has cost approximately $62 million, with more costs likely to come. The company believes it will be reimbursed $27 million thanks to its insurance coverage. Last month, Target announced that its breach cost the company $148 million, more than twice the amount Home Depot is estimating.

According to its statement, Home Depot believes it will have a 4.8 percent growth in sales this year, as previously predicted. When Home Depot first began investigating a potential breach, Forbes reporter Samantha Sharf notedthat Home Deport could suffer high financial losses from the breach, with one analyst predicting a loss of 7 cents per share from Home Depot’s 2014 earnings.

 

Read the full article:  http://www.forbes.com/sites/katevinton/2014/09/18/with-56-million-cards-compromised-home-depots-breach-is-bigger-than-targets/

Be the first to rate this post

  • Currently 0/5 Stars.
  • 1
  • 2
  • 3
  • 4
  • 5

Tags:

Powered by BlogEngine.NET 1.4.5.0
Theme by Mads Kristensen

Calendar

<<  November 2014  >>
MoTuWeThFrSaSu
272829303112
3456789
10111213141516
17181920212223
24252627282930
1234567

View posts in large calendar

About Viewfinity

Viewfinity provides privilege management and application control for desktops, laptops and servers, empowering enterprises to meet compliance mandates, reduce security risks, and lower IT costs. The Viewfinity solution allows enterprises to control end user and privileged user rights for applications and systems which require elevated permissions. Viewfinity's granular-level control enables companies to establish and enforce consistent policies for least privilege Windows-based environments based on segregation of duties. For more information, visit www.viewfinity.com.

Follow us on Twitter: viewfinity
Find us on LinkedIn: www.linkedin.com/companies/viewfinity
Become a fan on Facebook: www.viewfinity.com/facebook