[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[ISN] Simple Settings That Could Curtail Some Attacks

To: isn@xxxxxxxxxxxxxxx
Subject: [ISN] Simple Settings That Could Curtail Some Attacks
From: InfoSec News <alerts@xxxxxxxxxxxxxxx>
Date: Wed, 21 Mar 2012 02:27:36 -0500 (CDT)
List-archive: <http://infosecnews.org/pipermail/isn>
List-help: <mailto:isn-request@infosecnews.org?subject=help>
List-id: InfoSec News <isn.infosecnews.org>
List-post: <mailto:isn@infosecnews.org>
List-subscribe: <http://infosecnews.org/mailman/listinfo/isn>, <mailto:isn-request@infosecnews.org?subject=subscribe>
List-unsubscribe: <http://infosecnews.org/mailman/options/isn>, <mailto:isn-request@infosecnews.org?subject=unsubscribe>
Sender: isn-bounces@xxxxxxxxxxxxxxx
User-agent: Alpine 2.02 (DEB 1266 2009-07-14)

http://www.darkreading.com/vulnerability-management/167901026/security/vulnerabilities/232602900/simple-settings-that-could-curtail-some-attacks.html

By Kelly Jackson Higgins
Dark Reading
March 20, 2012

Sometimes it's the little things -- a misconfigured network proxy or anunused and forgotten port -- that can make the difference in whether anorganization suffers a major hack.

Organizations, especially those without the security resources to keepon top of these basic hygiene configurations, often leave themselvesexposed as they struggle to keep track of the configurations. Even somelarge companies forget the little things or are so overwhelmed withvolume that they miss them. "These little things -- not letting usersdownload .exe files, or [not] using proxies for filtering, that don'timpact the business in any way" basically raise the bar for theattacker, says Marc Maiffret, CTO and co-founder of eEye DigitalSecurity.

So Maiffret says eEye later this week will roll out a free tool thatruns a quick "health-check" on some key and simple-to-fix configurationbest practices that can help shrink the attack surface. The so-called InConfiguration We Trust Tool isn't meant to replace a vulnerabilityassessment, penetration test, or proper patch management programs, butinstead to take the pulse of some of the basic protective steps inconfiguring a safer environment, Maiffret says.

The tool checks for 10 basic things you can do to properly configureyour environment: use digitally signed running processes; use digitallysigned DLLHost Services and egress port filtering; disable MicrosoftOffice converters; update Windows operating system with the latestreleases; update Microsoft Office with the latest releases; removeadministrative privileges from end user accounts; disable WebDAV; blockdirect downloads of executable files; and push egress traffic through aWeb proxy.


[...]


______________________________________________________________________________
CISSP and CEH training with Expanding Security is the fastest, easiest way
to grock the relevant data you need now.   A free class invite is in every
PainPill.  Sign up for the free weekly PainPill .  It's that easy.
http://www.expandingsecurity.com/PainPill

Prev by Date: [ISN] Duqu espionage malware authored by "old-school" developers
Next by Date: [ISN] Cyber warfare rules still being written
Previous by thread: [ISN] Duqu espionage malware authored by "old-school" developers
Next by thread: [ISN] Cyber warfare rules still being written
Index(es):
- Date
- Thread