Posted on August 22, 2011 by Josh Arrington
Limitations of technologies that are supposed to be protecting against emerging security vulnerabilities, deeper examinations of mainstream breaches and more painful insider attacks—they’re all a part of the next installment of our IT Security Rewind Series. Let’s take a look, shall we?
- You Live, You Learn: Few attacks generated as much media coverage and buzz as the attack against RSA that occurred earlier this year. This video interview from ThreatPost with Uri Rivner of RSA breaks down the different aspects of the attack including the elevation of privileges that were used to the advantage of the hackers. As Rivner explains, this breach directly exposes the limitations associated with a security strategy focused on perimeter protection, and not on the accessibility of the sensitive information and controls that can easily be manipulated from the inside of a system.
- DAMn—Is this technology working?: A feature from Ericka Chickowski of Dark Reading finds that financial institutions are still struggling with insider threats and other security vulnerabilities despite investments in database activity monitoring tools. While DAM technology plays a critical role in protecting against SQL injections and exploits in database protocols and commands, its inherent limitation in providing for privileged user monitoring may play a key role in its apparent ineffectiveness.
- Fast Food Diner on Network Crime: As IDG reported, a former IT worker at the U.S. subsidiary of Japanese drug-maker Shionogi, has pleaded guilty to effectively using his privileged access and controls to “create virtual chaos” by wiping out the VMWare host services that ran the company’s corporate email systems. Apparently, after laying off the employee, Jason Cornish, Shionogi did a poor job of revoking passwords to the company’s network. Using a Shionogi account, Cornish logged on from a public McDonald’s Internet connection to access a vSphere VMware management console that he’d secretly installed on the company’s network a few weeks earlier. He then proceeded to delete 88 company servers from the VMware host systems—further highlighting the need to control privileged users in both physical AND virtual environments.
That’s a wrap for this week—let us know what other stories you think should be added to the rewind.
Grossly Underestimating the Privileged Account Security Problem Part 3: Automating Privileged Account Management and Cyber-Ark DNA™ (Discovery & Audit)
Posted on May 16, 2013
Grossly Underestimating the Privileged Account Security Problem Part 2: Defining Privilege with Cyber-Ark CMO, John Worrall
Posted on May 9, 2013
Posted on May 8, 2013
Posted on May 6, 2013
Posted on May 3, 2013
AP Hack & Social Media Accounts – Another Great Example of the Danger of Shared, “Privileged” Accounts
Posted on April 25, 2013
Posted on April 1, 2013
Posted on February 22, 2013
DoE Security Breach Proves No Organization is Immune to Advanced Threats and the Privileged “Insider”
Posted on February 15, 2013
Copyright 2013 Cyber-Ark Software - All Rights Reserved