February 14, 2019 A picture is worth a thousand words! Network Diagrams - WST This is especially true when talking about network diagrams. A network diagram is a roadmap that helps you illustrate and document what a network looks like, and how things are connected. The following diagrams should be maintained: WAN topology that clearly shows all ISP, VPN, and WAN connections, wireless connections, LAN segments along with router, firewall and IDS implementations. Individual LAN topologies showing default gateways, DNS implementation, all servers, and all network devices. Here are some key elements of good network diagrams: Keeping a [...]
February 7, 2019 DNS and MFA - WST On January 22, 2019, the Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency (CISA) issued an emergency directive with the subject, “Mitigate DNS Infrastructure Tampering” ordering all federal agencies to secure login credentials for their internet domain records. Required actions include auditing DNS records, changing DNS account passwords, adding multi-factor authentication to DNS accounts, and monitoring certificate transparency logs to detect prior unauthorized certificate issuance. This directive was issued in response to an uptick in attacks on websites and email servers by altering DNS records. CISA Director [...]
January 31,2019 It's Not Me, It's You - WST You’ve come to trust each other, and you know each other’s flaws and idiosyncrasies. You’re comfortable. Sadly, it must end. Wait, what do you think we are talking about? We mean the support for common operating systems and applications. You remember just a few short years ago when support ended for Windows XP and all your workstations and ATMs had to be (frantically) upgraded? Well, we are now less than a year from repeating that cycle. Microsoft will end “extended support” for Windows 7 on January 14, 2020. [...]
January 24, 2019 Thank You for Your Assistance - WST A nice young man approaches you in the lobby and says he is interested in your bank’s services. After explaining to him the features of checking accounts and answering questions about where ATMs are located, he thanks you for your time and assistance and asks one last thing: “Could you go to a website for me and see what their business hours are please? I need to stop there next and I am not sure if they are open.” You’ve never heard of the company or website [...]
January 17, 2019 Resting on a house of cyber cards? - WST This week we’re talking about availability. When you come into work each day, do you think about the lights being on, the water running, or the HVAC working? Probably not. Could you run your bank for a day without these utilities? Probably not. Let’s face it, information technology and the infrastructure that facilitates its use is now as essential to keeping our banks open as power, water, and HVAC. Could we operate our bank for a day without information technology? Possibly. A week? No. Similar [...]
January 10, 2019 Exchange Security Tip - WST 10-D performs hundreds of penetration tests each year, so we see trends for weaknesses into customer networks. One of the more common weaknesses we currently see is a weakness with public facing Exchange servers. It is commonly perceived that if you lock down the Exchange Outlook Web App (OWA) login portal by denying most users access and enabling two-factor authentication for the others you will secure your Exchange server from attackers. Unfortunately, a service commonly enabled on many Exchange instances called Exchange Web Services (EWS) bypasses both of those [...]
January 3, 2019 2019 Information Security Checklist - WST Like it or not…2019 is here. So now is a great time to take a close look at your 2019 schedule to make sure the critical elements of your information security program are mapped out. Here is our updated checklist for the New Year.
December 20, 2018 Don't get scarred by gift cards... - WST Gift cards are certainly better to get in your stocking than a lump of coal. Unfortunately, the thieves that deserve that lump of coal are trying to get the better end of the deal. By the time their scam is realized, it's already too late. That gift card you purchased at the store might be all used up before you even give it to the recipient. The thieves will take the information down from the card and wait for it to be activated at the register. [...]