Reflections on a successful event at Royal Ascot May 2019

/
Reflections on a successful event at Royal Ascot May 2019

Foresight Cyber sponsored the Royal Ascot event that took place on the 22nd May 2019, yes you guessed it, in Royal Ascot. Both Bob Mann and I manned the stand and we were joined by Ashley Goodman, a student of New College Swindon. We are really excited to have supported young adults wanting to get a taste of real business life. Ashley has Asperger but that didn’t stop him from coming to support us. We believe in mindful employment, meaning we take you on your skills and dedication and don’t discriminate. Talent is talent after all!

What made this event stand out for us was the varied mix of business sponsors and delegates. I would like to reflect on the discussions we had with a swath of people stopping by our stand. Most people were really interested in knowing more about our Cyber Security Assessment packages. We had to explain that what we do is way more than just a penetration test. We assess how your business would fare should a cyber attack strike. An attack coming from external but also internal people.

I especially loved a debate with a delegate who was not much interested in our services until we asked how he secured his email and internet accounts. The password reuse: human cannot remember more then a few secrets, this outdated security method is coded into the human DNA – not much we can do about it! From our experience, cyber security starts at work as people tend to bring good practices from work environment to home. As such, business should invest in training and give people easy to use tools. For example, we use 1Passwordin our business to secure all our internal staff and client secrets, and as a bonus all of our employees get a free 1Password family account. We have received great feedback from our employees about this ‘perk’.

As a closing thought I would like to thank Yola O'Hara of Visually Explained Ltd for organising the event and greatly managing and delivering to our expectations. 

Read More

Foresight Cyber Security Workshop

/

When? June 4, 2019

Where? Pohodárna Lipka Vělopolí (more here: Contact)

If you are interested in attending the workshop, please register (Deadline is May 30th): Registration

We would like to invite you to our first Workshop, which will take place on June 4, 2019, at Pohodárna Lipka. The workshop will take place in a friendly atmosphere. We will discuss the individual topics (See PROGRAM). we will play sports and in the evening there will be free entertainment. We take care of lunch, dinner and accommodation, your task is simple: arrive with a good mood.

PROGRAM

9:30 – 10:00 – Registration
10:00 – 10:30 – Introduction
10:30 – 11:00 – iTop - OpenSource CMDB as key component for asset management
11:00 – 11:30 – Chocolatey - package manager for Windows
11:30 – 12:00 – Tenable.io - Vulnerability management
12:00 – 12:30 – Foresight Cyber Platform
12:30 – 13:30 – Lunch
14:00 – 16:00 – Sport
16:00 – xx:xx – Free fun
19:00 – 20:00 Dinner

Registration

If you are interested in attending the workshop, please register by using simple Google form:Registration.

For more information, please contact: tomas.sedlacek@foresightcyber.com.

Patch and check your DMZ firewalls! Oracle WebLogic Affected by Unauthenticated Remote Code Execution Vulnerability (CVE-2019-2725)

/
tenable.png

Tenable wrote a good article. Sadly they also missed that weblogic server has no business reaching out to just any server on the one internet hence a good mitigation strategy is also block outgoing traffic from any weblogic server to internet. That could be faster mitigating solution than negotiate with business owners an out of cycle patch window. Of course the patch should be applied anyway later.

Skybox detects network devices' vulnerabilities without scanning

/
Skybox detects network devices' vulnerabilities without scanning

In our experience, the roll-out of Skybox Security Firewall and Network Assurance modules greatly improves not only visibility of the network design, compliance with security policies, but also risks associated with unpatched network devices. As it is not uncommon for organisations to run unpatches network devices and firewalls, the focus of operations security managers should be offloading vulnerability management of network devices to their owners - managers of network teams.

Read More

Critical Drupal vulnerability with an active exploit

/
IMG_0001.JPG

All owners and admin of Drupal 8 sites: please read: 

According to Shodan.io, there are over 85000 active Drupal sites. Perhaps not all of them are version 8, but could be a significant number. And we can only assume many would have enabled API access or installed modules that make them vulnerable to the latest vulnerability ‘Drupal core - Highly critical - Remote Code Execution - SA-CORE-2019-003’, as explained on the Drupal Security Advisory: https://www.drupal.org/sa-core-2019-003.

The vulnerability has been fixed in Drupal 8.6.10 and 8.6.11. 

We advise all to patch as soon as possible to prevent losing your Drupal site.  

 

Microsoft Patch Tuesday March 2019

/
Microsoft Patch Tuesday March 2019

As expected, and appreciated, Microsoft has released patches to their products (plus Adobe’s). The full list can be a bit daunting: looking at the Security Update portal, there are 1455 items in the patch table. https://portal.msrc.microsoft.com/en-us/security-guidance

All out clients subscribed to vulnerability management - Advanced SOC - services should receive notification of the applicability of these in their environments. For the rest, I want to highlight the most critical patches and actions needed.

Read More