NetWorks Group Blog

Improving Security by Introducing a Full Scope Penetration Testing Strategy

Posted by Michael Walker on Sep 17, 2018 1:37:34 PM

Hackers and cybercriminals constantly search for vulnerabilities in organizations. In recent years, they have stepped up attacks on networks that contain large amounts of personal data.

Read More

Topics: Penetration Testing, Information Security, Ethical Hacking

Spear-phishing: Are they preventable ?

Posted by NetWorks Group on May 1, 2018 1:27:03 PM

Spear-Phishing Attacks: Are They Preventable?

Phishing attacks are increasing at alarming rates. Surveys show that 71% of businesses are not prepared to manage these type of attacks. Many businesses are finding that their defenses are limited and people in the highest offices are vulnerable.

Read More

Topics: Information Security

Are Employees Dodging Security?

Posted by Nick Brigmon on Apr 12, 2018 11:29:23 AM

Are Employees Dodging Security?

My team regularly assists clients in battling with users trying to access non-business related sites or remote locations that may have been deemed not work appropriate. Before we blame the end-user for not respecting the rules our organizations have set, we must remember that not all end users are aware of the risks involved when they visit these nefarious locations. On top of that, not everyone is able to utilize only  business related information for the full 8 hours of the workday! But there are plenty of clean websites that usually aren’t blocked that are known clean sites and can get your mind off work for some time. We need to continue to block sites that are known bad despite the battle it may take.

Read More

Topics: Information Security, Threat Management

When 911 emergency call system is struck by cyberattack

Posted by NetWorks Group on Apr 9, 2018 10:23:53 AM

When a 911 Emergency Call System Is Struck by a Cyberattack

Cyberattacks are occurring with greater frequency and they can wreck havoc in a business or an organization. When an emergency system is attacked, however, the results can be potentially life-threatening. 
Read More

Topics: Threat Management, Information Security

Understanding The Cyber Kill Chain

Posted by Jyothish Varma on Mar 1, 2018 11:56:48 AM

The cyber kill chain concept is based on the military kill chain, which uses a three-stage process that covers target identification, defending against the attack and wiping out the target. Lockheed Martin started using the "kill chain" to refer to information security. It applies these same steps to cyber attackers who attempt to break into its computer network and corrupt or steal data. While the analogy may not always be a perfect one when you compare the cyber kill chain to the original military one, this concept gives you the opportunity to break a cyber attack into easily comprehensible stages.

Read More

Topics: Information Security, Threat Management

Critical Vulnerability Advisory: Cisco ASA Remote Code Execution & DOS Vulnerability - Updated - Additional Patching Required

Posted by NetWorks Group on Feb 5, 2018 2:08:51 PM

Cisco ASA Remote Code Execution & DOS Vulnerability

Release Date (01-29-2018) - Updated (02-05-2018) CVE#-2018-0101

Affected Products - Must have WebVPN enabled to be vulnerable

  • 3000 Series Industrial Security Appliance (ISA)
  • ASA 5500 Series Adaptive Security Appliances
  • ASA 5500-X Series Next-Generation Firewalls
  • ASA Services Module for Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers
  • ASA 1000V Cloud Firewall
  • Adaptive Security Virtual Appliance (ASAv)
  • Firepower 2100 Series Security Appliance
  • Firepower 4110 Security Appliance
  • Firepower 4120 Security Appliance
  • Firepower 4140 Security Appliance
  • Firepower 4150 Security Appliance
  • Firepower 9300 ASA Security Module
  • Firepower Threat Defense Software (FTD)
  • FTD Virtual

Vulnerability Details

After further investigation, Cisco has identified additional attack vectors and features that are affected by this vulnerability. In addition, it was also found that the original fix was incomplete so new fixed code versions are now available.

Read More

Topics: Threat Advisory, Information Security

Critical Vulnerability Advisory: Cisco ASA Remote Code Execution & DOS Vulnerability

Posted by NetWorks Group on Jan 30, 2018 4:05:47 PM

Cisco ASA Remote Code Execution & DOS Vulnerability

Release Date (01-29-2018) CVE#-2018-0101

Affected Products - Must have WebVPN enabled to be vulnerable

  • 3000 Series Industrial Security Appliance (ISA)
  • ASA 5500 Series Adaptive Security Appliances
  • ASA 5500-X Series Next-Generation Firewalls
  • ASA Services Module for Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers
  • ASA 1000V Cloud Firewall
  • Adaptive Security Virtual Appliance (ASAv)
  • Firepower 2100 Series Security Appliance
  • Firepower 4110 Security Appliance
  • Firepower 9300 ASA Security Module
  • Firepower Threat Defense Software (FTD)

Vulnerability Details

This vulnerability affects an unknown function of the SSL VPN component within the ASA. The vulnerability is triggered when an attacker attempts to double free a section of memory when the VPN component is active on the ASA. An attacker could exploit this vulnerability by sending multiple, crafted XML packets to a webvpn-configured interface on the affected system.

Read More

Topics: Threat Advisory, Information Security

HIPAA vs Security: Building security into medical purchasing decisions

Posted by Amanda Berlin on Jan 23, 2018 10:37:00 AM

What the security community says about a specific industry vertical usually holds true for a good percentage of what is seen in the wild. You can ask any hacker, defender, CISO, etc what industries struggle the most and there are common themes in their answers. Top of the list includes healthcare, manufacturing, government, and financial. Some of the most heavily compliance controlled and regulated are also some of the least secure. Why is this? Is it due to administrators and senior management taking compliance standards as gospel? Maybe it’s a lack of knowledgeable staff like the blind leading the blind.

Read More

Topics: HIPAA, Healthcare, Information Security, Compliance

HIPAA Covered Entity: Know How to Respond to a Cyber Security Incident

Posted by Jyothish Varma on Jan 18, 2018 9:33:59 AM

Know How to Respond to a Cyber Security Incident

Organizations that fall under the purview of HIPAA have to respond quickly to a cyber attack. The Office for Civil Rights (OCR) under the U.S. Department of Health and Human Services (HHS) issued a step-by-step guide to aid organizations. As a covered entity, your organization must have a contingency plan and incident procedures in the event of a security breach.

Read More

Topics: HIPAA, Healthcare, Threat Management, Incident Response, Information Security

Understanding OCR Guidance on Ransomware

Posted by Jyothish Varma on Dec 27, 2017 10:11:00 AM

Understanding OCR Guidance on Ransomware

With the prevalence of data breaches, ransomware has also come to the forefront of security threats. This malicious software is created by hackers who encrypt data and hold it hostage. Users are denied access to this data until they pay a ransom to the hacker.

Read More

Topics: HIPAA, Healthcare, Threat Management, Managed Detection & Response, Information Security

Subscribe to our blog!