Updated: October 6, 2010

Welcome to DR Data Security, specializing in Information Security consulting services for the Southeast US with a focus on Florida business needs. We look forward to discussing your requirements and how we may be able to assist you with your IT Security initiatives.

Comments Off

President Obama on Sony and Cybersecurity

Updated: December 20, 2014

President Obama’s recent press conference regarding the Sony security breach underlines why we are in the business of protecting information assets across physical, virtual and cloud environments – it is our patriotic duty to not give in to nation-state funded cyberterrorism.


Comments Off

Remember on Cyber Monday that your password is your weakest security link

Updated: December 1, 2014

With online holiday shopping in full swing today for “Cyber Monday”, remember that your passwords are the weakest link in your personal information security. There are a myriad of free and inexpensive multi-factor authentication solutions available which work with almost any platform and application imaginable. Even the most complicated passwords are not good enough because today’s cheap cloud computing power makes cracking hashes and old fashioned brute forcing a trivial task. Even Microsoft is getting on board with this idea for their upcoming Windows 10 release – http://www.infoworld.com/article/2838016/operating-systems/windows-10-to-get-twofactor-authentication-builtin.html.

Happy shopping!


Comments Off

Bug in Bash shell creates big security hole on anything with *nix in it!

Updated: September 25, 2014

There is an easy test to determine if a Linux or Unix system is vulnerable. To check your system, from a command line, type:

env x='() { :;}; echo vulnerable' bash -c "echo this is a test"

If the system is vulnerable, the output will be:

 this is a test

An unaffected (or patched) system will output:

 bash: warning: x: ignoring function definition attempt
 bash: error importing function definition for `x'
 this is a test

The fix is an update to a patched version of the Bash shell. To be safe, administrators should do a blanket update of their versions of Bash in any case.

More information at http://arstechnica.com/security/2014/09/bug-in-bash-shell-creates-big-security-hole-on-anything-with-nix-in-it/

Comments Off

Do you really know if your network has been hit with the “Backoff” malware?

Updated: August 25, 2014

From Computerworld:

IDG News Service - More than 1,000 major enterprise networks and small and medium businesses in the U.S. have been compromised by a recently discovered malware package called “Backoff”; and are probably unaware of it, the U.S. Department of Homeland Security (DHS) said in a cybersecurity alert on Friday.

Does your APT/AET detection technology measure up? Not all security vendors have the same capabilities to detect the evasion techniques used by “Backoff” and similar malware variants. We have helped our customers defend against APT, and we have successfully contained APT infections when detection fails (or was never in place to begin with).

We welcome the opportunity to discuss your APT concerns, countermeasures and detection techniques. Please contact us to learn more about our threat mitigation capabilities and strategies.

Comments Off

Make email more secure by enabling opportunistic TLS.

Updated: June 6, 2014

It may seem basic, but for those who are responsible for managing email servers, ensure that you have opportunistic TLS enabled. With opportunistic TLS, your email sever will first attempt an encrypted connection to the destination server before defaulting to clear text mail transmission.

TLS security is far from perfect, as x.509 certificate signing and hashing/cipher strength best practices must be adhered to by all parties for TLS to be an effective eavesdropping countermeasure. However, opportunistic TLS is a “free” email security enhancement everyone can benefit from.

According to Google, almost half of the world’s email servers are not taking advantage of TLS.

You can see who is, and is not encrypting email with TLS to and from Gmail at http://www.google.com/transparencyreport/saferemail

Validate your own TLS configuration using free testing tools at  http://www.checktls.com/tests.html

Comments Off

TrueCrypt has truly disappeared!

Updated: May 29, 2014

Over the past 24 hours, the website for TrueCrypt (a very widely used encryption solution) was updated with a rather unusually styled message stating that TrueCrypt is “considered harmful” and should not be used. The announcement posted at truecrypt.sourceforge.net states:

“WARNING: Using TrueCrypt is not secure as it may contain unfixed security issues… The development of TrueCrypt was ended in 5/2014 after Microsoft terminated support of Windows XP. Windows 8/7/Vista and later offer integrated support for encrypted disks and virtual disk images. Such integrated support is also available on other platforms… You should migrate any data encrypted by TrueCrypt to encrypted disks or virtual disk images supported on your platform”

For more details on this breaking story, please read the Forbes article at www.forbes.com/sites/jameslyne/2014/05/29/open-source-crypto-truecrypt-disappears-with-suspicious-cloud-of-mystery/

We recommend decrypting all data protected with TrueCrypt, and re-encrypting with BitLocker or a similar enterprise-class encryption solution, such as SafeNet.

Contact us to discuss your unique encryption needs and best practices. We are experts in balancing cryptography and performance goals.

Comments Off

Everything you need to know about the OpenSSL Heartbleed bug.

Updated: April 9, 2014

Everything you need to know about the OpenSSL Heartbleed bug, including tools to test for the vulnerability, Snort signatures to detect attacks, and patches can be found at http://blog.fox-it.com/2014/04/08/openssl-heartbleed-bug-live-blog/.

F5’s LTM is unaffected so long as you are using the Native/Default ciphers on their Cavium card – http://support.f5.com/kb/en-us/solutions/public/15000/100/sol15159.html.

Make sure that you obtain new SSL certificates from your CA if you have been affected by this attack and remember you must restart all services which use OpenSSL libraries for the patch to take effect.

Contact us if you would like to discuss how to prepare for future crypto/memory attacks. There will be more of these events in the news because the tools to identify security weaknesses in memory have evolved to make the task of finding attack vectors less time consuming – https://code.google.com/p/volatility/.

Comments Off