Tag Archive for: ‘blind’

How to avoid security blind spots when logging and monitoring

/in


Cybersecurity involves a balancing act between risk aversion and risk tolerance. Going too far to either extreme may increase cost and complexity, or worse: cause the inevitable business and compliance consequences of a successful cyberattack. The decisions that need to be made around logging and monitoring are no exception.

logging monitoring

Capturing all data from every device on the network can create bottlenecks, overwhelm log management, and obfuscate signs of network penetration, or malicious activity. Not capturing all the critical log data can result in monitoring that fails to identify attacks before they do damage or assist in forensics after the incident.

Getting logging and monitoring right is so important that it is listed among the Center for Internet Security’s critical security controls.

Failing to log creates blind spots

Failing to activate logging creates security blind spots in your network that will only become apparent after the fact (i.e., when an attack is successful). Every component of your extended infrastructure — on premises and remote — should be configured to generate appropriate audit events. These components include operating systems, system utilities, servers, workstations, networking equipment, and security systems (which include anti-malware, firewalls, intrusion detection and prevention systems, and VPNs).

This applies whether you run your own security information and event management (SIEM) solution for log management or use a managed SIEM with SOC-as-a-Service for 24/7 monitoring, alerting, and reporting. The SIEM relies on log data feeds to provide protection. It can’t see alerts on what’s not being logged. Responsibility for making devices and apps visible often falls outside of the security organization.

For example, failure to activate logging can happen if there is a “set it and forget it” mindset. The reality is that networks are always changing. New endpoint devices are continually being added and removed due to personnel changes, addition of new locations, flexible work programs that let employees work from home, new mobility solutions, and the like.

Assuming that new apps and devices — including new cloud infrastructure…

Source…

Schools for the Deaf and the Blind will re-open next week following building fire

/in


ROMNEY, W.Va. — The West Virginia Schools for the Deaf and the Blind will welcome students back to campus next week after a recent fire destroyed the school’s administration building.

The Feb. 26 blaze damaged key services and utilities, including internet servers, telephone services and security camera surveillance. No one was injured during the fire.

The administration building was built in the 1800s. The building was vacant at the time of the fire; offices and personnel moved to other spaces late last year. Historical contents of the building were cataloged amid the move.

Students were away from campus at the time of the fire.

“This was more than a building to the school and the community, it was a part of the culture and tradition, and it is a significant loss to everyone,” State Superintendent of Schools Clayton Burch said.

“However, once again, I witnessed numerous examples of community pride and compassion. It was inspiring to see the response of so many agencies, organizations, community members and individuals from around the country who stepped into action and showed concern in a number of ways.”

The State Fire Marshal and the U.S. Bureau of Alcohol, Tobacco, Firearms and Explosives investigated the fire, in which the cause remains undetermined.

Source…

Talking Labels Aid the Blind With Prescriptions

/in



Not for over-the-counter drugs

One drawback to these talking RFID labels is that they’re generally used for prescriptions only, and not for over-the-counter drugs.

“This one area of our advocacy has been the most challenging,” Bridges says. “Obviously, we wanted to focus first on prescription drugs because they’re the most critical to our own health.”

Neva Fairchild, national aging and vision loss specialist at the American Foundation for the Blind (AFB), uses the CVS app and sometimes braille labels for prescription drugs.

“You’d be amazed how much an ibuprofen feels like an iron pill feels like an allergy pill,” she says.

Pharmacist-recorded solution

Other companies offer additional solutions. Walgreens stores have a Talking Pill Reminder that is free for people who self-identify as visually impaired. It costs about $10 otherwise.

Dosing directions and label information that a pharmacist records are played back when you push a button on a Talking Pill Reminder, which attaches to the bottom of most prescription vials. It can record up to a 30-second description.

The Seeing AI app for the iPhone from Microsoft can read aloud the short text it sees in front of the phone’s camera, including what appears on a prescription bottle. The versatile app has other functions, such as identifying people and the denominations on currencies.

“The reason I find [Seeing AI] particularly useful is you don’t have to specifically know where the text is if you’re trying to scan a pill bottle,” Aaron Preece says. He’s editor-in-chief of AccessWorld, AFB’s technology magazine.

Source…

Prevailion Omega exposes previously undetected malware blind spots in the cloud

/in


Prevailion launched Omega, a new cybersecurity capability for enterprises and governments that exposes and validates previously undetected active malware compromises – including ransomware – across cloud deployments and remote workforce assets.

“As a growing remote workforce has fueled investment in cloud infrastructure, threat actors are using the ‘black box’ nature of these SaaS deployments to stay hidden from modern security tools and to proliferate ransomware and other attacks,” said Karim Hijazi, CEO of Prevailion. “The current methodology for monitoring and securing cloud workflows and remote workers paints an incomplete picture that limits an organization’s ability to improve its overall security posture and reduce its risk.”

Prevailion’s Omega technology addresses this fundamental visibility challenge in the cloud by accurately detecting malware that evades other security solutions. For the first time, security teams can now see beyond the cloud or ISP to track malware infections that leverage dynamic and obfuscated IP addressing. This rapid detection can successfully prevent the encryption stage of a ransomware attack from taking place, in addition to other significant events like data theft, even after an organization’s assets have already been infected.

Prevailion’s existing solutions are already unique in their approach to infiltrating and monitoring the attacker’s command-and-control (C2 or CnC) servers and communications to covertly expose malware infections from the threat actor’s point-of-view. They also do not require any physical presence or access to an organization’s network when helping to evaluate its immediate risk of damage or loss based on existing blind spots.

This approach empowers security teams to understand active risks and threats to their environments that have gone undetected and it allows them to continuously improve their security posture against future threats. In addition, Prevailion’s solutions can monitor existing or potential supply chain partners for changes in their security posture and provide visibility into an organization’s potential risk of a security incident.

Omega collects critical…

Source…