Enterprise Security

Enterprise security building self-built access system, this article describes the experience of self-built access to the system, the system in a stable operation of a large Internet company for 5 years. Admission System Introduction Network Admission Control (NAC) is a Cisco-sponsored, multi-vendor initiative designed to prevent emerging hacking technologies such as viruses and worms from compromising enterprise security. With NAC, businesses can only allow legitimate, trusted devices (such as PCs, servers, PDAs) to access the network without allowing other devices to access it. Excuse me, Internet companies in addition to the basic listing of the United States there is no safety and compliance ...

I. Mail is the primary breakthrough in cyber attacks E-mail security protection experience summary. As the main communication tool of the enterprise (especially the traditional and large enterprises), the mail is increasingly critical. At the same time, security issues are increasingly prominent. Due to the lack of authentication and security authentication mechanisms, e-mail protocols are inherently anti-tracing and cost-effective. Mail has become the main approach to telecom fraud and ransomware attacks. At present, the public generally believes that email security is phishing. In fact, the field of email security is very wide. This article is based on the knowledge of work and shares with you in many dimensions. ...

1. Kernel-Level Vulnerability Dirty COW Dirty Cow Vulnerability. The COW mechanism of the Linux kernel memory subsystem competes with memory writes, causing read-only memory pages to be tampered with. Impact: Linux kernel> = 2.6.22 Vulnerability Affected: Low privilege Users can write to this read-only memory page (including a file read-only to this user on a writable file system) and to root PoC Reference: https://github.com/dirtycow/di ...

Data for the corporate network dark attack and defense war. Data caching, also known as data extrusion, refers to the transfer of data from a computer without authorization. For the corporate network, these types of attacks can be done manually, such as using a USB drive; in addition, this attack can also be automated, when the need to use the network to transfer data. In this article, we will highlight the web-based data caching techniques used during penetration testing, along with the corresponding security hardening measures. As tunneling technology, we assume that we do not have valid domain credentials. This means that I ...

Homosexual Travel Hadoop Security Practices 0x01 Background Current larger companies have adopted a pattern of sharing Hadoop clusters. Shared Hadoop refers to: data storage, public / private file directory mixed stored in hdfs, different users access to different data on demand; computing resources, the administrator by department or business divided into several queues, each queue allocation A certain amount of resources, each user / group can only use the resources in a queue. This model can reduce maintenance costs, to avoid data redundancy and reduce hardware costs. But this is similar ...

Enterprise Service Product Security | ToB product login security, enterprise-class service products, product security is the key factor when users choose, in the login security, password security, device security and other three aspects to be comprehensive and extreme. At the same time, it is not unsafe to log in to multiple devices At present, most products in the market are all single-device logins, that is, one mobile terminal + one computer terminal. When using other devices to log in to the same account, other devices need to logout to ensure the same account At the same time can only be logged on in one device; Users with WeChat QQ sometimes feedback with me, saying that this product is safe to use.

How can businesses be assured of securing safety personnel and how to prevent white-hat workers from changing to black-hat employees? White and black hats - Confusion from corporate security chiefs. Discerning good and evil, black and white, never a simple thing. How can businesses be assured of appointment of security personnel and how to prevent white hat employees from changing to black hat employees? At the same time that the Security Quarterly was released, security guards launched a question about "white hat and black hat" in the knowledge that led to security practitioners Their attention and discussion. As of April 25, 2017, this question has been answered 33 times, with 440 people concerned and over 65,000 page views. As a question ...

How can businesses address security threats? Look at the updated NIST network security framework. The NIST Cybersecurity Framework is a guide issued by the National Institute of Standards and Technology to guide organizations and organizations in securing information. The framework was first enacted in February 2014 and added to this year's 1.1 new release. The earliest application of the framework in the United States national infrastructure facilities, such as power agencies and so on. Because it provides a versatile guide, it adapts to and adapts to the needs of different organizations and is now widely used in the United States and around the world. The ...

Company Smartphone Security (a) - From APK to Golden Ticket: Initial Probing, Getting Domain Admin Access from an Android Smartphone, and More ... This article describes the potential dangers of using a personal smartphone in an enterprise network, These cases are typical after the actual case has occurred. It turns out that it is not difficult to trick an employee into installing a malicious application, bypassing network protection, accessing corporate networks, elevating and obtaining confidential information. In addition, it turns out that bypassing all protection mechanisms (including anti-virus software) without being discovered ...

Company Smartphone Security (B) - Aim WSUS Server. After scanning found that there are two hosts to meet our needs, send us a stable remote shell. They are WSUS (Windows Update Server) and Antivirus (Antivirus Related Server), respectively, because these services must have Internet access to update the database, let's start from the first. There is an interesting question, NTLM hash of the local administrator is enough to access this server? Perhaps our answer is yes. In a public ...

Corporate Smartphone Security (C) - Aim at domain controllers and look for Golden Ticket. Before leaving the internal network, we decided to get the hash of the domain controller, especially the Kerberos account (krbtgt) and wanted to create a Golden Ticket *. Golden Ticket refers to the forged TGT (Ticket Granting Ticket). Similarly, the Silver Ticket is a forged TGS (Ticket Granting Server).

Eight DDoS Attacks Affecting the Security of IoT Enterprises. The overall frequency of Distributed Denial of Service (DDoS) attacks increased in 2016, due in part to the IoT botnet. Neustar said Neustar saw a 40% reduction in DDoS attacks in the January-November period compared to the same period last year. Neustar warned that with the release of botnet code components, dangerous new DDoS deployments will emerge, such as on-going devices ...

Ransomware rampant, businesses suffer bitcoin extortion business case hacker bitcoin extortion free tools problem solving. Ransomware is a popular Trojan in recent years. It harasses, intimidates and even kidnaps user files to make users' data assets or computing resources unusable and extort money from users. At present, China has become the hardest hit by ransomware and the loss caused by this one alone exceeds 1 billion yuan. Since 2017, Efficient Source Technology has received dozens of public security agencies in case of extortion for corporate assistance. Among them, the latest case occurred in this year ...

Top 5 Hazardous Enterprises Mobile Threats and Security Defense Measures. Most business employees today require some applications on the mobile side to do the work almost every day, but once a malicious attacker is targeting an application on your phone, the impact of the attack on the device may be a chain . Top Five Mobile-Endangered Enterprise Threats David Richardson, Director of Lookout Products, and his team concluded that five major mobile-based malware families impersonate employees to download malware as a true corporate application. Research shows that these five active moves ...