Mobile Security: Why Your Smartphone Needs to Be Secure

Read my full article on D&B Credibility Corporation

We all heard the story several months ago. As an experiment, security company Symantec placed fifty “lost” smartphones around cities in America and Canada and watched to see what happened. Each cell phone was monitored to determine what happened when those lost cell phones were found.

As the smartphones were picked up by strangers, Symantec found:

• 43 percent of the people who found them opened an app titled “online banking”
• 53 percent opened a file called “HR salaries”
• 57 percent accessed a file labeled “saved passwords”
• 60 percent checked the phones' e-mail and social networking sites
• 72 percent browsed through a folder labeled “private photos”

Even scarier, only half of the phones were returned. The owner's name was labeled in a contacts file, but that didn't seem to deter 50 percent of finders from keeping their newly found smartphones.

Read my full article on D&B Credibility Corporation

Black Hat 2012: MITRE to detail STIX cyberthreat intelligence system

The Department of Homeland Security and the MITRE Corp. are developing a framework to standardize cyberthreat intelligence sharing and build deeper context into ongoing attacks.

Given the diversity of the attacks that are going on, we're recognizing that no organization has the full picture of what is going on.

Sean Barnum,
software assurance principal, MITRE Corp.

Researcher Sean Barnum of MITRE will describe the new Structured Threat Information eXpression (STIX) framework this week at the 2012 Black Hat Briefings in Las Vegas. The framework, which is being tested by the U.S. Computer Emergency Response Team (US-CERT) and the financial industry, if successful, could be adopted broadly to share up-to-the-minute threat information when attacks happen.

STIX provides a common set of criteria to help organizations share cyberthreat intelligence data â€" observed attacks, tactics, techniques, malware, exploit targets and procedures â€" so the data can not only be read by incident response threat analysts, but also fed into automated systems for deeper analysis over time.

"They're recognizing that continuing to do the things the way we've done in the past isn't going to work," said Barnum, a software assurance principal at MITRE. "It really requires somewhat of a paradigm shift in how we actually get ahead of the adversary. Given the diversity of the attacks that are going on, we're recognizing that no organization has the full picture of what is going on."

STIX is being funded through DHS's Security Systems Engineering & Development Institute. Barnum said it is being developed with the help of security experts from industry, academia and government. While threat information is not new -- organizations in various industry sectors have been sharing threat information with US-CERT and their partners -- the goal, Barnum said, is to make threat indicator information more actionable.

"These communities have all been sharing stuff for a while, but they all share stuff that is very limited in its usefulness," Barnum said. "They're sharing a set of file hashes that they think are bad, or a set of IP addresses that they think are using malware. There's not a whole lot of context that goes along with it."

Barnum said information sharing can help organizations gain a broader understanding of the threat landscape and potentially detect ongoing attacks on the network before cybercriminals can inflict maximum damage. A structured framework, he said, can boost automation to help threat analysts quickly execute defensive actions.

STIX incorporates a variety of security plans developed during the past five years for documenting attack patterns, observations and malware types. It uses Cyber Observable eXpression (CybOX), a language for documenting threat observations, Indicator Exchange eXpression (IndEX), the Common Attack Pattern Enumeration and Classification (CAPEC) schema, and other incident exchange formats. In addition, the framework supports standard vulnerability scoring systems, CVE, CVSS and CWSS.

Barnum said DHS intends to use STIX to support incident threat sharing among US-CERT and government and the private-sector organizations to exchange data elements and relationships defined by STIX using secure automated mechanisms. US-CERT is integrating STIX into its internal incident response and incident management processes.

The financial industry has also shown interest in the framework. The Financial Services Information Sharing and Analysis Center (FS-ISAC) is implementing the STIX architecture (including CybOX and IndEX) for cyberthreat intelligence information sharing among its core membership.

New Foursquare Feature Lets Businesses Target Nearby Loyal Customers

Location-based social networking service, Foursquare, just announced a new feature for businesses that will allow local merchants to send updates about their business to their loyal customers whenever they're nearby.

Foursquare Local Updates will roll out to business owners over the next week. The new feature gives businesses the opportunity to create unique messages about deals, specials, new items, or any other pertinent information they want customers to see. Messages can contain up to three photos, a special and any combination of text.

Though businesses that use Foursquare can already set up specials that users can claim when they check in, Local Updates allows businesses to specifically target and reach out to users who are the most likely to take advantage of the offers and support those local businesses.

Some business owners who already have access to the new feature have compared it to an outdoor chalkboard, where merchants can change specials or messages daily.  Except with Foursquare Local Updates, users don't have to be within feet of the storefront to read the message.

Customers who can receive business updates are determined by the amount of check-ins and recent check-ins and whether they have liked the location on Foursquare.

When a Foursquare user that meets those qualifications enters a small radius around the business, which could mean one mile in a big city or up to 10 miles in a more rural area, that customer will receive a tailored message created by the business owner. Users can opt-out of receiving updates from certain businesses, so those who continue to receive updates are likely to be those who actually want to continue frequenting that business.

Once Foursquare Local Updates rolls out to business owners, updates can be seen in version 5.2 of the app, which is available now. The details are at Foursquare for business.

50 Thoughts On How Small Business Has Changed Yesterday and Today

Earlier this month, we brought together oodles of small biz people (together with BlackBerry and Small Business Trends)  for an online chat on Twitter, netting almost 1,000 tweets and retweets before, during and after the chat using the chat hashtag of #BBSMBchat.

We did this on the occasion of the Small Business Infleuncer Awards

We've put together this recap in case you missed it, with some key answers to 8 questions asked during the chat.  The questions and a small number of selected answers are on Smallbiztrends and another recap with more rich insight on BlackBerry

 

Microsoft Office 2013: Cloud Storage, Tablet Compatibility

Microsoft recently unveiled details about the new version of its Office suite software, to include cloud computing, tablet compatibility, and monthly subscription service. Office 2013 is set to be released widely later this year.

Microsoft completely overhauled the Office software for this new version, with cloud technology as the new central feature. However, utilities such as word processing, Excel spreadsheets, PowerPoint presentations, and Outlook email are still major parts of the software.

For small businesses, the new Office software could make it easier to work on the go from a variety of different devices. SkyDrive, Office 2013's cloud storage service could make storing and sharing data much more seamless than it has been in previous versions of Microsoft Office. In addition, business owners and employees will have the ability to access Office 2013 on the Microsoft Surface tablet and other touch-screen devices. Office 2013 also integrates Skype compatibility for easy collaboration on a variety of projects.

In addition to the traditional boxed version of its Office software, Microsoft also offers Office 365 in a monthly subscription format. New subscription options will also become available with the new version of Microsoft Office later this year, with different plans and pricing for businesses of different sizes.

Office 2013 has been specifically designed to work hand in hand with Windows 8 and to run on a variety of devices, from PCs to tablets to smartphones. The soon-to-be-released Windows 8 operating system has also been designed to run on touch screen devices, and incorporates new features such as applications. The new OS and Office 2013 also have brand new designs.

Office 2013 is compatible with computers that run Windows 7 or 8 or tablets with Windows RT. Windows 8 and Office 2013 are both scheduled to be released in October. For those who wish to learn more about the new Office version before its release, Microsoft is currently offering a free preview version of Office 2013.

How Do you Manage Your Small Business Brand Reputation Online?

If you have (and even if you don't) an online presence, your brand, and it's reputation, needs management. After all, your reputation determines your profit statement, doesn't it? I've always maintained that social media has the power to drag your brand out to the open. People talk about it. Websites like Quora.com and focus.com have thriving discussions on everything and if you are in business trying to solve problems, you might have been mentioned.

Managing your online reputation is something we've talked about before (check out this article) and certainly a topic that has others, such as the New York Times, warning you to step up and take notice, because, as they stated in their article, “Your Customers are Talking About You. And the Whole World is Listening”. Hard-hitting, but true!

Brand management starts at all levels of online engagement: whether it's the comments from your blog (even the negative ones), interactions on Twitter, comments on your Facebook Fan Page, discussions on forums, and mentions on Q & A sites (or social search). For instance, I noticed this question about Rand Fishkin â€" CEO of SeoMoz.org - popping up on Quora.com where Rand himself steps in to manage the conversation.  Now that is some online reputation management!

As a small business owner, it's touch to know just where to begin and what steps you should, and should not, take to manage your reputation.  Let's see if we can offer some suggestions to help you figure it out.

Begin at the hub and hunt later. Your blog and all your social media networks are your first point of consideration. Blogs have a way to ping you when there's a new comment (or perhaps you could use Disqus, Intense Debate, or LiveFyre). You have notifications and mentions on all social media networks you might use for your business. Keep a hawk's eye on these mentions and notifications. Reputation management begins with basic conversations, courtesies, and small talk â€" no business or business owner is too big for social media engagement.

Use Brandify.com. How would you like to keep track of what's being said about your brand? Given the fact that over 97% of customers search for information like that before they even consider making a purchase â€" online or offline, you need to ensure that your comments are positive? Using Brandify.com, you can evaluate, monitor, and track everything that's being said about your brand. Often each business also gets a “score”, some “recommendations”, and other tools to “track” reputation while keeping a pulse on your progress. Guess what? It's free.

Change your Reputation, if you have to. Would you like to use a tool that helps you to boost your brand, manage your brand presence, track what the search results spew out about your brand, clear the negative energy around your brand on sites like ripoffreport.com, Yelp, and other communities (you do know that nothing stops “anyone” from posting “anything” about your brand, don't you?) ? Reputation changer  has tools that'll allow you to keep your head up and take corrective action. Use their brand protection suite or Google Auto Complete tools to keep on top of situations instead of feeling victimized.

Protecting your brand online and it's reputation is an important process that your business should undertake, but it doesn't have to be a cumbersome process.  Try implementing a few of these suggestions and hopefully you'll find it a much easier task.

Microsoft Makes Big Changes to Small Business Offerings and Certification

My friends at SMB Nation report that Microsoft is doing three big changes

a) doing away with Small Business Server

b) folding Small Business Server Essential into the Server 2012 family

c) doing away with the Small Business Specialist Community in favor of a Small Business Competency

SMB Nation writes:

As far as we can tell right now, Microsoft will no longer have a combination server with special pricing for small businesses. For more than fifteen years, SBS has been the preferred server product for small businesses due to its unique combination of features and low price. The survey revealed that many partners will be seeking alternatives. And that opens the door to non-Microsoft technology. One respondent wrote, “SBS will be missed. It was familiar and comfortable for my clients.  We'll need to sell them on an alternate solution, not necessarily from Microsoft.”

What does this mean for your business?

If you're using Small Business Server â€" look to migrate to Window Server, working closely with your IT consultant. You should consider leveraging online solutions for your file sharing, applications and server services (email, and more).

Microsoft's loyal IT consultants are not happy about this â€" but Microsoft clearly sees writing on the wall â€" traditional servers for small businesses are going away in favor of online applications.

Sell Your Expertise Without Selling In Your Guest Posts

It's no secret that guest blogging and content marketing can be exceptionally effective tools for marketing your business or your services. It's also a well-established truism that being overly self-promotional in guest blogging and content marketing efforts is simply less effective than teaching and adding value with the content you create.

That said, if you're creating content to try to position yourself as a thought leader and build your brand, you're doing it because you have a business to run and a service to promote. So how do you establish yourself as an expert through your guest blog posts without being overly self-promotional?

Here are a few ways to sell yourself â€" without actually selling â€" in your guest posts:

Focus in on Your Niche

What differentiates you from your competitors? Do you have a specialty or a proprietary way you approach your service offerings that makes your company a clear standout? Focus on these individualized areas, those that set you apart, rather than more generalized topics anyone in your industry could discuss easily. When readers investigate potential vendors, your business will immediately land in front of the pack, if you play your cards right.

Don't Post and Disapper

All too often, submitting a guest post is the last to-do item on a marketer's list. Instead of providing the post and simply falling off the radar, keep track of social mentions, respond and thank those who recognize your content, and be attentive and responsive to comments. It takes less than two minutes (most often) to respond to blog commenters â€" and it's usually two minutes well worth your while.

Be Generous in Giving Props to Other Experts

It's not all about you. (Shocking, right?) But seriously, give a little link love to some other thought leaders and they'll be likely to promote your post, giving you more recognition in the long run.

Wrap Up Your Posts With a Signature Blurb

It's okay to mention your business here and it's standard practice to link back to your website in this area.

Reference Useful Content You've Written

You've probably created other useful, educational content that's hosted on your site or on other blogs.  Link to this information where appropriate so that the reader can see other examples of your expertise and can get a deeper understanding of your point of view - and only if it adds real value.

Share, Share and Share Some More

Once your guest post is live, help spread the word via your social networks. Don't let the website owner do all the promotion. Devoting some time to draw attention to a post hosted by another website appears less self-serving than continuously posting links to your own website. But ultimately, you're doing the website owner a favor while still building awareness for your own company.

Forget About Selling

Entirely. Focus on simply educating your readers. In the content marketing age, information sells. That's why people browse the internet â€" not to be sold to, but to be informed. Impress them with your expertise and the sales will flow naturally.

In implementing these tips, be sure you're falling within the publisher's guidelines for guest posts.

For instance, some won't like the idea of mentioning your business, even as an expert quote, within the body of the article. They're doing you a favor by publishing your post, so return the favor by providing valuable insights their readers can actually use.

If you focus first on educating, and second on selling, your guest posts will be better received and more frequently shared.

No Sale Photo via Shutterstock

Looking To Use That iPad To Increase Your Business Productivity? Here Are 8 Great Ways To Use An iPad In Vertical Industries (Infographic)

Do you have an iPad (or some similar tablet that you pretend is an iPad)? Have you convinced yourself that you didn't just drop $500 or so on a big Angry Birds device? No, of course not; you'll use it for business, including e-mail, document review/editing, coordinating meetings, and so on, only then playing a round or two of flinging flightless fowl against fortress walls.

Of course, people like me (without an iPad) might think people like you (with one) hardly use it for anything but game playing with the occasional e-mail sent with the snarky “Sent From My iPad” added for good measure, just to ensure we know our place. The reality is, though, that there are actually lots of cool ways a tablet can be used to help businesses in many different industries including medical, retail, construction, personal care and so many others.  It all just takes finding the right app and getting creative with how you can leverage the technology.

The folks at Bolt Insurance have provided this great infographic that outlines 8 great ways to use an iPad in vertical industries.  Check this out!

Bottom line…mobility is power and those who get creative with how to use technology will stand apart from their competition!

Pwnie awards - nominees announced

The nominations for this year's Pwnie awards have been announced.

With nominations for bugs, exploits and ‘Most Epic FAIL', the winners will be announced this Wednesday at the Blackhat USA conference at Caesar's Palace in Las Vegas.

With eight awards to be presented, at the time of writing the Pwnie for ‘Lamest Vendor Response' was the only without any nominees announced.

The nominees for the Pwnie for ‘Epic 0wnage' goes to the hackers responsible for delivering the most damaging, widely publicised or hilarious 0wnage, according to the organisers. Nominees include Flame authors, certificate authorities and iOS jailbreaks.

Nominations for the Pwnie for ‘Best Client-Side Bug', awarded to the person who discovered or exploited the most technically sophisticated and interesting client-side bug includes several from this year's Pwn2Own and Chromium contests.

These include Pinkie Pie's Pwnium Exploit of six bugs, which got him full remote code execution in Chrome to win Google's Pwnium competition at CanSecWest, and Sergey Glazunov's Pwnium Exploit which took advantage of at least 14 bugs.

Also nominated in this category is researcher Charlie Miller's iOS Code Signing Bypass and the authors of Duqu that could rootkit any version of Windows ever from a font file embedded in a web page or various other file formats.

The nominations for the Pwnie for ‘Most Epic FAIL' will go to either ‘the Anti-Virus Industry' which the organisers commented ‘Do you really need us to elaborate?'; the breach of six million password hashes by LinkedIn; F5 Networks' public root key for SSH authentication, which research revealed was in the firmware and used against any other F5 device; and the controller of the Herpes botnet.

New Marketing Automation Services That Make Everything Fly

Marketing automation is that sweet, sweet thing that lets you find out what customers are most likely going to buy your products while you're sitting at your desk. Instead of hiring a team of individuals who have to sit down all day and waddle through your site analytics data, you can have a piece of software do it for you!

That's right. You can stop putting your wallet under an induction coil now. We're living in the information age, and business technology has progressed to a point where you can hire programs to do the grunt work that you once had to hire employees for or, even worse, had to do yourself. Today, the one thing you should be stingy about is time, because time is money and there certainly isn't enough of it most days when you are running a small business.

Services like marketing automation have been available for a while in large corporate environments, although they tend to rely on teams that interpret all of the data. The Internet, however, has bestowed its blessings upon the business stratosphere with new possibilities. Instead of looking at how prospects behave in the physical world, you can now see how they click through your site, simplifying the process of marketing to a little bit of data mining.

Here are a couple of services that can empower your business with a new pair of eyes:

• Pardot by Dell â€" Most recently, Dell has partnered up with Pardot to offer its marketing automation platform that not only tells you what people are doing on your site, but also takes that data to tell you which person might become a likely buyer. It also allows you to nurture your prospects by providing them with emails that might attract them into a deal with you. One of Pardot's most hallmark features is its ability to construct forms through a simple ‘designer' interface.
• Infusionsoft's AIO Solution - Infusionsoft has an all-in-one (AIO) package that will probably become your favorite toy. Not only does it automate your marketing efforts and provide you with results, but it also adds tools to let you close your sales more quickly. Infusionsoft's AIO solution is a marketing automation platform infused with CRM, email & social marketing, and e-commerce.

A lot of people think about buying something, but quit doing so because of unanswered questions they don't feel bothered to ask. When prospects are contacted by businesses, they feel like the business is flipping over sideways to answer what questions they might have. Automated marketing tells you who you should approach. Don't let the fish swim away!

New Establishment Birth Rate

The Great Recession knocked the new establishment birth rate â€" the number of new establishments founded as a percentage of operating establishments â€" down from its historical average.

Source: Created from Data from the Bureau of Labor Statistics

Since 1993, when the Bureau of Labor Statistics first made the data available, the new establishment birth rate has averaged 3.2 percent of total establishments in operation, as the figure above shows.

Moreover, BLS data reveal that the rate of new establishment formation remained in a fairly tight range of between 3 and 3.5 percent of active establishments from 1993 through 2007. However, in 2008, that pattern abruptly changed. The new establishment birth rate fell below 3 percent, a decline from which it has not yet recovered.

The drop in establishment births results from a decline in the number of establishments being founded, not a change in the number of active establishments. Between 1993 and 2010, the number of quarterly establishment starts averaged 201,000.

In 2008, however, this figure dropped below 200,000 for the first time since 2003, falling to a low of 169,000 in the third quarter of 2009.

The twitter length message here is that the Great Recession led American entrepreneurs to cut new establishment openings from historically stable levels.

Black Hat events say that suspicious email was due to volunteer\'s mistake

Delegates attending this week's Black Hat conference in Las Vegas have reported recieving a suspicious email.

Approximately 7,500 delegates received a registration email from ITN International which contained a URL and the subject line ‘your admin password'. According to organisers Black Hat events, ITN is handling on-site registration and check-in systems at this year's show and ‘some idle hands browsed their way to a screen'.

Trey Ford, Black Hat general manager, said that this was due to an ‘abuse of functionality by a volunteer who has been spoken to' and having reviewed the server logs, it has spoken with the volunteer who has emailed each registered delegate.

Ford said that Black Hat loves ‘to tease people that your systems need to be ready to hold their own if joining the Black Hat network and in this frame of mind, the community very correctly expected a prank or act of malice'.

An official statement read: “Our most valued assets at Black Hat are our delegates and their privacy. We work very hard to maintain that. We want everyone to come to Black Hat to learn and enjoy their time without fear of having their personal or professional information compromised. We are happy to report there are no signs of compromise.”

The email caused the term 'BlackHatphish' to trend on Twitter yesterday, with some asking who had received or seen the email. Richard Bejtlich, chief security officer at Mandiant and blogger at TaoSecurity, said that he was going to use it as an example of how to handle real phishing incidents in his presentation.

Paul Ducklin, head of technology for Asia Pacific at Sophos, said that this was suspiciously ‘phishy' as it was a plain-text email allegedly containing a password, included a login link and a link in an email to a site other than Black Hat, and it was from an organisation other than Black Hat.

He said: “As Black Hat has just been reminded: you can't outsource your accountability. The volunteer's behaviour doesn't explain away the phishiness factors listed above. It sounds as though the Black Hat conference might indeed have sent you an email of this sort. Just not this one.

“How about your organisation? Could you have made a blunder like this? If so, now would be a good time to revisit your policies and procedures surrounding mailing lists and email blasts!”

Pwnie awards - nominees announces

The nominations for this year's Pwnie awards have been announced.

With nominations for bugs, exploits and ‘Most Epic FAIL', the winners will be announced this Wednesday at the Blackhat USA conference at Caesar's Palace in Las Vegas.

With eight awards to be presented, at the time of writing the Pwnie for ‘Lamest Vendor Response' was the only without any nominees announced.

The nominees for the Pwnie for ‘Epic 0wnage' goes to the hackers responsible for delivering the most damaging, widely publicised or hilarious 0wnage, according to the organisers. Nominees include Flame authors, certificate authorities and iOS jailbreaks.

Nominations for the Pwnie for ‘Best Client-Side Bug', awarded to the person who discovered or exploited the most technically sophisticated and interesting client-side bug includes several from this year's Pwn2Own and Chromium contests.

These include Pinkie Pie's Pwnium Exploit of six bugs, which got him full remote code execution in Chrome to win Google's Pwnium competition at CanSecWest, and Sergey Glazunov's Pwnium Exploit which took advantage of at least 14 bugs.

Also nominated in this category is researcher Charlie Miller's iOS Code Signing Bypass and the authors of Duqu that could rootkit any version of Windows ever from a font file embedded in a web page or various other file formats.

The nominations for the Pwnie for ‘Most Epic FAIL' will go to either ‘the Anti-Virus Industry' which the organisers commented ‘Do you really need us to elaborate?'; the breach of six million password hashes by LinkedIn; F5 Networks' public root key for SSH authentication, which research revealed was in the firmware and used against any other F5 device; and the controller of the Herpes botnet.

Google Buys Email App Creator Sparrow

Google has purchased Sparrow, creator or the popular e-mail client for Mac and iPhone. Acquisitions like this one are important to businesses large and small. For the firm doing the acquiring, it offers the opportunity to bring new talent and capabilities into the company and perhaps new customers and a new business model too. For the company being acquired, it offers the opportunity for greater resources, support, and investment when growing a product or service. Still, some former customers are less than happy. Here's how the Sparrow acquisition breaks down.

Acquiring Innovation

In a league of their own. The team behind Sparrow is a unique group responsible for creating the popular e-mail client for Mac and iPhone products. So far neither Sparrow nor Google has released official details, but an inside source has revealed the acquisition was for less than $25 million. The team will now move to Google to help add “beauty” to Gmail. The Verge

Giving credit where it's due. Here's the actual announcement about the Google acquisition, straight from the horse's mouth, as it were. You'll notice the attention Dom Leca, Sparrow CEO, gives to the company's faithful fans and customers, even when announcing the changes ahead. It's important to think about your customers when selling to a larger company and to be sure that organization shares your vision about serving your niche. Sparrow

An Uncertain Future

The app that got away. The problem for Sparrow's hardcore customers is that acquisition by Google will likely mean the barest essentials of maintenance and bug fixes for existing apps, and maybe no long anticipated iPad e-mail app at all. For loyal customers this is the hardest part of the process and something both the company acquiring and the one being acquired must keep in mind. Internet Evolution

Building a better mousetrap. Before Sparrow customers get too bummed out, though, it's important to realize that, in all likelihood, the Sparrow acquisition will soon make Gmail for Apple devices better…a lot better. The sparrow team brings to Google its expertise in creating simple but powerful tools for Mac, iPhone, and maybe even iPad. All Things Digital

Selling Out

When opportunity knocks. The thing to remember, though, when acquiring another company, is that all of their customers may not come along. Just check out the marketing campaign by Postbox, a Sparrow competitor, to lure away customers from existing apps in light of the Google acquisition. When acquiring another business, be sure you're conscious of retaining needed customers by creating a smooth transition. The Next Web

The better business model. In this interesting post, Rian van der Merwe explains what the Sparrow acquisition really means and why it might upset a good portion of the online business development community. The philosophy that offering paid services, like Sparrow, rather than leveraging your users to sell advertising, like Google does, may be at stake here, and the clear winner seems to be the latter. Elezea

The downside of acquisition. While large businesses sometimes need the talent and expertise smaller firms have to offer and smaller companies find it hard to resist the resources and security of larger firms, the reality, some argue, is that when tech firms the size of Google or Facebook acquire a startup, it's unlikely much of the company's original vision will be retained. Given the choice, would you sell to Google? Techland

Stonesoft launch network testing tool to defend against AETs

Stonesoft has announced the launch of a free testing tool to help organisations detect and prevent Advanced Evasion Techniques (AETs).

Named the Evader, it said that it launches AETs against next generation firewalls, Intrusion Prevention Systems and Unified Threat Management products and helps organisations establish the threat AETs pose to their network and business-critical digital assets.

According to the company, Evader includes dynamic AET samples that has went through the Computer Emergency Response Team (CERT) vulnerability coordination process which began in 2010.

It can run manual or automatic combinations of AETs to hide well-known MSRPC- (vulnerability from 2008) and HTTP-(2004) exploits and deliver them through the tested network's security devices to a vulnerable target host image.

Speaking to SC Magazine, Matt McKinley, manager of technical services at Stonesoft US, said that Evader is a stripped down version of its Predator tool, and is designed to help protect against a range of evasions which works with most defence layers.

He said: “It is placed in the hands of the user who can use the tool to test their environments in any technology they want. Some of the AETs are very old, and others have gone through our AET research from 2010. All of the evasions are well known and security vendors have been told about them.”

Ilkka Hiidenheimo, founder and CEO of Stonesoft said: “The recent spate of cyber-attacks against major organisations has demonstrated that despite vendors promising 100 per cent protection against AETs, hackers are still finding ways to bypass network security appliances.

“Releasing Evader is the next step in our understanding of and ability to counter this growing threat and it allows organisations to test their own defenses. In our view, vendors have not taken AETs seriously enough and organisations are paying the price through data breaches that put companies, federal agencies, and customers at risk.

“Customers and the whole security community has been asking us to provide deeper knowledge about AETs and demanding products that test for AETs, we're answering that need with Evader. By providing the tool for free, we're giving organisations the same level of knowledge that today's sophisticated hackers have and the ability to test their own environments.”