A new, severe vulnerability in Next Generation Firewalls was earlier this week unveiled by cyber threat detection specialist, Cynet. The vulnerability, dubbed FireStorm, allows an internal entity or malicious code to interact and extract data out of an organisation, completely bypassing the firewall limitation. Continue reading “Firestorm – how to avoid the latest Next Generation Firewall vulnerability”
How do you evaluate an Information Exchange Gateway solution?
How do you evaluate an Information Exchange Gateway solution? I’ve blogged previously on Cyber Matters about how Information Exchange Gateways (IEGs) need to be built in a flexible manner to meet a variety of customer requirements. The other big question from potential customers is how do they know that they can trust a solution? Continue reading “How do you evaluate an Information Exchange Gateway solution?”
The 12 Themes of 2014
Rather than bring you the 12 Days of Christmas, we’ve done the 12 themes of 2014 instead! A look back at what has been making the headlines in the world of Information Security (and beyond) this year. Take a moment to relive the year…… Continue reading “The 12 Themes of 2014”
Guards are not Air Gaps
“An air gap is a network security measure that consists of ensuring that a secure computer network is physically isolated from unsecured networks, such as the public Internet or an unsecured local area network.” (Wikipedia)
Note the emphasis in the word physically.
A number of forums have discussed whether data diodes are equivalent to air gaps in one direction, including a number of articles on this blog. In reality you can argue it both ways.
The Insecurity of the Internet of Things
The Internet of things is a hot topic at the moment.
Secure Delivery of a Payload via a Protocol Break
A secure information exchange consists of two distinct elements: the information you need to convey – the payload, and the technical method used to carry the payload – the protocol. Attackers wishing to break into your network can exploit either of these: the protocol or the payload.
In this blog we briefly look at protecting protocol-based attacks. In a future blog we will look at content-based (payload) attacks.
Continue reading “Secure Delivery of a Payload via a Protocol Break”
No, Shellshock does not defeat SELinux
A week is a long time in Cyber Security.
These past few weeks you may have heard about the latest ‘big vulnerability’, dubbed ShellShock. If you haven’t, or want more information on it, I direct you to the best authority I know: Wikipedia.
Diodes are Diodes, Guards are Guards
Over the last 3-5 years Data Diodes have grown in popularity as a solution for moving data between isolated networks. With this has come creative marketing to leverage the term ‘Diode’ for solutions that are anything but.
Let’s just take a few moments to revise some of the fundamental modes of secure information exchange.
NEXOR’s Latest Guard
NEXOR has a long-established role in defending various departments of Her Majesty’s Government from cyber threats, specifically by deploying Guard technology. So far NEXOR has only been known to provide this defence in cyber space…
Continue reading “NEXOR’s Latest Guard”
Securing the Guard
I have talked previously about the challenge of building a File Guard, and the approach we took to designing it.
Continue reading “Securing the Guard”