StoneBlog.stonesoft.com

If you’re headed to Black Hat 2010 this year as we are, be sure to follow our security tips to avoid placement on the Wall of Sheep. Our third security tip post is actually a collection of some miscellaneous things. Join us at Booth 33 to learn more about these tips, try your hand at Hack The Lab, and see what other things are going on at Stonesoft and the new StoneGate 5.2 release.

As many YouTube videos demonstrate, you never know when someone may be watching. A good thing to keep in mind at Black Hat as well, particularly when you are using a laptop or other mobile device. Be mindful of the fact that hackers may be watching your screen and your fingers as you type. From this they can capture information off your screen and capture your logins and passwords for use later on. Often this hack is accomplished by using a video camera on a cell phone or by pretending to take a picture of a nearby attraction. So keep your fingers covered as much as possible, and be prepared to change your passwords often. If you can avoid using your laptop or smartphone in open areas, do so and reserve the work for after you return to your hotel room or other private location.

Black Hat has also been famous in the use of social engineering and ATM hacks. There’s a presentation on ATMs at this year’s conference. Be sure to avoid any stand-alone or third party ATMs within the casinos, or any ATM that is not at a bank branch office. These stand alone ATMs can be cheap copies, or purchased off eBay or other sites, and reconfigured to capture your account data, while providing no money.

Just one more quick review: turn off wireless and Bluetooth on all devices whenever possible. Avoid wireless if at all possible, and use a 3G cellular modem instead. Be careful typing in passwords, and also what you work on while in open areas. Don’t trust ATMs or storage devices of any kind. Keep your mobile devices up to date with the latest software updates and patches, and use encryption and firewalls whenever and wherever possible.

Remember to enjoy the conference and have a great time knowing you won’t be joining others on the Wall of Sheep!

written by markb - 1,565 views \\ tags: conferences, hacking, passwords, Security

If you’re headed to Black Hat like we are, there’s more to security than being cautious about the networks you connect to. Data at rest can also be a concern, both for the data on your devices as well as the data you may receive while there. Here’s our second security tip, to deal with the protection of that data.

The X-Files principle of Trust No One holds true in this case as well. We all love schwag, whether it’s simple things like stress balls, to more advanced things like iPad giveaways. In between everyone loves to pick up those USB sticks, which can be plain and simple or disguised as cute animals. But be careful, those animals can turn on you. In general, for a safer computing experience at Black Hat, do not trust any storage device handed to you by others. Whether it’s a USB drive or CD, or anything else (even that iPod you just won), they can contain viruses, Trojans or malware of any form. Even the ones that look professional can be dangerous. At best it’s good to discard them; if not at least scan them on a separate, up-to-date, sacrificial system first.

Second, if you are bringing a laptop, install and verify the operation of full-disk encryption software. Use AES-256 bit encryption or better. If the hard drive has a hardware encryption option as some external ones do, use that instead. And while you’re at the conference, be sure to power off or hibernate your laptop whenever it isn’t in use to maximize the effect of the encryption software. Free disk encryption programs exist, and modern Windows and OS X systems include encryption technologies built-in.

To learn more about computing safely, to try your hand at Hack The Lab, and to learn about Stonesoft’s award-winning network security solutions, be sure to stop by Booth 33!

written by markb - 1,064 views \\ tags: conferences, encryption, Security, stonegate, stonesoft

Black Hat 2010 is coming up soon, and Stonesoft will be there. Join us at Booth 33 to learn more about our solutions, see demos in action, and try your hand in Hack The Lab.

Our first security tip for a safer Black Hat computing experience is about network security. We’re starting with this one since it’s the heart of our StoneGate network security solutions as well. While at Black Hat, try to avoid connecting to any networks, including wired and wireless ones. For wireless networks especially, don’t connect if you can help it, even if the SSID of the network looks trustworthy (for example, it looks like a network operated by the casino…it may not be). If it’s possible to use a cellular modem instead, it is recommended to do so. If you do need a network, remember that any communications can potentially be intercepted, and passwords and logins should not be sent in clear text.

If you do connect, be sure you are using a VPN with strong encryption and that your laptop or mobile device is up-to-date with the latest patches and updates, and that a firewall and virus scanner are installed, updated and operational. If you don’t need it, be sure to turn off wireless and Bluetooth. If the devices you have use a hardware switch to disable these functions, use it instead of the software option. Whenever you are not using the networks, be sure to disconnect and disable the functionality on your device to reduce your risk exposure.

More tips for a safer experience at Black Hat will follow, so stay tuned!

written by markb - 1,053 views \\ tags: conferences, networks, Security, tips

Planning on attending the upcoming RSA Conference in a couple of weeks? Interested in learning more about the upcoming release of StoneGate 5.0 and seeing it in action? Have questions about Stonesoft’s virtual security solutions? Then be sure to stop by Stonesoft’s booth (2108) at the RSA Conference expo in San Francisco April 20th-24th and talk to the Stonesoft team. Technical experts will be on-hand to discuss and demonstrate the new features of 5.0 as well as talk about Stonesoft’s solutions as a whole.

Feedback from customers and prospects is one of the most important pieces of data within Stonesoft. We love to hear from the field the particular challenges that you are facing in today’s information technology and network security landscape, so that we can continue to work on innovative ways to help you address those challenges.

Network security. Simplified.

written by markb - 926 views \\ tags: conferences, demo, events