March 2018 ForeScout CounterACT Training

On January 16th, 2018, posted in: Uncategorized by konweb

ForeScout CounterACT Training

Learn the practical real-world skills you need to properly configure, protect and maintain ForeScout CounterACT.

Konsultek consistently ranks as one of the top ForeScout resellers in the nation. Our instructors are experienced ForeScout security experts and will bring you the knowledge you need to maximize your ForeScout investment.

Highlights

Lab Focused | Training in a real network environment

Certified Professionals | Service engineers with real world experience implementing and troubleshooting ForeScout CounterACT

Hands-On | Learn the best practices for configuring, deploying and maintaining CounterACT

Flexible Scheduling | Onsite training provides a private learning experience for your team with discussions centering on your unique needs.

For More Info.

Additional information on this training program can be found here.

Register Here

Event Details

DATES: Tuesday, March 13 thru Friday, March 16, 2018

LOCATION:
Konsultek Office
2230 Point Boulevard, Suite 800
Elgin, IL 60123

WHAT TO BRING:
Laptop Capable of Connecting via RDP

COST:
$3,500 per person

read more

You might assume that on one of the “Patch Tuesdays” in January that Microsoft would be updating your computer or server with their Meltdown and Spectre patches. However, according to a story on threatpost.com whether or not you get the update depends in part on who your anti-virus software provider is.

Kernel Calls are the Problem

“The main thing to know is the January patches, and currently all future security patches, will not install unless antivirus vendors take action — and some don’t want to or feel they cannot,” – Kevin Beaumont, Security Researcher

The problem, he describes, is that some anti-virus vendors are using a technique to bypass “Kernel Patch Protection by injecting a hypervisor which they use to intercept syscalls and make assumptions about memory locations — memory locations which are now changing with the Meltdown fixes.”

Microsoft said this has caused “unsupported applications” to fail.

“During testing, we discovered that some third-party applications have been making unsupported calls into Windows kernel memory that cause stop errors (also known as bluescreen errors) to occur,” Microsoft said.

NOTE: You can see whether or not your AV provider has made the requisite changes to enable the automatic patch or whether or not manual action is required here.

Konsultek’s Position

Spectre and Meltdown are serious security flaws that need to be addressed. All of our partners that are potentially affected by Spectre and Meltdown have either implemented the necessary changes to allow the “Patch Tuesday” fixes to work flawlessly with their technologies or have manual fixes available. If you are a client and have any questions please reach out to your direct contact here at Konsultek. If you are not a client and want guidance regarding Meltdown, Spectre or any other security concern please call us or fill out our contact form.

 

read more

Just a couple days after the confetti had settled in Time Square, security researchers revealed two massive vulnerabilities that exist in virtually every pc and server in the world.

 

The vulnerabilities, Named “Meltdown” and “Spectre” (James Bond fans, are we?) by the researchers who discovered them, exist at the processor level. The two vulnerabilities differ in that Meltdown affects only processors designed and built by Intel while the Spectre flaw is so deeply embedded in modern chip architecture design that it affects virtually all modern processors regardless of manufacture.

Patching Things Up

Researchers, manufacturers and cloud service providers have been feverishly working to develop patches for Meltdown. The good news is that it does appear that patches are on their way for both Windows and Linux machines and that this vulnerability will be fixed before it can wreak havoc on cloud computing providers, hosting providers, businesses and individuals. – I suspect this means that PC users around the world will be getting a Windows update dropped in their lap shortly. Oh and according to some sources, expect your PC to run upwards of 30% slower once the patch is in place!

As for Spectre, early indications are that nothing short of changes to fundamental chip architecture will be able to fully patch this vulnerability. This of course means a legacy vulnerability may well exist for many years until PCs, phones, servers etc. are replaced as part of the normal life cycle.

2018 is Starting Off with a Bang!

Two huge vulnerabilities and the coldest holiday season on record for much of North America! Stay warm, stay inside and focus on security!

 

read more

WannaCry burst onto the world stage in May, caused incredible levels of disruption around the globe and then just as quickly died when British hacker Marcus Hutchins fortuitously found a hidden “kill switch” in the code and successfully activated it.

The destruction left in WannaCry’s path was enormous. Assets in more than 150 nations were affected as the ransomware locked up digital databases and files, demanding that ransoms be paid for their release. Notable victims included Britain’s National Health Service, Germany’s national railway and multinationals Nissan and Renault.

Unified Nations Officially Blame North Korea

In a Wall Street Journal op-ed US Department of Homeland Security Advisor Tom Bossert declared North Korea was “directly responsible” for the attack and would be held fully accountable for it.

According to CNN the United Kingdom, Microsoft, the Australian, Canadian, New Zealand and Japanese Governments all came to a similar conclusion regarding the culpability of Pyongyang.

It Could Have Been Worse, Much Worse

Had the kill switch not been found (or not ever existed!) who knows the extent of what WannaCry might have done before a different solution was discovered. One thing is clear, having a completely robust security solution in place that includes secure data backup is a must moving forward. If your current security solution is out of date or incomplete please give the Engineers at Konsultek a call. Your security is our business.

 

read more

In what has to be one of the most interesting cases of hacking we’ve read about this year, researchers at Twosix Labs have managed to link hacking and gun control together by hacking one of the most popular gun safes for sale on Amazon.

Another Example of a Connected Vulnerabilty

While the immediate dangers of this vulnerability are small – it’s unlikely that curious children or gun thieves are going to go through a hacking procedure to get their hands on a weapon, it is another shining example of the security tradeoffs we make almost daily for connected “convenience”.

Thermostats, garage doors, refrigerators, automobiles and yes, gun safes are now more connected than ever in our personal lives. When it comes to business, the same is true. Medical devices, manufacturing equipment, point-of-sale systems etc. are all part of larger networks within organizations and most of these networks are being accessed by mobile devices. This makes the need for robust security more important than ever and that’s why it’s good to have Konsultek on your side.

Konsultek Knows Security

No matter what your organization does or how large it is, Konsultek can identify your vulnerabilities and develop a custom security solution to address them. 2018 is predicted to be another epic year of hacks, breaches and cyber heists. Are you ready?

 

read more