News | Infigo

home

services

products

in focus

INFIGO Security Day

Each day we witness how information systems are becoming more vulnerable to various information security threats and cyber-attacks. Recent examples of attacks on companies like Sony or RSA Security are good examples which demonstrate that companies, even the biggest ones, are usually not well prepared to properly answer and deal with such attacks.

That was the main topic at INFIGO Security Day Conference, held in Skopje, Macedonia on the 9th of June which was entirely dedicated to information security and security measures which allow companies to raise the security level of their information systems.

INFIGO IS experts, Bojan Ždrnja, Saša Jušić and Hrvoje Šegudović for the first time in Macedonia presented products in the field of information security – Splunk, Rapid7, Nagios and Sourcefire. Special focus was placed on recent security incidents, as well as advanced persistent threats and security challenges companies are facing today. Besides our experts, the conference was also attended by Mr. Michael Ceklarz, representative of Sourcefire and Jana Damevska, representative of INFIGO IS Macedonia.

Interest and feedback given by participants, clearly indicates that information security topics are one of the hottest areas in information technology market, especially for bigger companies whose business heavily depends on information technologies and Internet presence.

INFIGO IS released Windows Security Operations Center Splunk application

INFIGO IS has released the Windows Security Operations Center Splunk application that allows Windows security administrators easy access, monitoring and overview of all security relevant information in their Windows environments. The application has been carefully developed so both Windows 2003 and Windows 2008 Event Log records are supported, no matter that the format and Event ID's were changed between these versions by Microsoft.

Besides this, the application uses some advanced features of Splunk such as transactions, that allow accurate visualization and summarization of security events on Windows servers. This is especially useful for monitoring of login/authentication events since Windows systems usually log generate several log events for such activities. The Windows Security Operations Center application correctly interprets and visualizes such events in your Windows environment.

The Windows Security Operations Center Splunk application can be freely downloaded off Splunk's web pages here.

New Sourcefire Product Announcements

Sourcefire is pleased to announce the following new Sourcefire products to meet the intrusion prevention needs of today’s most demanding enterprises:

New Sourcefire 3D8000 Series with FirePOWER™ – Featuring a flexible, modular, and scalable design, Sourcefire now offers IPS models with up to 40Gbps of throughput to meet the requirements of today’s largest enterprises. Featuring innovative new FirePOWER technology, Sourcefire sets new standards for IPS performance, cost effectiveness, and energy efficiency.
New Sourcefire Defense Centers ® – Sourcefire has increased the memory and disk capacity of its existing Defense Center management console appliances, offering superior scalability to support the Next-Generation IPS (NGIPS) solution.
New Sourcefire IPSx™ Solution – Designed for organizations without dedicated network security personnel, Sourcefire IPSx offers a simpler, streamlined interface for defending against the latest threats and achieving regulatory compliance.

Rapid7® releases NeXpose® 4.10.4. version

This version features Flash 8 support, better Web scanning, updated checks and better experience with managing vulnerability exceptions.

What’s new?

- Flash 8 scanning - Web scanning expands with detection of vulnerabilities in Adobe Flash 8 content hosted on target servers,

- Correlation of WMware checks - with correlated VMware checks, verification of a VMware patch version supersedes checks for non-VMware issues that affect VMware, so that you can consistently collect the most relevant and accurate data about VMware targets,

- Bi-monthly vulnerability check update - new vulnerability and patch checks bring coverage up to date for different operating systems and applications, and these are only few of them: Adobe Flash, Adobe Reader, Apache, Mozilla Firefox, PHP, etc.,

- More accurate detection of ‘browsable’ Web directory flaw - the check for the "browsable" Web directory vulnerability on Web sites is more accurate, improving visibility into this security flaw

Hackers attack Canadian government computers

ccording to CBC News, hackers penetrated the computer systems of the Canadian federal government. The attack was detected last month and they hit both the Finance Department and the Treasury Board. Although the government said that there was an attempt to access, this apparently isn’t true since some CBC’s sources confirm that the hackers were able to remotely control computers of senior government executives, hoping to unlock the entire government systems. Immediately after the attack, government security officials shut down all Internet access in both departments to determine how much information was stolen and who stole it.

Sources say the hackers used a spear-phishing attack: using servers located in China, the hackers first gained control of Canadian officials’ government computers, posed as executives, and sent out e-mails to technical staff from the departments to trick them to release key passwords that would give the hackers access to several government networks. The hackers also sent other employees malware that hunted down specific classified government information and sent it back over to the hackers.