Gorilla Security

Bienvenue !

Gorilla Security est une entreprise offrant des services pour vous aider à sécuriser votre business.

Nous nous concentrons sur la combinaison de 3 aspects pour la construction d'un bon modèle de sécurité dans une entreprise:

Les personnes sont le facteur le plus important de l'équation. Sans elles, il n'y a rien.
Les processus et les procédures, ce qui inclut toutes les polices de sécurité, les instructions, et plus généralement la façon de travailler. Bien que ceci soit très important, ce ne peut être complet sans les deux autres aspects.
Les outils et les systèmes sont, selon nous, un support pour les processus et les procédures et dans l'application des polices. Ils doivent également assister le troisième aspect.

Nous croyons que cette approche basée sur l'influence et la mesure des ces trois aspects est un facteur critique de succès. Ceci se reflète dans notre offre.

Si vous nous contactez, nous serons heureux d'élaborer notre vision avec vous.

Nouvelles Sécurité

Mark Rasch: Lazy Workers May Be Deemed Hackers

Lazy Workers May Be Deemed Hackers
Read more on SecurityFocus News...

More rss feeds from SecurityFocus

News, Infocus, Columns, Vulnerabilities, Bugtraq ...
Read more on SecurityFocus News...

ISC-CERT Warns of Brute Force SSH Attack Threat for SCADA Systems (February 3 & 6, 2012)

The Industrial Control System Cyber Emergency Response Team (ISC-CERT) has issued a warning to utilities that certain supervisory control and data acquisition (SCADA) systems may be vulnerable to brute-force attacks.......
Read more on SANS NewsBites...

Manning to Face All Charges in Court Martial (February 3, 2012)

The commander of the US Army Military District of Washington has announced that Pfc.......
Read more on SANS NewsBites...

Copyright lawsuit targets owners of non-secure wireless networks

A federal lawsuit filed in Massachusetts could test the question of whether individuals who leave their wireless networks unsecured can be held liable if someone uses the network to illegally download copyrighted content.
Read more on Network World on Security...

Armored-truck company entrusts tracking software to Windows Azure cloud

U.K.-based cash-transport firm G4S is trusting the security of Microsoft's Windows Azure cloud service to keep safe the application that tracks where the money is as it travels to and from customers and the company's vaults in armored trucks.
Read more on Network World on Security...

Denial-of-Service Malware Campaign

US-CERT is aware of public reports of ongoing distributed denial-of-service attacks against entities in the government and private sector. According to the reports, these attacks are being attributed to the hacker group Anonymous.

US-CERT encourages users and administrators to do the following to reduce the risk associated with this and other malware campaigns:

Do not open attachments in email messages from unknown sources.
Install anti-virus software and keep virus signatures files up to date.
Refer to the Recognizing and Avoiding Email Scams (pdf) document for more information on avoiding email scams.
Refer to the Avoiding Social Engineering and Phishing Attacks document for information on social engineering attacks.
Refer to the Recovering from Viruses, Worms, and Trojan Horses document for additional information on how to recover from malware.
Refer to the Continuing Denial of Service Threats Posed by DNS recursion (v2.0) (pdf) document and Understanding Denial-of-Service Attacks document for additional information on denial-of-service attacks.

US-CERT will provide additional information as it becomes available.

Read more on US-CERT Current Activity...

Best Practices for Recovery from the Malicious Erasure of Files

There are many ways in which cyber criminals can damage computer systems and data, including changing or deleting files, wiping hard drives, and erasing backups to hide their malicious activity. Hard drives are wiped, or "zeroed out," when the original data is overwritten with zeros or different characters. This allows malicious actors to alter or even erase existing data. In addition to impeding the restoration of the original data, this type of criminal activity makes it difficult to determine whether criminals merely accessed the network, stole information, or altered network access and configuration files. Restoring networks and assessing the damage to a business can be hindered when the full extent of malicious activity is unclear. DHS and the FBI encourage businesses and individuals to employ mitigation strategies and best practices to effectively recover maliciously erased files, such as:

Implementing a data backup and recovery plan. A copy of the sensitive data should be kept in a separate and secure location. Make sure this backup copy is not readily accessible from local networks.
Regularly mirroring and maintaining an image of critical system files.
Encrypting and securing sensitive information.
Using strong passwords, implementing a frequent schedule for changing passwords, and making sure passwords are not reused for multiple accounts.
Enabling network monitoring and logging (when feasible).
Being on guard against social engineering tactics aimed at obtaining sensitive information, such as phishing.
Ensuring that sensitive files are securely eliminated from hard drives when no longer needed or required.

There are many resources available on the US-CERT website to protect users from this type of malicious activity, including these suggested readings from the National Cyber Alert System:

Cyber Security Tip ST04-002: Choosing and protecting Passwords
Cyber Security Tip ST04-014: Avoiding Social Engineering and Phishing Attacks
Cyber Security Tip ST05-011: Effectively Erasing Files