All Articles
Presentation test - Sergi
Some text comes here
Test
Security Update: Was TeamViewer Hacked? Digital Edge Believes it was a Backdoor Dropped by Trojan.MulDrop6.39120
Digital Edge’s Security Team is monitoring the situation with TeamViewer hacking allegations. The news broke last week – some TeamViewer users complained that intruders gained access to their computers through TeamViewer program.
TeamViewer denied any hacking allegations but shortly following, its service was knocked off by a DDoS attack aiming DNS services, leaving more questions to TeamViewer’s Security Team.
1. Even though the situation is still not clear, the Digital Edge Security Team sides with security expects blaming a BackDoor Trojan discovered in May of 2016. The signature for the Trojan was added on 05/26/2016. The version of Trojan - BackDoor.TeamViewer.49 utilizes TeamViewer as its backdoor implementation and is delivered by Trojan.MulDrop6.39120 through Adobe vulnerability. Even though the Trojan is supposed to hide the TeamViewer interface and use its functions in the background, we believe that mutation of the virus (the virus uses advanced hiding techniques) can create an unpredicted effect on the systems with legitimately installed TeamViewer causing effect described by users that reported the compromise.
Please click here for more details.
As a result, we do believe that it is safe to use TeamViewer, unless your system does not have updated antivirus and does not have all latest patches installed. By saying that, the Digital Edge team urges to cautiously use this product, as there is no confirmation from TeamViewer’s Security Team or reputable security companies that our analysis is correct
2. Digital Edge security team has contacted all clients using TeamViewer and discussed preventive measures.
3. If you are using TeamViewer please click here to see our advice how to verify that your TeamViewer was not hacked.
If you feel that you need assistance from the Digital Edge Security team please contact Danielle Saladis at dsaladis@DIGITALEDGE.NET.
Digital Edge is committed to providing the highest levels of security within all the IT infrastructure environments under its care. In order to achieve this utmost goal for all of our clients, we continuously maintain vigilance both on the productive side of IT as well as on its destructive side. We thus send out news and security bulletins such as this one from time to time to ensure that our clients are informed and educated on any important developments in IT security and are fully aware of what we are doing to ensure that we and our clients are always at the Cutting and at the Digital Edge of technology.
Log Management Retention Requirements
Automated Event Log Management Solutions are used to facilitate the most difficult job in any compliance process. Regular review and correlation of event data through merging and archiving of events from multiple systems and separation of the most critical 1% of activities from useless 99% of noise. From the compliance perspective, event log management is: Collection (Consolidation), Archiving (Retention), Audit Reporting, and Monitoring (Alerting).
On September 20th, 2016, Digital Edge released an article on Log Management Laws and Regulations. Click here to view a little “Cheat Sheet" on the Event Log Retention Requirements that are mandated by major compliance regulations.
Log Management: Related Laws and Regulations
Log management is an often overlooked function of any IT organization. On one hand it is a very simple thing, however when implemented, you may find yourself overwhelmed in a plethora of details and related problems and can inevitably lead many to just drop the implementation – with the thought – we may not need it, everything is working on its own.
In addition to a great stash of valuable information, visibility, capabilities for additional alerting, predictions, forensic and behavior analysis, log management is one of the areas of control for multiple compliance and regulatory frameworks.
Relevance to Laws and Regulations: There are multiple compliance regulations related to log management. It is the law to log and review.
Digital Edge is proud to introduce our new and latest product LogIT. Log Management will allow us to assist our clients uncover the value of something that already exists, but is not visible in their information technology environment's plethora of valuable information. Digital Edge ensures that our clients will get the most out of their application, system, and security logs. Besides collecting and storing logs, LogIT will help expose the full use of logs and machine data for network protection and compliance.
Digital Edge provides enterprise ELK Log Management Solution, cloud based or on premises. We stand out from our competitors for multiple reasons – including that we do not limit retention period and we don't have restrictions for value or speed for log streams. Additionally, we customize dashboards for our clients individual needs and expose our services to clients over VPNs of private cross-connects in data centers that we support. On top of all that, Digital Edge's LogIT can provide an unparalleled solution in today's IT Landscape.
Through sensors, Digital Edge captures all possible information generated in any device, application, and security event. We ensure security by staying alert on any security alert generated by any infrastructure device or application, along with collecting valuable forensic information. LogIT also provides a combination of structured and unstructured search built on our Elasticsearch backend. Unstructured search provides a Google-like experience while our MDI fabric enables contextual search when greater precision is required. Our search builder allows you to easily realize the best of both worlds instantly.
Click the link http://www.digitaledge.net/log-management-assessment-tool/ to assess your log management needs and budget. For further information please feel free to contact us.