cyber security
Cyber attacks are evolving rapidly and and can affect anybody. iTM goal is to make customers more aware of the threat vectors and dangers and help them reduce the impact of malware on businesses by providing them with expert advice and solution. Our Services in the security field are:
- Vulnerability Assessment/Analysis
- Penetration Testing
- Cloud Computing Risk Evaluation
- Network Defence Operations
- Computer Forensic & Crime Investigation
- Compliance Testing
- Cyber Intelligence Threat Management
- SCADA Security Operations
- Cyber Security Awareness Training
- Wireless Technology Support
- Data Breach Prevention & Remediation
- Evidence & Data Collection
- Mobile Forensics & Forensic Data Analysis
- Tool Development
- Mobile Cyber Protection
- Cyber Policy Assessment & Design
- Curriculum Development
- Cyber Exercise Development
- Reverse Engineering
- Red Team Hacking deployment
- White Team Remediation deployment
- Advanced End-Point Deployment
- Malware Analysis & Combat
At iTM Systems we are a Cyber Security Professionals who creates tools to track down all sort of malware using a scan engine still like virus total.
cyber security incidents
First Incident
We recently went to buy a Drupal Theme that was meant for one of our websites, Fortunately any file that enters our infrastructure needs to be tested against a database that has billions of files to check the DNA of the file. After isolating this theme into our Forensic Lab, it appeared that the file mail.inc contained a shell script that it used to interact with 2 Trojan files hidden under sites sub-directory of seven, then the Trojan (Trojan.JS.ael ) collects confidential information from the compromised website and send to the remote server, JS/Downloader-AEL executes each time your computer boots and attempts to download and install other malicious files. Upon successful execution, it deletes the source program, making it more difficult to detect. Trojans can delete files, monitor your computer activities, or steal your confidential information. They can enable attackers to have full access to your computer
Then using the Trojan.Dropper.Gen7!c, it will deliver an enclosed payload onto a destination host computer. Once a dropper is executed, its own code is simply to load itself into memory and then extract the malware payload and write it to the file system. It may perform any installation procedures and execute the newly dropped malware. Then the dropper Trojan will execute in memory every time the machine is rooted as it has accomplished it job.
Second Incident
Our recent visit to a customer by one of our consultants, turned out to be very interesting. The customer called us because the print queue has been playing up in their network and this printer is used by one of the Senior Partners of the Business. Upon checking the Active Directory, we detected some activities that were not normal. Upon checking the Multi-function printer in question we f0und some interesting facts. This printer although connected to the network via a LAN interface 10/100 Mbps, had its WIFI interface enabled and connected to the Wireless network of the corporation, this would have been the end of the investigation, but this printer was running some services that where sharing the 64GB of the drive of this printer. Close examination of this printer showed us that this service was connected to the outside network and a quick test of scanning a document on this specific printer showed us that it was sending a Jpeg of the document being scanned. Although the customer network has a firewall in place, an end-point solution running, both of these solutions where not picking up on this external breach which seems to be have been configured by an outsider using the Wireless port of the printer and a telnet to this port of the printer allowed us to gain console access to this service and further access sharing software that was running on the printer. Therefore all documents scanned on this device was relayed to the 3rd party without the customer’s knowledge.
cyber security breach trends
- Trends in 2016
- Zero Day Vulnerabilities
Moreover, these infection also can used as a backdoor to detect your system security vulnerabilities and make full use of them to download more malicious infections such as malware, spyware, ransomware, rogueware, viruses and worms. In this case, your computer will become compromised, thus providing access to a 3rd party to your information and data.
We provide more Cyber Security Awareness training that cover the following areas:
o End-Point Security o Internet Gateway
o ICT Auditor o Open ADR protocol
o Incident Response o Wireless Infrastructure
o IT Security o Virtual Desktop Infrastructure
o Mobile & Web Security o Securing the Public Cloud
o Penetration Testing o Securing the Private Cloud
o Risk Management o Ransomware
o Threat Awareness o Network Segmentation / Zero Trust
o Threat Prevention o Vulnerability Management
o Anti-Money Laundering o Investigative Due Diligence
o Enterprise Risk Management o Litigation Support Initiatives
o Regulatory Risk Mitigation Solutions