Fidelis Threat Advisory

Fidelis Security Systems’ Threat Research team issues Fidelis Threat Advisory (FTA) documents in response to current security issues posing risks to enterprises everywhere.

Each Fidelis Threat Advisory (FTA) features an overview of the threat (e.g. timeline, threat vector(s), person(s) involved, malware behavior, and propagation techniques), risk assessment, and indicators and mitigation strategies.

   FTA 1001 -  The RSA Hack -An examination of the three-stage RSA attack (spear phishing, Poison Ivy reverse tunnel, and compromise of the SecureID system) and a discussion of Adobe Flash patch challenges.

  FTA 1002 -   IPv6 - While IPv6 poses no threat itself, without the proper controls, it is a conduit for concealed threat activity on your network.IPv6 and associated tunneling protocols employed on IPv4 networks can be used to bypass firewalls and IPS devices that are not IPv6-and IP Tunnel aware.

  FTA 1003 - SSL Challenges - Advanced, purpose driven adversaries utilized fraudulent SSL certificates to attack prominent websites, calling to question the authenticity of SSL.

  FTA 1004 - User-Agent Strings - As the use of the UA string requires no protocol malformations and as there is no formal standard for the content or format of a UA string, its use as a C&C channel is difficult to detect and thus bypasses most security devices.

  FTA 1005 - Reverse Tunnels - The two primary threats associated with reverse tunneling are network security policy violations and the potentially more serious threat of remote control of internal systems by a malicious outsider. .