Security device review, USB secure tokens, USB authentication key, biometric devices.

What are strategies for protecting against two-factor authentication vulnerabilities?

Long time ago, Microsoft admitted that “game is over, if an attacker is landed inside your Active Directory” (“Mitigating Pass-the-Hash and Other Credential Theft”, version 2) by putting the following statement :

“Assuming breach requires a shift in mindset from prevention alone to containment after breach”

Meaning that no security software will help you since that moment. With this statement Microsoft team accepted that 0-Days vulnerabilities and exploits will continue to appear in future. What lessons security architects and experts may learn from Sunburst/Solarwind case? Probably the statement may be expanded to a wider scope:

“Assuming ongoing breach executed in an unidentified past requires a shift in mindset from prevention to continuous containment”.

What if the breach was already happened but we dont know about it now? Cyber-Security vendors now start offering solutions that includes new paradigm :

  • Breach Prediction and Threat Intelligence that monitors threat actors in dark net, vulnerabilities and tactics they are going to use. This will allow to identify potential targets and the weaknesses that will be exploited.
  • Breach Detection and Response with security controls that will continue to perform even in containment phase (i.e. “game is over”). Make Malware/RAT/APT operators to move in a wrong direction, take “wrong” things, while leaving more Indicator of Compromise and evidences in IT infrastructure.

Read more

P2P encryption ownership in secure online storage products (, OneDrive)

Briefly: Secure storage services such as, OneDrive Vault, offers P2P encrypted cloud storage, where the data are being encrypted/ decrypted in your web browser or computer. This provides the highest privacy level since data delivered to the cloud storage in encrypted form. Does it really mean, the information cannot be accessed by the Vendor? Here we show, how the vendor completely owns encryption protocol and data flows, even in your web browser. We also demonstrate why total ownership gives vendors the tools for user targeting that may be used to de-private your data. An example with Rohos Disk cloud folder encryption demonstrates the difference.

Read more

FIDO U2F security keys’ review: authentication, digital signature or blockchain?

Research on Security Keys

While integrating FIDO U2F key as a new authentication method to Rohos Logon Key, we have reviewed it’s features. In this article we outline the origin and history of U2F, how it works on low level, the list of capabilities and possible applications that beside authentication includes also document signature, crypto-currency, blockchain and change management.

Read more

Ironkey security review (part 2).

We go on with tests with IronKey. And in this part we’d like to tell you more about the features and functionality of the drive.  The new S200 IronKey model is now compatible with Windows 7. The IronKey S200 1GB is high end and its price reflects that – 79$ USD. Our verdict for this part: screwed-on device and features that makes USB flash drive the most secure and user life a bit complicated.

Read more

BioSlimDisk biometric security token, Review, Comparison.

Dear friends, recently we have covered “BioSlimDisk Signature” compatibility with some Rohos products. Now it’s time to review device security capabilities, compare it with other Biometric USB flash drives with fingerprint scanners and give you some hi-res photos of the device.

In brief, BioSlimDisk is a USB flash drive with hardware level encryption (AES 256 bit key length) and hardware level Biometric authentication.

Read more