Blog Posts Tagged with "Advanced Persistent Threats"
February 01, 2012 Added by:Dave Shackleford
We’re pretty good at if-then analysis for controls in security. Let’s turn it around though and start thinking if-then in the negative sense. Prevention tools and processes need to fail gracefully and lead us into detection and response mode...
January 12, 2012 Added by:John Linkous
SIEM tools are highly focused on events. Even in cases where a SIEM can look outside of the world of events at one or two other pieces of data - say, at network traffic - that’s still woefully inadequate. We certainly need events and network traffic data...
January 12, 2012 Added by:Infosec Island Admin
Generally, people just aren’t thinking all that much when they get these calls. Sure, people should never be asking them for their passwords, but now this. Open this file would you? Tell me how many pages it has to verify that you got it, would you?
January 03, 2012 Added by:Malgorzata Skora
Physical security can’t be overstated with high value targets such as the Nuclear Power plants in Iran and the U.S. Governments Secret SIPR networks being victims to physical layer compromise. If there’s one guaranteed way to gain access to any network, it’s with a physical layer exploit...
January 03, 2012 Added by:Headlines
As 2011 was such an eventful year where security is concerned, no doubt many readers will point to numerous instances where they feel an episode was overlooked that should have been included in the top ten - but hey, you have to draw the line somewhere...
December 22, 2011 Added by:Headlines
"What was unusual about it was that this was clearly somebody very sophisticated, who knew exactly who we are and who targeted specific people and used sophisticated tools to try to gather intelligence," said the Chamber's COO David Chavern...
December 21, 2011 Added by:Infosec Island Admin
One must look at the range and breadth of companies and entities being broken in to by the likes of China to see that no one is exempt. Know the ins and outs of the technology as well as the spook landscape, especially if you work in infosec today, lest you become the next target...
October 25, 2011 Added by:Chris Kimmel
A true APT has close to a 100% penetration rate. It should be noted that the difficulty of attacks can range from simple social engineering to a zero-day. These attackers will tend to use any attack method they can to penetrate an organization...
September 14, 2011 Added by:John Linkous
It is with sadness that today we announce the death of SIEM. Born to a fanfare of promises at the dawn of the information economy as we know it, SIEM was lauded as a tool that would protect an increasing volume of data from prying eyes and ne'er-do-wells - on the inside and the outside...
August 31, 2011 Added by:Headlines
"The FireEye Advanced Threat Report focuses on the threats that have successfully evaded traditional defenses. These are the unknown threats and advanced attacks that are dynamic, targeted, and stealthy. And, they are extremely effective for compromising organizations’ networks..."
August 30, 2011 Added by:Headlines
"We consider those conclusions to be largely unfounded and not a good measure of the real threat level. Also, we cannot concede that the McAfee analyst was not aware of the groundlessness of the conclusions, leading us to being able to flag the report as alarmist," Eugene Kaspersky said...
August 29, 2011 Added by:J. Oquendo
Arguments surrounding APT will remain a battle of expert vs. expert - but how about we use some common sense for a moment? If YOU were an attacker, why would you bother attacking from your own fixed location? It would make more sense to attack from another country for deflection purposes...
August 22, 2011 Added by:Headlines
"The Defense Advanced Research Projects Agency (DARPA) is requesting information on innovative technologies and approaches to secure the Nation’s infrastructure and to ensure the survival of the Department of Defense’s cyber capabilities in case of attack..."
August 18, 2011 Added by:J. Oquendo
The media, security companies, and the “Cybersecurity Industrial Complex” labels almost all attacks as Advanced Persistent Threats almost always originating from China. The mechanism for identifying the attackers is always the same: "The attacker came from the following IP address..."
August 15, 2011 Added by:Infosec Island Admin
It is readily apparent from this POS that McAfee has put out that they are just fishing for some press here for their flagging AV sales. This paper gives nothing relevant to the story around APT and as such, it should be just relegated to the dustbin of the internet and forgotten...
August 07, 2011 Added by:J. Oquendo
After reading about the APT called Shady Rat I shrugged my shoulders and said so what. Why are ten year old attacks and tools still a problem? The answer is simple: Many companies and their staff are under-qualified, incompetent, uneducated, all of the above, or just don't care about security...
Seven “Sins” of Cyber Security... John Terry on 03-05-2015
Update 3: Hackers May Leak Norton Antivirus ... Jhun Astillero on 03-05-2015
Steps Toward Weaponizing the Android Platfor... arisha nani on 03-05-2015