Blog Posts Tagged with "Advanced Persistent Threats"
Defense Research Lab Back Online After Attacks
July 18, 2011 Added by:Headlines
Nearly two weeks after an Advanced Persistent Threat (APT) attack caused officials to take systems offline at the Energy Department’s Pacific Northwest National Laboratory (PNNL), nearly all systems have been restored to normal operating parameters...
Comments (0)
This Article Has Been Has Been Re-Hashed Re-Hashed
June 14, 2011 Added by:J. Oquendo
Targeted phishing, aka spearfishing attacks, have been noticed since 9/11 and no one seems to have gotten their act together to defend against this attack. The attack itself is almost always defendable with, and I have stated this over and over again, Extrusion Prevention...
Comments (0)
APTs Require a Comprehensive Architecture
June 08, 2011 Added by:Rahul Neel Mani
APTs are becoming more and more complicated. However, there are certain security measures that organisation still need to take. Take the case of Epsilon data breach, or RSA breach. Hacked using simple social engineering tools like spear phishing and phishing e-mail to succeed...
Comments (0)
RSA Tokens, Lockheed Martin, APT, OH MY!
June 03, 2011 Added by:Scot Terban
I can hear certain people in the community now groaning at the use of the APT acronym but let me put it to you all straight. If there was a hack on LMCO, maker of the JSF and numerous black type projects to boot, then it was likely China or another nation state’s actors...
Comments (0)
Hacker Offers Insight On Sony PSN Breach
May 19, 2011 Added by:Headlines
"The depths they went indicates that this hack wasn't arbitrary... It seems likely to me that Sony got attacked through its web services first, such as the blog, and it opened up the doors to the rest of Sony's servers..."
Comments (0)
Do You Really Know What’s on Your Network?
May 05, 2011 Added by:Global Knowledge
A simple Android app called Caribou is able to open doors with a simple push of a button once the IP address of the server is identified. When you think of the number of access card systems installed in HOA’s and businesses across the nation, the enormity of the risk becomes easily apparent...
Comments (0)
SMBRelay Attacks on Corporate Users Part 2
April 27, 2011 Added by:Alexander Polyakov
MS Office programs will show an alert to our victim if it couldn't download content from a remote resource. We could put a document on our shared resource and when MS Office opens the doc, it takes a style sheet from our shared resource and doesn't show an alert to the victim...
Comments (0)
The Thousand Grains of Sand in the Electronic Age
April 20, 2011 Added by:Scot Terban
Over the years the Chinese have made it their business to steal a lot of data. Some of it you would readily see as important militarily or for industrial espionage, but some of the data is much more arcane as to the reasons why they would make the efforts that they do to get it...
Comments (2)
European Cybercrime 10 Years On - Why It’s Not Working
April 19, 2011 Added by:Jared Carstensen
The recent economic growth in Europe (bank bailouts aside), upgrades to infrastructure, communications, and internet speeds, coupled with the reduced costs of equipment required for cyber criminals to operate, has greatly assisted cyber criminals and cartels in their mission...
Comments (2)
Defining the Insider Threat
April 17, 2011 Added by:Danny Lieberman
Mitigating the insider threat requires defining whether or not there IS a threat, and if so, finding the right security countermeasures to mitigate the risk. One wonders whether or not RSA eats their own dog food, and had deployed a data loss prevention system. Apparently not...
Comments (8)
Advanced Persistent Threats - Blame It On REO
April 10, 2011 Added by:J. Oquendo
We can never stop an attacker from trying to compromise us, it is out of our control. This does not mean that we cannot stop connections from leaving that machine. After all, controlling what leaves a machine will always be more important than what is coming INTO a machine...
Comments (0)
A Potential Silver Lining in a Government Shutdown
April 08, 2011 Added by:Wayde York
Threats that exploit our systems and target specific information work in the background in a "low and slow" method, and finding them in the din of normal network traffic is difficult. If the shutdown does occur, the layers of noise that protects these threats will be pulled back...
Comments (0)
Government Shutdown Could Impact Cyber Security
April 07, 2011 Added by:Headlines
"When we put ourselves in state of chaos like this, and this is what it will be, think of the opportunities for striking through the APTs (advanced persistent threats), they can pick and choose the targets with much less security behind them..."
Comments (0)
The Art of Cyber Warfare - Educational Fail
April 04, 2011 Added by:J. Oquendo
Is there a solution to the ever continuing FUD machine? Cyberwarfare is over-hyped and misrepresented. The fact is, even responsible individuals get it wrong consistently. This is how and why we fail, and will continue to fail, to defend against "computer related" attacks...
Comments (2)
Why Sending Files Outside Your Enterprise Needs Approval
March 24, 2011 Added by:Eli Talmor
What do we know for sure? Enterprises need to communicate with the outside world. DLP can do a good job with content-screening of email, but file content screening may be a bit too much for DLP - and this is the "sweet spot" being exploited by APT...
Comments (0)
Security Vendors Vow to Defend Against Cyber-Boogeyman
March 21, 2011 Added by:J. Oquendo
McAfee is making a run to become the security industry's "Minitru". Regardless of my view of the security landscape, I believe that there is an increasing need to share information between companies that are under attack or that have been compromised. However, I doubt this could ever happen...
Comments (4)
- Five Things Your InfoSec Team Should Do in the Next 30 Days
- The Disclosure Debate Continues….. (part 1,453, 769) to be Continued
- The Danger of Mixing Cyber Espionage with Cyber Warfare
- Improving Security by Failing Faster
- BYOD: Should It Be the Wave of the Future?
- Trend Micro Discovers "SafeNet" - a New Targeted Espionage Operation Online
- Managing My Company’s Security is a Nightmare
- Bridging the Cybersecurity Divide, Why Security Innovation Must Lead the Way
- The Evolution of Industrial Control System Information Sharing
- ATM Security (And Really Learning from the Past)