Blog Posts Tagged with "Advanced Persistent Threats"
November 14, 2012 Added by:Ben Rothke
Every organization of size and scope is a target, and many of the world’s largest firms and governments have been victims. In Reverse Deception: Organized Cyber Threat Counter-Exploitation, Dr. Max Kilger and his co-authors provide an effective counterintelligence approach in which to deal with APT...
October 29, 2012 Added by:Fergal Glynn
Using the watering hole analogy, if you are the owner of a location where people congregate to drink you need to keep the beverages safe and clean. Unfortunately digital safety is decades behind food safety. If you own a website you need to understand what SQL Injection and XSS are...
September 23, 2012 Added by:Ben Rothke
With the release of Hacking Exposed 7: Network Security Secrets & Solutions, authors Stuart McClure, Joel Scambray and George Kurtz (along with over 10 contributing authors) provide an up to date version to the original classic. The book includes the essentials of hacking...
September 21, 2012 Added by:Scot Terban
The paper, “Peter the Great Versus Sun Tzu” alleges that a comparison can be made between the varying actors in malware creation. They have broken this down into a battle royal between the “Asians” and the “Eastern Europeans” which is just patently stupid...
September 13, 2012 Added by:Javvad Malik
You’re the new guy in the security ops team, they’re giving you a very crucial and important job… Monitoring. You’ll be told how it is essential to be done correctly. But you notice that nobody really shows any interest in doing it. There’s are two reasons for this...
September 12, 2012 Added by:Pierluigi Paganini
The security firm FireEye has released an interesting report that provides an overview of the current threat landscape, evolving malware, advanced persistent threat (APT) tactics, and the level of infiltration seen in organizations’ networks today. The report presents an alarming scenario ...
August 27, 2012 Added by:Jeffrey Carr
Most security operations centers are monitoring for an APT-style attack and their defensive tactics are geared towards interrupting it by use of an "intrusion kill chain". The attack on Saudi Aramco didn't fit this model, and hence would have been completely missed by most of the world's largest companies...
August 22, 2012 Added by:Headlines
The event brought together state Chief Information Security Officers and other cyber security professionals from the nation's state, local and territorial governments, along with representatives from the U.S. Department of Homeland Security and industry experts for briefings on current cyber threats...
August 19, 2012 Added by:Richard Stiennon
The attackers are going to breach your network to get what they want. The question is: how fast can you discover an intrusion, figure out what the attacker is after, stop the attack, clean up – and prepare for their return? After all, motivated attackers will be back...
August 15, 2012 Added by:Matthijs R. Koot
The intent of deception is "to get the adversary to act confidently and predictably". If you want to be inspired to think about deception/MILDEC as means of counterintelligence (CI) in cyberspace. I recommend this book. If you already work in CI, you may find it useful to evaluate your existing beliefs...
August 12, 2012 Added by:Brent Hutfless
Training and education are key elements to securing data. The advances in detection and monitoring solutions have placed more capable tools in the security professional’s toolbox, but APT attacks have grown in sophistication and perseverance – often leading to successful attacks and subsequent data loss...
August 06, 2012 Added by:Danny Lieberman
Data is leaked or stolen because it has value. The financial impact of a breach is directly proportional to the value of the asset. The key attack vector for an event is people - often business partners working with inside employees. People handle electronic data and make mistakes or do not follow policies...
July 31, 2012 Added by:Scot Terban
With the advent of Anonymous and Stuxnet and the nascent idea of the internet becoming a “digital nation state” we all have to be mindful that while the technologies out there are a commodity, so too are we in the great game of cold war intelligence and cyber war. We are the commodity that makes the new exploit...
July 23, 2012 Added by:Boris Sverdlik
I tried to keep my comments limited to Twitter, but with this pile up on Security Awareness, I felt an obligation to put my opinion out there once again. @Krypt3ia and @iiamit have both posted their rebuttals respectively calling each other wrong of course, but where's the excitement without debate?
July 20, 2012 Added by:Scot Terban
You train employees to protect not only from clicking on links or suspect emails, but you also teach them good ethics as well as security hygiene. The cumulative effect will help you secure the environment and in tandem with your technical means, and make it all the better...
July 14, 2012 Added by:Rafal Los
APT - Advanced Persistent Threat has been the nervous topic for a long time now in Information Security. While there is a metric ton of misinformation and confusion about what constitutes an Advanced Persistent Threat, the thrust seems to be that once you're a target, you're a victim...
Mobile Security Processes Could Be Applied t... Johnnie Nix on 05-21-2013
ATM Security (And Really Learning from the P... Johnnie Nix on 05-21-2013
New Study Published on Mobile Malware... Caitlin Rachel on 05-21-2013