Blog Posts Tagged with "Advanced Persistent Threats"

Ffc4103a877b409fd8d6da8f854f617e

Webcast: Detecting and Preventing Advanced Persistent Threats

July 08, 2014 Added by:InfosecIsland News

Please join Palo Alto Networks and SecurityWeek on Wednesday, July 9th at 1:00 PM ET for an informative webcast on how your organization can better detect and prevent advanced cyber attacks.

Comments  (0)

3e35900ae6facc6c146a85c435c71d82

Reverse Deception: Organized Cyber Threat Counter-Exploitation

November 14, 2012 Added by:Ben Rothke

Every organization of size and scope is a target, and many of the world’s largest firms and governments have been victims. In Reverse Deception: Organized Cyber Threat Counter-Exploitation, Dr. Max Kilger and his co-authors provide an effective counterintelligence approach in which to deal with APT...

Comments  (0)

68b48711426f3b082ab24e5746a66b36

Moving From Poisoning the Ocean to Poisoning the Watering Hole

October 29, 2012 Added by:Fergal Glynn

Using the watering hole analogy, if you are the owner of a location where people congregate to drink you need to keep the beverages safe and clean. Unfortunately digital safety is decades behind food safety. If you own a website you need to understand what SQL Injection and XSS are...

Comments  (0)

3e35900ae6facc6c146a85c435c71d82

Hacking Exposed 7: Network Security Secrets and Solutions

September 23, 2012 Added by:Ben Rothke

With the release of Hacking Exposed 7: Network Security Secrets & Solutions, authors Stuart McClure, Joel Scambray and George Kurtz (along with over 10 contributing authors) provide an up to date version to the original classic. The book includes the essentials of hacking...

Comments  (0)

7fef78c47060974e0b8392e305f0daf0

Death Match: Peter the Great Versus Sun Tzu

September 21, 2012 Added by:Infosec Island Admin

The paper, “Peter the Great Versus Sun Tzu” alleges that a comparison can be made between the varying actors in malware creation. They have broken this down into a battle royal between the “Asians” and the “Eastern Europeans” which is just patently stupid...

Comments  (1)

99edc1997453f90eb5ac1430fd9a7c61

How to Fake Network Security Monitoring

September 13, 2012 Added by:Javvad Malik

You’re the new guy in the security ops team, they’re giving you a very crucial and important job… Monitoring. You’ll be told how it is essential to be done correctly. But you notice that nobody really shows any interest in doing it. There’s are two reasons for this...

Comments  (4)

03b2ceb73723f8b53cd533e4fba898ee

FireEye Advanced Threat Report: The Inadequacy of Defenses

September 12, 2012 Added by:Pierluigi Paganini

The security firm FireEye has released an interesting report that provides an overview of the current threat landscape, evolving malware, advanced persistent threat (APT) tactics, and the level of infiltration seen in organizations’ networks today. The report presents an alarming scenario ...

Comments  (0)

296634767383f056e82787fcb3b94864

Lessons for CEOs from the Saudi Aramco Breach

August 27, 2012 Added by:Jeffrey Carr

Most security operations centers are monitoring for an APT-style attack and their defensive tactics are geared towards interrupting it by use of an "intrusion kill chain". The attack on Saudi Aramco didn't fit this model, and hence would have been completely missed by most of the world's largest companies...

Comments  (1)

69dafe8b58066478aea48f3d0f384820

MS-ISAC Meeting Explores Advanced Persistent Threats

August 22, 2012 Added by:Headlines

The event brought together state Chief Information Security Officers and other cyber security professionals from the nation's state, local and territorial governments, along with representatives from the U.S. Department of Homeland Security and industry experts for briefings on current cyber threats...

Comments  (1)

924ce315203c17e05d9e04b59648a942

Is Your IT Posture that of a Protector, a Detective, or a Warrior?

August 19, 2012 Added by:Richard Stiennon

The attackers are going to breach your network to get what they want. The question is: how fast can you discover an intrusion, figure out what the attacker is after, stop the attack, clean up – and prepare for their return? After all, motivated attackers will be back...

Comments  (0)

C4363f41d25c216c53c8d71a1ac44a90

Reverse Deception: Organized Cyber Threat Counter-Exploitation

August 15, 2012 Added by:Matthijs R. Koot

The intent of deception is "to get the adversary to act confidently and predictably". If you want to be inspired to think about deception/MILDEC as means of counterintelligence (CI) in cyberspace. I recommend this book. If you already work in CI, you may find it useful to evaluate your existing beliefs...

Comments  (0)

2e4d1e4bb6b5e2d5901e2ede8065fb24

Why Effective Awareness Training Matters

August 12, 2012 Added by:Brent Hutfless

Training and education are key elements to securing data. The advances in detection and monitoring solutions have placed more capable tools in the security professional’s toolbox, but APT attacks have grown in sophistication and perseverance – often leading to successful attacks and subsequent data loss...

Comments  (2)

959779642e6e758563e80b5d83150a9f

Why Does Data Leak?

August 06, 2012 Added by:Danny Lieberman

Data is leaked or stolen because it has value. The financial impact of a breach is directly proportional to the value of the asset. The key attack vector for an event is people - often business partners working with inside employees. People handle electronic data and make mistakes or do not follow policies...

Comments  (0)

7fef78c47060974e0b8392e305f0daf0

Defcon Grows Up and Gets Recruited as an Asset

July 31, 2012 Added by:Infosec Island Admin

With the advent of Anonymous and Stuxnet and the nascent idea of the internet becoming a “digital nation state” we all have to be mindful that while the technologies out there are a commodity, so too are we in the great game of cold war intelligence and cyber war. We are the commodity that makes the new exploit...

Comments  (0)

7c5c876d1933023ac375eead04302e1a

You Shouldn't Train Employees for Security Awareness: Rebuttal

July 23, 2012 Added by:Boris Sverdlik

I tried to keep my comments limited to Twitter, but with this pile up on Security Awareness, I felt an obligation to put my opinion out there once again. @Krypt3ia and @iiamit have both posted their rebuttals respectively calling each other wrong of course, but where's the excitement without debate?

Comments  (2)

7fef78c47060974e0b8392e305f0daf0

Throwing the Baby Out with the Bath Water

July 20, 2012 Added by:Infosec Island Admin

You train employees to protect not only from clicking on links or suspect emails, but you also teach them good ethics as well as security hygiene. The cumulative effect will help you secure the environment and in tandem with your technical means, and make it all the better...

Comments  (3)

Page « < 1 - 2 - 3 - 4 - 5 > »