Menu

Blogs

Showing Blog Posts: 1–10 of 103 tagged Hackers and Threats

  • The Future of Electronic Attacks, and the End of the Network Perimeter

    by John Linkous on December 16, 2014

    JPMorgan Chase was one of the latest Fortune 500 companies to fall victim to an electronic attack in 2014. On Aug. 28, the company said it was the target of a broad-scale attack which, based on its alleged complexity and breadth, may well have been state-sponsored. Bank records were altered and deleted, potentially impacting thousands of bank customers. It also appears that up to seven different…

  • Spam Nation: The Inside Story of Organized Cybercrime-from Global Epidemic to Your Front Door.

    by Ben Rothke on December 8, 2014

    There are really two stories within Spam Nation: The Inside Story of Organized Cybercrime-from Global Epidemic to Your Front Door. The first is how Brian Krebs uncovered the Russian cybergangs that sent trillions of spam emails for years. As interesting and compelling as that part of the story is; the second storyline is much more surprising and fascinating. Along with George V. Hulme and Steve…

  • Social Engineering 2.0: Old-Fashioned Targets, Cutting-Edge Techniques

    by John Linkous on November 14, 2014

    Back in 2006, a large company in Chicago contracted my company to conduct an advanced information security controls assessment. In addition to looking for technical vulnerabilities—unpatched servers, web app vulnerabilities, open ports that should be closed, and the like—we were also contracted to conduct a social engineering assessment. On the first day of our technical assessment, our team…

  • A Whole New Way to Spot Malware Before It Spots You

    by Robert Moskowitz on October 28, 2014

    Enterprise networks still rely on antivirus software and blacklists to keep known malware at arm's length. But researchers suggest another approach, one which promises to spot a dangerous piece of code before it shows up on a list somewhere. This form of detection doesn't look for malicious code, but for malicious networks communicating with that code. Internet service providers, and any…

  • Official (ISC)2 Guide to the CCFP CBK

    by Ben Rothke on October 21, 2014

    The Certified Cyber Forensics Professional (CCFP) is the latest certification from ISC 2 , creators of the CISSP certification. The CCFP, like the CISSP, is built around a common body of knowledge (CBK) that includes established forensics disciplines as well as newer challenges, such as mobile forensics, cloud forensics, anti-forensics, and more. For those looking for reference guide, the Official…

  • Effective Strategies for Information Protection

    by Robert Moskowitz on October 14, 2014

    The fact that more than one user in different locations may require simultaneous access to the confidential information used in different applications makes it difficult to protect the information from a wide variety of threats. Identifying Threats Protection is more than controlling access. It's also about preventing unauthorized release, unauthorized modification, and unauthorized denial of…

  • Hate Crimes in Cyberspace

    by Ben Rothke on October 14, 2014

    It’s said that criminal lawyers see bad people at their best, and divorce lawyers see good people at their worst. At times, the Internet seems to bring out the bad in all types of people. In Hate Crimes in Cyberspace, a fascinating book just out, author Danielle Keats Citron details many incidents where unsuspecting and ordinary people suddenly found themselves under direct attack in the form of…

  • Threats and Risk Management: Protect Your IP From Computer Hacking

    by Christopher Burgess on October 10, 2014

    There isn't a company in existence that doesn't have trade secrets and intellectual property worth protecting. The threats may come from computer hacking or from careless end users not paying attention to processes and procedures. One does not exclude the other. Poor cyber-hygiene makes the likelihood of systems and device compromises a real possibility. Tim Mather of Cadence Design Systems…

  • Security Risks: Mitigating the Human Element

    by Christopher Burgess on September 30, 2014

    Logs, logs, and more logs: They bury our sys admins charged with protecting our networks. The larger the company, the more data there is to process. Sorting out the false positives from those requiring immediate attention is key. We can do this by focusing on what our users are doing. We are all thankful for the plethora of tools that allows us to consume the myriad of logs and help us, the mere…

  • Take Steps to Deal With Bash Bug "Shell Shock" Now

    by Fahmida Y. Rashid on September 25, 2014

    It’s bad enough that many IT security teams are still dealing with the effects of the Heartbleed vulnerability in OpenSSL, but now they also have to handle Shell Shock, a vulnerability in the widely used command interpreter Bash. The flaw is present in how Bash sets environment variables and allows attackers launch remote code injection attacks to hijack the vulnerable machine. Threatpost does a…

This document was retrieved from http://www.rsaconference.com/blogs on Sat, 20 Dec 2014 23:04:08 -0500.
© 2014 EMC Corporation. All rights reserved.