Blogs

Showing Blog Posts: 1–10 of 16 tagged Advanced Persistent Threats (APT)

  • A Whole New Way to Spot Malware Before It Spots You

    by Robert Moskowitz on October 28, 2014

    Enterprise networks still rely on antivirus software and blacklists to keep known malware at arm's length. But researchers suggest another approach, one which promises to spot a dangerous piece of code before it shows up on a list somewhere. This form of detection doesn't look for malicious code, but for malicious networks communicating with that code. Internet service providers, and any…

  • Targeted Cyber Attacks: Multi-staged Attacks Driven by Exploits and Malware

    by Ben Rothke on September 22, 2014

    Targeted cyber attacks are for the most part the same as an APT (advanced persistent threat). It was last year’s report on APT1 from Mandiant that brought this important information security topic to the forefront. In Targeted Cyber Attacks: Multi-staged Attacks Driven by Exploits and Malware, authors Aditya Sood and Richard Enbody write that there are a few different definitions of what a…

  • The Once and Future Network Security Appliance

    by John Linkous on September 16, 2014

    In the early 2000s, the network security appliance became ubiquitous. Beginning with Web application firewalls (WAFs), and eventually extending through all seven layers of the network model, security appliances were being popped into server racks like candy. "Need to filter spam? There's an appliance for that!" "Do you want to analyze the flow data generated on your firewalls? There's an…

  • Intelligence-Driven Security and the Future of Threat Detection

    by John Linkous on August 21, 2014

    For many years, signature-based detection was the hallmark of finding and eliminating security threats in the enterprise. While antivirus and similar products were successful against single-vector attacks, the fact is, we're seeing more and more major security breaches where traditional approaches to security no longer work. To address these new threats, intelligence-driven security is needed. …

  • Introduction to Cyber-Warfare: A Multidisciplinary Approach

    by Ben Rothke on August 4, 2014

    Cyberwarfare is a most controversial topic. At the 2014 MISTI Infosec World Conference, noted security curmudgeon Marcus Ranum gave a talk on Cyberwar: Putting Civilian Infrastructure on the Front Lines, Again. Be it the topic or Marcus being Marcus, a third of the participants left within the first 15 minutes. They should have stayed, as Ranum, agree with him or not, provided some riveting…

  • The Future Is Now: Threats That Were Never Supposed to Happen Are Here

    by John Linkous on July 29, 2014

    Recently, I took the opportunity to install the latest version of Pwnie Express's Pwn Pad 2014ce on my Google Nexus 7 tablet. For those who aren't familiar with the Pwn Pad, it's a modified version of the Kali Linux distribution that provides a complete, walking environment for detecting and—as a white-hat only, of course—testing information security threats. While the Pwn Pad is a great mobile…

  • When Apps Attack! What Is – and Isn't – Application Security

    by John Linkous on July 2, 2014

    One of the most interesting subjects at RSA Conference 2014 was the defense of software code, in all its many forms. While many of the developer-centric tracks and sessions were heavily focused on eliminating flaws within code, one of the key messages that crossed the boundary of speaking events is the idea of what is—and is not—application security. Black-box testing of apps is a fascinating…

  • Cyber Attack, CyberCrime, CyberWarfare - CyberComplacency

    by Ben Rothke on March 31, 2014

    Cyber Attack, CyberCrime, CyberWarfare - CyberComplacency is definitely not your typical information security title. Mix in a few parts reference, technical guide, rant, scary stories, comedy and myriad references to movies, and there you have this book. The full title of the book is actually Cyber Attack, CyberCrime, CyberWarfare - CyberComplacency: Is Hollywood's blueprint for Chaos coming true?…

  • Cyber Attacks, as Real as They Get

    by John Linkous on January 30, 2014

    Once again, the fundamental nature of the Internet is changing. Moving far beyond the original scope of the Internet, in the early 1990s, the World Wide Web dramatically changed its purpose. We now find ourselves on the cusp of yet another dramatic change, as the Internet of computers gives way to an Internet of things. Unfortunately, that concept also means that this relatively new phase of the…

  • The Practice of Network Security Monitoring: Understanding Incident Detection and Response

    by Ben Rothke on September 10, 2013

    It has been about 8 years since my friend Richard Bejtlich’s (note, that was a full disclosure ‘my friend’) last book Extrusion Detection: Security Monitoring for Internal Intrusions came out. That and his other 2 books were heavy on technical analysis and real-word solutions. Some titles only start to cover ground after about 80 pages of introduction. With this highly informative and actionable…

This document was retrieved from http://www.rsaconference.com/blogs on Fri, 31 Oct 2014 13:54:40 -0400.
© 2014 EMC Corporation. All rights reserved.