Showing Blog Posts: 1–10 of 210 tagged Hackers and Threats

  • Ben's Book of the Month: Review of "Hacking the Hacker: Learn From the Experts Who Take Down Hackers"

    by Ben Rothke on December 29, 2017

    As 2017 closes, this month’s theme is hackers and threats. We focus on the growing underground economy, advanced threats, APTs, new classes of vulnerabilities, exploitation techniques, reverse engineering and how to combat these growing information security problems. When it comes to learning the ins and outs of hacking, the various editions of Hacking Exposed are a great resource. The assorted…

  • From the IoT to Insider Threats, 2018 Figures to Keep Security Leaders on Their Toes

    by Tony Kontzer on December 28, 2017

    As the world looks forward to saying goodbye to the crazy year that was 2017, security experts are chiming in about what to expect in 2018, and the news is not good: insider attacks, tax scams, election hacks, and holes created by the Internet of Things lead the list of threats that cyber security teams can expect to be most prominent in the coming year. Probably not the Christmas gift list they…

  • How Enterprises Can Better Combat Advanced Cyber Attacks

    by Sean Cunningham on December 27, 2017

    Numerous relatively recent cyber attacks have successfully breached organizations that should be the cyber world’s equivalent of Fort Knox – exceedingly hard to penetrate. Yet as the infiltration of systems at the likes of the Security and Exchange Commission, National Security Agency and credit bureau giant Equifax underscore, no entity is immune from hackers. Why is this so, even as cyber…

  • Cyber-Game Theory: Focusing on Zero Sum, Not Zero Day

    by Danelle Au on December 22, 2017

    The news covers a major breach seemingly daily. What quickly becomes apparent from these breaches, is that attackers are more likely to draw upon a common arsenal of attacks rather than create a new zero day. In fact, while the victims and the damage vary widely, at the core of attacks are many identical, tried-and-true, tools and techniques. Malware developers, just like software developers, …

  • Shoring Up Online Retail Security Can Ensure A Merry E-Christmas For All

    by Tony Kontzer on December 20, 2017

    One thing we can all be sure of this holiday season: Lots of Americans are choosing to avoid the insanity in shopping malls by firing up their computers, phones and tablets to take care of their Christmas shopping online instead. Even though a steady flow of large-scale data breaches have hit American companies in recent months (hello, Equifax, Whole Foods and Uber, just to throw out a few…

  • Credential Stuffing Threats Facing the eCommerce Industry This Holiday Season

    by Patrick Sullivan on December 19, 2017

    Forecasts call for double digit growth in eCommerce holiday spending. Much like the Dr. Seuss novel, there is a Grinch lurking this holiday season, trying to ruin this joyous time of year. The Grinch, in this case, is the collection of fraudsters working to perform Account Takeover (ATO) attacks. ATO attacks continue to be a growing threat on the Web, targeting any site with a login protecting…

  • Supply Chain Attacks on Retail – What Happens When Trusted Channels Can’t be Trusted?

    by Netta Schmeidler on December 5, 2017

    The holiday season has officially begun, but for many retailers those visions of dancing sugarplums have given way to nightmares about cyberattacks. The ThreatMetrix Q3 2017 Cybercrime Report predicts that the number of ecommerce attacks in the last quarter of 2017 will be greater than the number of attacks across all industries in the same quarter last year, with more than 50 million attacks…

  • The KRACK Attack: What to Communicate

    by Lance Spitzner on October 17, 2017

    Editor's Note: This blog post originally appeared on the SANS Security Awareness blog. This blog is a work in progress and will be actively updated as new information is released. It was announced (Monday, 16 October, 2017) that the globally used WPA2 Wi-Fi security protocol has been broken. This standard is the most commonly used security standard used by Wi-Fi networks around the world. The…

  • Could the Equifax Breach Have Been Avoided?

    by Tony Kontzer on September 28, 2017

    Much has been written about how Equifax could have prevented the recent breach that exposed personal information on 143 million Americans with one simple act that's supposedly on the to-do list of every corporate security practitioner: Stay up to date on patches. We've read about how the Apache Software Foundation had released a patch to address a vulnerability in its Struts web app-building…

  • Why The Equifax Breach Should Be Doing More Than Scaring Us

    by Tony Kontzer on September 26, 2017

    Do we need look any further than the recent Equifax breach for compelling evidence of what a cyber security incident can do to a business? A couple of weeks ago, Equifax was just one of three credit reporting agencies Americans knew housed their financial data. Today? It is being held up as an example of the risks of housing valuable data. We've all seen the eye-popping number over and over…

View All


Are you interested in contributing to the RSA Conference blog? Download our 2018 Editorial Calendar for more info. 

This document was retrieved from on Sat, 24 Mar 2018 17:49:43 -0400.