Blog Posts Tagged with "Detection"
Tackling Modern Malware
August 15, 2012 Added by:Simon Heron
With conventional antivirus products, their signature bases are never completely up to date. When a new infection emerges, it simply roams freely across all endpoints. Conversely, WSA leverages behavioural monitoring to pick up infections when it isn’t sure whether a file is malicious or not...
Comments (0)
Detecting Unknown Application Vulnerabilities "In Flight"
July 10, 2012 Added by:Rafal Los
While you certainly can use velocity and frequency to detect attacks against a web application, high frequency doesn't always mean an attack or that a vulnerability is present. But, it is a fallacy to assume that a component needs to have a high frequency or velocity to signal targeting by an attacker....
Comments (0)
ICS-CERT: Detection and Mitigation Recommendations
June 06, 2012 Added by:Infosec Island Admin
While it might seem reasonable to find and eliminate the intruder on a machine-by-machine basis as compromised hosts are identified, unless the response execution prevents lateral movement of the adversary across the network, the cleanup process will likely not succeed...
Comments (0)
Leveraging Email Lists for Detecting Botnet IPs
March 04, 2012 Added by:Gianluca Stringhini
We propose a third way of performing botnet mitigation. Instead of learning different features to identify and attack the different botnets, we study how bots behave when sending spam, allow us to distinguish between bot infected machines and legitimate users...
Comments (0)
Can You Stamp Out Spambots? No, But Stop Being a Victim
March 01, 2012 Added by:Michelle Drolet
Attackers avoid creating recognizable patterns of attack, installing backdoors for easy re-entry. There are limitless ways of eluding detection by anti-malware tools. Heuristics and fuzzy logic are an improvement, but a far cry from the detection needs of organizations...
Comments (0)
Stealth Code for New Mutation of PHP Bot Infector
February 21, 2012 Added by:Brent Huston
I found a new mutation of a PHP bot infector, with zero percent detection by AV software. When I decoded the PHP backdoor I got 17 AV hits on it. This leads to the question about evasion techniques and how effective anti-virus applications are at doing code de-obfuscation...
Comments (0)
Majority of Bankers Say Cyber Crime is Uncontrollable
August 11, 2011 Added by:Headlines
The results of a live poll conducted at its annual North American Insights client conference show fraud and cyber crime continue to be among the most daunting issues that banks are facing today. Bankers believe it is a challenge that they will never be able to get under control...
Comments (0)
How Much Malware Do You Have?
December 08, 2010 Added by:Brent Huston
If your network has even a dozen servers and is complex at all, monitoring can become a daunting task. There are tools and techniques available to help in this task, though. There are log aggregators and parsers, for example...
Comments (0)
The Case for Better Detection: A Few Real Life Experiences
November 15, 2010 Added by:Pascal Longpre
Most organizations today put their efforts on preventing security breaches. Unfortunately, they disregard the fact that their protections might eventually fail and that intruders will get in. They have little means to deal with an incident after it occurs...
Comments (4)
- Managing My Company’s Security is a Nightmare
- Bridging the Cybersecurity Divide, Why Security Innovation Must Lead the Way
- The Evolution of Industrial Control System Information Sharing
- ATM Security (And Really Learning from the Past)
- Complimentary IT Security Resources [May 13, 2013]
- Steps Toward Weaponizing the Android Platform
- Mobile Security Processes Could Be Applied to Medical Devices: Bluebox
- The Emperor Is Naked!
- Infographic: Keeping Web Applications Safe
- Do You Have a Vendor Security Check List? You Should!