Blog Posts Tagged with "Attack Vector"

A6f413a75686867ef5010ac90b5ceef9

A Perspective on Advanced Persistent Threat

October 25, 2011 Added by:Chris Kimmel

A true APT has close to a 100% penetration rate. It should be noted that the difficulty of attacks can range from simple social engineering to a zero-day. These attackers will tend to use any attack method they can to penetrate an organization...

Comments  (0)

8b5e0b54dfecaa052afa016cd32b9837

IPv6: The End of Security As We Know It

September 21, 2011 Added by:Craig S Wright

People have seen IPv6 as a simple addressing extension to the existing internet and see few changes to the way we secure systems. These people cannot be further from the truth. IPv6 will change the way we think about security. We need to start planning now or we will be left in the dust...

Comments  (0)

69dafe8b58066478aea48f3d0f384820

FireEye Releases First Advanced Threat Report

August 31, 2011 Added by:Headlines

"The FireEye Advanced Threat Report focuses on the threats that have successfully evaded traditional defenses. These are the unknown threats and advanced attacks that are dynamic, targeted, and stealthy. And, they are extremely effective for compromising organizations’ networks..."

Comments  (0)

959779642e6e758563e80b5d83150a9f

Message Queuing Insecurity

August 24, 2011 Added by:Danny Lieberman

Well placed attacks on message queues in an intermediary player, for example a payment clearing house, could result in the inability of the processor to clear transactions but also serve as an entry point into upstream and downstream systems. These attacks can and do cascade...

Comments  (0)

959779642e6e758563e80b5d83150a9f

A Strategy for Combating Cyber Terror

July 05, 2011 Added by:Danny Lieberman

If we consider that cyber terror is not fundamentally different than bombers with suicide belts, we are drawn to consider the amount of damage caused by any terror attack whether on the street or in a database. Reducing the probability of attack means reducing the threat surface...

Comments  (0)

7c5c876d1933023ac375eead04302e1a

You Can't Buy DLP

June 13, 2011 Added by:Boris Sverdlik

To implement a data loss solution, you must take a holistic approach to identify the problem, threat vectors and vulnerabilities. You must understand where your sensitive data lives within your organization. This can’t be done with a tool, regardless of how good they claim it is...

Comments  (3)

F7e202a206691e473e509d080620af68

Malvertising: The Use of Malicious Ads to Install Malware

June 13, 2011 Added by:Lenny Zeltser

Perhaps the future will bring malvertising campaigns where Flash-based ads usurp the victim's CPU cycles to run computations, such as distributed password cracking. Another potential is to use the browser for Bitcoin mining; such operations are already possible using pure JavaScript...

Comments  (1)

44a2e0804995faf8d2e3b084a1e2db1d

Security Awareness and Why Things Aren't Improving

June 03, 2011 Added by:Don Eijndhoven

While the use of internet technology has grown exponentially over the last decade, users have not grown much wiser in terms of security. Largely this is because the populace simply does not see the danger in having their online identities compromised; its too abstract a notion...

Comments  (0)

7fef78c47060974e0b8392e305f0daf0

The Thousand Grains of Sand in the Electronic Age

April 20, 2011 Added by:Infosec Island Admin

Over the years the Chinese have made it their business to steal a lot of data. Some of it you would readily see as important militarily or for industrial espionage, but some of the data is much more arcane as to the reasons why they would make the efforts that they do to get it...

Comments  (2)

69dafe8b58066478aea48f3d0f384820

One in Five Search Engine Topics Lead to Malware

March 03, 2011 Added by:Headlines

"Attackers focus on where they can get the most eyeballs and profit, and today that means social networks and search engines. As a community we often point to the need for user education as the missing component..."

Comments  (0)

E313765e3bec84b2852c1c758f7244b6

Infosec Insights: Getting Indexed via Twitter – Good and Bad

March 02, 2011 Added by:Brent Huston

Clearly, search engines aren’t the only types of automated applications watching the Twitter stream. My guess is that scanning engines watch it too, to some extent, and queue up hosts in a similar manner. Just like all things, there are good and bad nuances to the tweet to get indexed approach...

Comments  (0)

E313765e3bec84b2852c1c758f7244b6

Safeguarding Your Data From Hackers and Intruders

January 31, 2011 Added by:Brent Huston

Browsing the Internet is fun, entertaining, and often necessary. Web browsers are also a ripe playground for nefarious activity which means the more risky places you visit, the bigger the chance that you’ll face some sort of danger...

Comments  (0)

B64e021126c832bb29ec9fa988155eaf

USB Attack Vectors Move Beyond Flash Drives

January 05, 2011 Added by:Dan Dieterle

The computer does not see the Teensy device as a USB drive or another accessory, but as a human interface device. With the Teensy programmable keystroke device, we are really looking at a new generation of intelligent malicious hardware that will be limited only by the imagination of the attacker...

Comments  (6)

Page « < 1 - 2 > »