Advanced Persistent Threat
It's one thing to be a victim of a phishing campaign, but it's an entirely different ball game when you're at the receiving end of a targeted attack.
Traditional approaches to security breaches on the Internet will no longer work. A multi-vector attack requires a multi-vector security strategy.
Considered to be one of the biggest weapons in the fight against cyber crime, security intelligence should also be backed by an arsenal of security layers.
Exposing and defeating cyber criminal campaigns out for financial gain or trade secrets is the challenge of the day, but there are strategies and tools available to help.
The latest evidence of cyber espionage weaponry could be a harbinger of nation-state assaults to come.
A new trojan is targeting the same Java vulnerability that the Flashback malware took advantage of last week.
Much of the breach conversation over the past year has been devoted to so-called hacktivists. But nation-state adversaries, bent on looting organizations of intellectual property, are another breed entirely.
The attack du jour, APTs, or advanced persistent threats, are real threats.
Companies targeted by APT will need to upgrade their defenses strategy to include multiple, integrated layers of extremely sensitive anomaly detection and mitigation.
Stealthy, targeted attacks are real -- as evidenced by operations such as Shady RAT and Stuxnet -- and there isn't a one-size-fits-all remedy to deal with them.
"Cyber Atlantic 2011" aimed to clarify how the two nations can best communicate about cyber incidents that occur on government systems or critical infrastructure.
Hackers over the summer targeted at least 29 companies in the chemical sector during an attack campaign aimed at stealing intellectual property.
Following an attack on a major Japanese defense contractor, the nation's government computers were targets in an ambush that sought to monitor and steal sensitive communications.
In today's sophisticated malware and intrusion tactics, organizations should already assume they have been compromised. The key is readiness, says Larry Whiteside, CISO, Visiting Nurse Service of N.Y.
Internet and email service remains offline at the Oak Ridge National Laboratory after spear phishing attacks led to the theft of sensitive data.
Experts are unclear about the level of risk facing RSA customers after the security firm on Thursday reveled that hackers successfully breached its systems.
Hackers have successfully infiltrated security firm RSA to steal information related to its two-factor authentication products, the company's president revealed in a letter Thursday to customers.
2011 promises to deliver a major influx of mobile application attacks, plus other sophisticated digital assaults, said Dave DeWalt, CEO of McAfee, during a keynote address Wednesday at SC Congress Canada in Toronto.
Jerry Dixon, the former head of US-CERT, will examine the truth behind one of 2010's biggest IT security buzzwords when he speaks at next month's SC World Congress.
Botnets have evolved into full-fledged criminal enterprises, and those organizations that take the threat lightly will be the ones paying in the end.
Many in the security community say Google would be wrong to base its decision to scale back internal Windows use over security concerns.
The world of hacking has evolved into two major varieties: industrialized attacks and advanced persistent threats (APT).
Intel told the federal government that it was the victim of a "sophisticated" cyberattack that occurred in January, around the time cybercriminals compromised systems at Google, Adobe and more than 30 other large companies.
Sign up to our newsletters
SC Magazine Articles
- Long list of devices believed to be affected by NetUSB vulnerability
- Scammers target oil companies with sneaky attack
- CareFirst BlueCross BlueShield breached, more than one million individuals notified
- Study: Employees acknowledge risky security behavior, continue to engage in it
- Hack of airplane systems described in FBI docs raises security questions
- Hackers exploit Starbucks auto-reload feature to steal from customers
- Study: Nearly all SAP systems remain unpatched and vulnerable to attacks
- Former Nuclear Regulatory Commission employee arrested for alleged spear phishing campaign
- Millions of WordPress websites vulnerable to XSS bug
- FireEye first cybersecurity firm awarded DHS SAFETY Act certification
- Thousands of Bellevue Hospital Center patients notified of data breach
- Study: 86 percent of websites contain at least one 'serious' vulnerability
- Investigation ongoing in reported multimillion member Adult FriendFinder breach
- Report: $19M breach settlement between MasterCard, Target terminated
- FTC gives thumbs up to companies that cooperate during breach probes