Advanced Persistent Threats

IPS grows up

IPS grows up

By

The intrusion prevention system is a mainstay of any organization's perimeter-focused security infrastructure, but its days may be numbered as a standalone technology. Yet, its purpose lives on.

The good, bad and ugly

The good, bad and ugly

While some instances of Stuxnet and Duqu found their way into seemingly unplanned locations, the majority of occurrences were localized to targeted systems.

Mac espionage trojan targets Uighur activists

By

The Uighur Muslim minority group is being targeted in a new APT campaign that targets Mac users and is difficult to detect.

Podcast: Never mind Flame, IXESHE is sophisticated

Podcast: Never mind Flame, IXESHE is sophisticated

By

Tom Kellermann, vice president of cyber security at Trend Micro, joined me on the SC Magazine podcast to discuss an APT campaign known as IXESHE, which is going after sensitive targets from Asia to Germany. But its command-and-control infrastructure really is what makes it special.

Are security basics getting lost under the cover of cloud and mobile?

Are security basics getting lost under the cover of cloud and mobile?

Be wary of vendor messaging in light of today's threats, as it may be misguided. Organizations can cope with the latest concerns by applying tried-and-true security best practices.

Trojan targets Tibetan activist groups that use Macs

By

Researchers have uncovered a rare instance of so-called espionage malware for the Mac OS X platform.

Do you need to worry about the advanced persistent threat?

Do you need to worry about the advanced persistent threat?

Yes, advanced persistent threats are stealthy and difficult to stop, but organizations should remember that the most common attack type facing them is mass malware.

Microsoft to scale up its threat intelligence sharing

By

Microsoft plans to make available a real-time feed containing data on cyber attacks to help other organizations protect its customers.

Your security will fail, but is this the right attitude?

Your security will fail, but is this the right attitude?

IT professionals wishing to protect their systems from sophisticated attacks are receiving mixed messages of how to combat the problem. Their confusion is understandable, but the most important takeaway message is to not accept failure.

Would the United States win a cyberwar?

Cyberthreats are increasing, but can be mitigated with a concerted effort at educating as many people as possible.

Advanced persistent threats call for a reality check

Advanced persistent threats call for a reality check

Before seeking out help from vendors in dealing with the advanced persistent threat, security professionals must understand exactly what defines such an attack.

Kaspersky says McAfee report is all bark and no bite

By

McAfee is dealing with another round of industry disparagement over its "Shady RAT" report, which chronicled a five-year-long hacking campaign.

Lawmaker requests McAfee briefing to discuss Shady RAT

By

A California congresswoman has requested a meeting with McAfee's head researcher and his team following the security company's release last week of a 14-page report chronicling a persistent hacking campaign affecting some 50 U.S. organizations.

Tracing the advanced persistent threat: Interview with Joe Stewart

By

While McAfee's recently released "Shady RAT" report concentrated on the victims of a mass cyberespionage ring, another researcher has decided to focus his attention on the adversaries behind such attacks. In a video recorded last week at the Black Hat conference in Las Vegas, Joe Stewart of Dell SecureWorks explains how he was able to trace 60 families of custom malware thanks to error messages yielded by a "connection bouncer" tool used by the hackers to hide their tracks, but which inadvertently pointed back to about a dozen command-and-control centers hosted by ISPs in China. Two of the malware families are known to have been used in the RSA SecurID breach. "It gives you a better line on attribution," Stewart told SCMagazineUS.com.

Crooks opt for spear phishing despite higher upfront cost

By

Cybercriminals are scrapping widespread malicious email campaigns for more targeted attacks, according to a new Cisco report.

Flash exploits might signal APT activity

By

An Adobe Flash vulnerability that was fixed this week is being leveraged in widespread but targeted drive-by downloads and spear phishing attacks.

SC Congress Canada: RSA security architect discusses SecurID breach

By

The security architect of RSA offered a candid account of the SecurID breach during a session Wednesday at SC Congress Canada in Toronto.

Lockheed admits to hack that may portend more breaches

By

There remain more questions than answers after defense contractor Lockheed Martin over the weekend disclosed that its systems had been successfully breached.

The security industry needs fewer touchdowns, more interceptions

By

There's an old adage in sports that defense wins championships. The information security industry may need to become more familiar with it.

Itself a customer, EMC buys NetWitness for network analysis

By

EMC has acquired NetWitness, a fast-growing network monitoring and analysis firm that caters to a slew of Fortune 100 and government customers.

Flash zero-day, social engineering enable RSA SecurID hack

By

The breach of RSA's intellectual property related to its SecurID products appears to be a classic case of social engineering and network pivoting.

Cyberthreats: A long haul

By

Enterprises are under constant seige from cyberthreats that continue to evolve to new levels of sophistication, reports Deb Radcliff.

Sign up to our newsletters

POLL