Tech Center Advanced Threats
Dark Reading's Advanced Threats Tech Center is your gateway to a deeper, more technical level of news and analysis on the newest and most sophisticated cybersecurity threats. Written for security and IT professionals, the Advanced Threats Tech Center is designed to provide in-depth information and perspective on next-generation attacks, exploits, and vulnerabilities, as well as recommendations on how to stop them.
Featured Commentary
-
Tom ParkerExploit Devs At Risk: The Nuclear Scientists Of The Next Decade?
Will a nations exploit developers become the potential targets of state-sponsored assassinations in the future, much like the nuclear scientists of the past century?
News
-
'Commercialized' Cyberespionage Attacks Out Of India Targeting U.S., Pakistan, China, And Others
Operation Hangover signals new franchise model in cyberespionage with cyberspying services for hire
-
Mass Customized Attacks Show Malware Maturity
The malware universe is typically divided into targeted attacks and mass, opportunistic attacks, but a middle category -- mass customized malware -- poses a more serious threat for business
-
New Algorithm Lets SCADA Devices Detect, Deflect Attacks
Embedded software prototype operates under the 'new normal' that many SCADA environments have already been breached
-
Advanced Persistent Threats: The New Reality
Once rare and sophisticated, the APT is now becoming a common attack. Is your organization ready?
-
Senate Bill Calls For 'Watch List' Of Nations Cyberspying On U.S., Trade Sanctions
China faces increasing political pressure from the U.S. to curb its cyberespionage activity, but legislation not certain
More Stories
- Five Habits Of Highly Successful Malware
- Chinese Cyberespionage: Brazen, Prolific, And Persistent
- Possible Exploit Avenue Discovered For DarkLeech Web Server Attacks
- Time To Dump Antivirus As Endpoint Protection?
- 'Magic' Malware Uses Custom Protocol And A 'Magic Code' Handshake
By The Numbers
Flashback Trojan Hits U.S. Macs Hardest
The U.S., Canada and the United Kingdom accounted for about two-thirds of all Mac OS X systems infected with the Flashback Trojan, which used a flaw in Java to spread. Like Conficker, the attack used pseudo-random domain generation to connect back to command-and-control servers.
Source: Symantec
Commentary
-
Exploit Devs At Risk: The Nuclear Scientists Of The Next Decade?
By Tom Parker
Will a nations exploit developers become the potential targets of state-sponsored assassinations in the future, much like the nuclear scientists of the past century?
-
-
Who Supplies CyberBunker?
The hosting company behind CyberBunker, the company allegedly behind the DDOS attacks on Spamhaus, connects to the Internet through other providers. Perhaps the only way to pressure those responsible for the attacks is to put pressure on the upstream providers
-
You've Been Hacked, But For How Long?
One of the big themes at the recent RSA Conference was awareness of threats already inside the network. The way you learn about these threats and lower your ‘Mean Time To Know’ (MTTW) about an intrusion is with profile-based network monitoring
-
Threat Intel Disclosure for Profit, or Progress?
By Tom Parker
Tom Parker weighs the pros and cons of Mandiant's recent intelligence disclosure.
Around the Web
- How To Spoof Your Facebook App - Break Security
- How to hack an electric car-charging station
- Critical Linux vulnerability imperils users, even after “silent” fix
- Phoenix Exploit Kit Author Arrested In Russia? — Krebs on Security
- That Facebook Account Hijack Vulnerability Is Still Dangerous. Here's Why.
Dark Reading Reports
-
Advanced Persistent Threats: The New Reality
For most organizations, the imminent danger that advanced persistent threats pose has been relatively low. That's changing as attackers' target base widens, their knowledge grows and their cyber weapons trickle down to the hacker masses. In this Dark Reading report, we examine the current APT landscape and provide recommendations for protecting your organization against this growing concern.
-
Trends In Mobile Device Threats
While there's some debate about the level of threat mobile devices pose, there's no question that the threat is growing. With readily available information about the devices in use, and often few corporate safeguards in place, mobile devices are turning out to be a lucrative vector for attackers looking for an in to enterprise networks. In this Dark Reading report, we explain how the threat is growing, what attackers are targeting and why you need to be concerned.
-
Heading Off Advanced Social Engineering Attacks
Social engineering attacks are getting increasingly sophisticated, but there's only so much the law and technology can do to protect your organization. In this Dark Reading report, we detail how a social engineering attack is developed and what IT professionals can do to prevent their users from being targets and victims.
- How Cybercriminals Choose Their Targets And Tactics
- How to Detect Zero-Day Malware And Limit Its Impact
- Lessons Learned From Duqu
- Rooting Out Sophisticated Malware
- How Did They Get In? A Guide to Tracking Down The Source of an APT
- Detecting and Defending Against Advanced Persistent Threats
- Smarter, Stealthier, Sneakier Malware
Other reports from the Advanced Threats Tech Center:
Related Content
-
The Rising Threat of Corporate Cybercrime: Cybercriminal Motives and Methods
Cybercriminals are leveraging vulnerabilities of the Internet, browsers, operating systems, and applications to secretly and proficiently gain access to corporate information assets. Compromising employee endpoints with malware has become the preferred method; a far simpler path into the corporate network than a direct network attack. Our latest white paper discusses the cybercriminal motives and methods, and presents the need for Enterprises to recognize this growing danger and implement technologies that effectively prevent malware, the root cause of cybercrime.
-
Evolving Endpoint Malware Detection, Dealing with Advanced and Targeted Attacks
Advanced malware targeting employee endpoints is a major threat to corporate intellectual property, regulated data and financial assets. Perimeter and traditional endpoint defenses are struggling to meet this emerging threat in the face of a changing IT landscape: desktop virtualization, remote access, BYOD and Cloud migration. This whitepaper explains how advanced malware challenges traditional defenses to take advantage of the increased exposure of employee endpoints. It review's the evolution of advanced targeted attacks, the various approaches used to address them and how organizations should think about their current and future malware defense strategy.
-
Zero-Day Exploits and APTs: Security Requirements vs. Operational Challenges
Enterprises are losing the battle against advanced, information-stealing malware attacks. We continuously discover new application vulnerabilities which are quickly exploited by cybercriminals. Traditional blacklisting solutions don't work, and more advanced whitelisting-solutions are unmanageable. How do you overcome the manageability and operational challenges of advanced malware protection?
In this webinar, guest speaker Rick Holland, senior analyst serving Security & Risk Professionals at Forrester Research, Inc., will discuss the security and operational challenges associated with advanced malware protection. Rick will review the technical and operational requirements organizations should consider when looking to prevent and mitigate advanced malware. Dana Tamir, Director of Product Management at Trusteer, will then introduce Trusteer Apex which applies a new groundbreaking approach for stopping zero-day exploits and data exfiltration.
Free Research and Reports
Whitepapers
Upcoming Events
Dark Reading Digital Magazine
In This Issue
- The Future Of Web Authentication: Password technology is out of steam. We need safer ways to prove who's who online.
- Rethink ID Management: If the technology continues to improve, it might soon be OK for all of us to be one person on the Web.