Tech CenterAdvanced Threats Commentary
-
Exploit Devs At Risk: The Nuclear Scientists Of The Next Decade?
April 30, 2013 By Tom Parker
Will a nations exploit developers become the potential targets of state-sponsored assassinations in the future, much like the nuclear scientists of the past century?
-
Got Attitude?
March 31, 2013 By Tom Parker
Attack attitude: Does China really not care about attribution?
-
Threat Intel Disclosure for Profit, or Progress?
February 28, 2013 By Tom Parker
Tom Parker weighs the pros and cons of Mandiant's recent intelligence disclosure.
-
Combatting Advanced Threats In 2013 Through Basics
January 28, 2013 By Tom Parker
Focus on fixing the problems of a past generation before focusing on the next
-
Supply Chain Woes: Human Error Or Something Else Entirely?
October 28, 2012 By Tom Parker
How easy are plausibly deniable bugs really introduced to the supply chain, and are recent fears concerning foreign technologies more hype than fact?
-
Attacking SCADA And Relative Cost Of Entry
July 19, 2012 By Tom Parker
SCADA technologies have been increasingly targeted by shadowy adversaries: Does that mean impending doom?
-
Flame: Reading Between The Ones And Zeros
June 23, 2012 By Tom Parker
As more information about Flame is revealed, let's consider what we might infer from Flame's composition
-
State-Sponsored Backdoor Or Programming Faux Pas?
May 31, 2012 By Tom Parker
Backdoor in Android-based handsets sponsor, bad programming, or a #win for Apple's stringent application QA process?
-
2012 U.S. Election And Targeted Attack Predictions
April 22, 2012 By Tom Parker
How the increased level and sophistication of of targeted attacks since 2008 may impact this year's U.S. Presidential election campaigns
-
Doing Tech Evangelism Right
March 08, 2012 By Gadi Evron
Kaspersky Lab's public request for help on an unsolved mystery surrounding Duqu serves as a case study about the power of technology evangelism
-
RSA Conference, One Year Later
February 27, 2012 By Tom Parker
How I hope history has reshaped this year's RSA Conference one year after one of the most significant breaches in the past decade
-
Between Source Code And Cyanide
February 09, 2012 By Tom Parker
What the Symantec source-code leak really means
-
2012 Will Be The Year Of The...
January 11, 2012 By Tom Parker
After a rough 2011 for many large organizations, here's a look at what the world of advanced threats will bring in 2012
-
Debunking The Conficker-Iranian Nuclear Program Connection
December 04, 2011 By Tom Parker
Recent claims allude to Conficker-Stuxnet relationship, but are they really credible?
-
Testing Your Endpoints Against Advanced Threats
November 02, 2011 By Tom Parker
Why your pen-test efforts probably aren't preparing you for the worst by testing endpoint resilience
-
Advanced Threats And Scenario-Based Penetration Testing
October 12, 2011 By Tom Parker
Why your pen-test efforts probably aren't preparing you for the worst
-
Advanced Exploitation Of Flash Vulnerability In The Wild
June 19, 2011 By Tom Parker
New Flash exploit is extremely effective against the security technologies that many depend on for shelter -- is this a sign of things to come?
-
A Tale Of Two Hacks
May 31, 2011 By Tom Parker
The similarities and differences in the Lockheed and RSA attacks
-
Scareware Is Evolving
May 24, 2011 By Tom Parker
That's right -- scareware is still proving an effective way for threat actors to make quick cash on the Internet
-
Success, Failure And The Advanced Threat
May 16, 2011 By Tom Parker
You can't judge the sophistication of an attack by its success or failure
-
A Not-So Targeted Targeted Attack
April 25, 2011 By Tom Parker
RSA was likely among several targets associated with a broader campaign that was designed to seek out industrial secrets
-
The Public Key Infrastructure Under Siege
April 04, 2011 By Tom Parker
The abuse of certificates in the Stuxnet and Comodo attacks should come as no surprise given the flawed trust model
-
Dark Reading Launches New Tech Center On Advanced Threats
March 13, 2011 By Tim Wilson
New subsite will offer more in-depth news coverage, analysis on next-generation threats
Dark Reading Reports
-
Advanced Persistent Threats: The New Reality
For most organizations, the imminent danger that advanced persistent threats pose has been relatively low. That's changing as attackers' target base widens, their knowledge grows and their cyber weapons trickle down to the hacker masses. In this Dark Reading report, we examine the current APT landscape and provide recommendations for protecting your organization against this growing concern.
-
Trends In Mobile Device Threats
While there's some debate about the level of threat mobile devices pose, there's no question that the threat is growing. With readily available information about the devices in use, and often few corporate safeguards in place, mobile devices are turning out to be a lucrative vector for attackers looking for an in to enterprise networks. In this Dark Reading report, we explain how the threat is growing, what attackers are targeting and why you need to be concerned.
-
Heading Off Advanced Social Engineering Attacks
Social engineering attacks are getting increasingly sophisticated, but there's only so much the law and technology can do to protect your organization. In this Dark Reading report, we detail how a social engineering attack is developed and what IT professionals can do to prevent their users from being targets and victims.
- How Cybercriminals Choose Their Targets And Tactics
- How to Detect Zero-Day Malware And Limit Its Impact
- Lessons Learned From Duqu
- Rooting Out Sophisticated Malware
- How Did They Get In? A Guide to Tracking Down The Source of an APT
- Detecting and Defending Against Advanced Persistent Threats
- Smarter, Stealthier, Sneakier Malware
Other reports from the Advanced Threats | Commentary Tech Center:
Related Content
-
The Rising Threat of Corporate Cybercrime: Cybercriminal Motives and Methods
Cybercriminals are leveraging vulnerabilities of the Internet, browsers, operating systems, and applications to secretly and proficiently gain access to corporate information assets. Compromising employee endpoints with malware has become the preferred method; a far simpler path into the corporate network than a direct network attack. Our latest white paper discusses the cybercriminal motives and methods, and presents the need for Enterprises to recognize this growing danger and implement technologies that effectively prevent malware, the root cause of cybercrime.
-
Evolving Endpoint Malware Detection, Dealing with Advanced and Targeted Attacks
Advanced malware targeting employee endpoints is a major threat to corporate intellectual property, regulated data and financial assets. Perimeter and traditional endpoint defenses are struggling to meet this emerging threat in the face of a changing IT landscape: desktop virtualization, remote access, BYOD and Cloud migration. This whitepaper explains how advanced malware challenges traditional defenses to take advantage of the increased exposure of employee endpoints. It review's the evolution of advanced targeted attacks, the various approaches used to address them and how organizations should think about their current and future malware defense strategy.
-
Zero-Day Exploits and APTs: Security Requirements vs. Operational Challenges
Enterprises are losing the battle against advanced, information-stealing malware attacks. We continuously discover new application vulnerabilities which are quickly exploited by cybercriminals. Traditional blacklisting solutions don't work, and more advanced whitelisting-solutions are unmanageable. How do you overcome the manageability and operational challenges of advanced malware protection?
In this webinar, guest speaker Rick Holland, senior analyst serving Security & Risk Professionals at Forrester Research, Inc., will discuss the security and operational challenges associated with advanced malware protection. Rick will review the technical and operational requirements organizations should consider when looking to prevent and mitigate advanced malware. Dana Tamir, Director of Product Management at Trusteer, will then introduce Trusteer Apex which applies a new groundbreaking approach for stopping zero-day exploits and data exfiltration.
Free Research and Reports
Whitepapers
Upcoming Events
Dark Reading Digital Magazine
In This Issue
- The Future Of Web Authentication: Password technology is out of steam. We need safer ways to prove who's who online.
- Rethink ID Management: If the technology continues to improve, it might soon be OK for all of us to be one person on the Web.