News
3/20/2014
07:45 AM
Connect Directly
Twitter
Twitter
RSS
E-Mail
50%
50%

Stop Targeted Attackers

All cyber-attackers aren't equal. Focus more attention on exploits made just for you

Not so long ago, the main threats in cyber-security were random: viruses and worms that crawled across the entire Internet, or malware buried in spammy email blasts. Enterprises coped with the problem with protective screens that recognized and blocked these random attacks, as an umbrella keeps off the rain.

Today, the most dangerous attacks are no longer random. They are targeted specifically to steal or damage data from a specific organization, or even from specific systems and people in that organization. The targets aren't always large companies or government agencies; targeted attacks can be launched against government contractors, media firms, or even small businesses. Targeted attacks are the attack vector of choice for sophisticated cyber-criminals, and against certain exploits, existing enterprise defenses are about as effective as an umbrella against a surprise Super Soaker attack.

Targeted attackers sometimes spend months, even years, scouting their targets. They'll probe for weaknesses and pinpoint vulnerabilities that can be used in a tailored attack. That first vulnerability may get them the crown jewels right away, but typically, targeted attacks are a multistep process. Attackers start by gaining a foothold in the target's infrastructure. Once inside, they'll quietly scope out the network, looking for further points of attack and ways to access specific information.

Read the full article here.

Have a comment on this story? Please click "Discuss" below. If you'd like to contact Dark Reading's editors directly, send us a message. Ericka Chickowski specializes in coverage of information technology and business innovation. She has focused on information security for the better part of a decade and regularly writes about the security industry as a contributor to Dark Reading.  View Full Bio

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Dark Reading December Tech Digest
Experts weigh in on the pros and cons of end-user security training.
Flash Poll
10 Recommendations for Outsourcing Security
10 Recommendations for Outsourcing Security
Enterprises today have a wide range of third-party options to help improve their defenses, including MSSPs, auditing and penetration testing, and DDoS protection. But are there situations in which a service provider might actually increase risk?
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-2037
Published: 2014-11-26
Openswan 2.6.40 allows remote attackers to cause a denial of service (NULL pointer dereference and IKE daemon restart) via IKEv2 packets that lack expected payloads. NOTE: this vulnerability exists because of an incomplete fix for CVE 2013-6466.

CVE-2014-6609
Published: 2014-11-26
The res_pjsip_pubsub module in Asterisk Open Source 12.x before 12.5.1 allows remote authenticated users to cause a denial of service (crash) via crafted headers in a SIP SUBSCRIBE request for an event package.

CVE-2014-6610
Published: 2014-11-26
Asterisk Open Source 11.x before 11.12.1 and 12.x before 12.5.1 and Certified Asterisk 11.6 before 11.6-cert6, when using the res_fax_spandsp module, allows remote authenticated users to cause a denial of service (crash) via an out of call message, which is not properly handled in the ReceiveFax dia...

CVE-2014-7141
Published: 2014-11-26
The pinger in Squid 3.x before 3.4.8 allows remote attackers to obtain sensitive information or cause a denial of service (out-of-bounds read and crash) via a crafted type in an (1) ICMP or (2) ICMP6 packet.

CVE-2014-7142
Published: 2014-11-26
The pinger in Squid 3.x before 3.4.8 allows remote attackers to obtain sensitive information or cause a denial of service (crash) via a crafted (1) ICMP or (2) ICMP6 packet size.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Now that the holiday season is about to begin both online and in stores, will this be yet another season of nonstop gifting to cybercriminals?