All News

How To Detect And Root Out Sophisticated Malware  May 24, 2012
New report offers insights on excising that hard-to-detect malware

Malware 'Licensing' Could Stymie Automated Analysis  May 22, 2012
The use of encryption and digital-rights management techniques by the authors of malicious code could make automated analysis of malware take longer and require human intervention more often

SCADA/Smart-Grid Vendor Adopts Microsoft's Secure Software Development Program  May 16, 2012
Meanwhile, utilities lag when it comes to cyberattack preparedness and risk management at the executive and board level

Cyberspies Target Victims Via 'Strategic' Drive-by Website Attacks  May 15, 2012
Cyberespionage attackers more and more are injecting specific, legitimate websites with malware in hopes of snaring victims with common interests -- most recently, human rights organizations

Targeted Attack Infiltrates At Least 20 Companies  May 08, 2012
Attackers conducted a sustained espionage campaign against a score of private- and public-sector targets with links to policies of interest to China

IBM Profiles The New CSO, Security Exec  May 04, 2012
Infosec leaders say their role in the business is maturing, with roughly three-fourths now doing more than just responding to breaches and handling compliance, a new survey reveals

Advanced Attacks Call For New Defenses  April 30, 2012
With conventional wisdom now that 'advanced attacks happen,' has the time come to create the next-generation sandbox or other containment method?

Iranian Cyberthreat To U.S. A Growing Concern  April 26, 2012
'Seismic shift' in Iran's cyberstrategy, but the U.S. is lacking an official strategy for response and offense, experts tell Congress

Microsoft: Conficker Worm Remains 'Ongoing' Threat  April 25, 2012
Three-year-old 'dead' Windows worm infection is still spreading -- mainly via weak or stolen passwords, new Microsoft report says

Security Teams Need Better Intel, More Offense  April 24, 2012
Adversaries go through five steps to prepare and execute an attack, but defenders only react to the last two steps. It's time for defenders to add intelligence gathering, counter intel, and even offense to the game, security experts say

Iran: Oil Industry Hit By Malware Attack  April 23, 2012
Deja vu all over again as Iranian government-owned systems reportedly targeted by a 'worm'

Apple Mac Attack Began With Infected WordPress Sites  April 19, 2012
Meanwhile, researchers await a possible Flashback comeback by the botnet operators

Anonymous Must Evolve Or Break Down, Say Researchers  April 19, 2012
The movement started as an Internet meme and grew into a complex and chaotic community. Security experts argue that the Anonymous brand is now in danger of imploding

How Did They Get In? A Guide To Tracking Down The Source Of An APT  April 18, 2012
Advanced persistent threats can be complex and sophisticated. Here are some tips on how to analyze them

DOE Lab Releases Open-Source Attack Intelligence Tool  April 17, 2012
Pacific Northwest National Laboratory offers up, continues to build out a tool that drills down into the processes and apps employed by the bad guys

Botnet Takedowns Can Incur Collateral Damage  April 16, 2012
Microsoft Zeus botnet case demonstrates risks, challenges associated with takedowns when multiple groups are tracking the same botnet

Controversy Erupts Over Microsoft's Recent Takedown Of A Zeus Botnet  April 12, 2012
Dutch researchers accuse Microsoft of mishandling the recent Zeus botnet takedown and hurting other investigations- - but others defend Microsoft's operation as thorough

Malware Encryption Efforts Mixed, But Getting Stronger  April 10, 2012
Russian botnets mostly use crypto, Chinese attacks mostly don't, but attack analysis finds that the bad guys are increasingly using better encryption

Zeus Trojan Targets Online Payroll Services Providers  April 10, 2012
New attack could be used for paying money mules from victimized corporate accounts

It's (Already) Baaack: Kelihos Botnet Rebounds With New Variant  March 29, 2012
Botnet hunters debate whether Kelihos/Hlux operators can reclaim rescued bots

China Hacked RSA, U.S. Official Says  March 29, 2012
And RSA official responds to Gen. Keith Alexander's telling Congress this week that Chinese attackers were behind the SecurID breach last year

Malware To Increasingly Abuse DNS?  March 27, 2012
Many companies do not scrutinize their domain-name service traffic, leaving an opening for malware to communicate using the protocol

Microsoft, Financial Partners Seize Servers Used In Zeus Botnets  March 26, 2012
Most Zeus operations still untouched, but a noticeable dip in Zeus botnet activity spotted by one botnet-monitoring organization

New Botnet Emanates From Republic Of Georgia, Researchers Say  March 21, 2012
Win32/Georbot steals documents, hides from anti-malware scanners

Duqu Alive And Well: New Variant Found In Iran  March 21, 2012
Researchers at Symantec dissect part of new, retooled version of the reconnaissance-gathering malware

Advanced Threats Reports

Rooting Out Sophisticated Malware
As malware gets increasingly sophisticated, so, too, must the technology and strategies we use to detect and eradicate it (or, better yet, stop it before it ever makes it onto network systems). There is no one product or product category that can do the job alone. Instead, security professionals must become familiar with--and adept at using--a combination of technologies. Security pros must also become skilled at connecting the dots among sometimes innocuous-seeming events to root out trouble. In this report, we examine the tools, technologies and strategies that can ease some of the burden.

How Did They Get In? A Guide to Tracking Down The Source of an APT
If you think that your organization hasn't been affected by an advanced persistent threat, you probably haven't looked hard enough. Identifying that your organization is under attack is difficult enough; determining the scope of infiltration and damage presents a whole new level of challenge. To effectively protect against APTs, security pros will need to employ an arsenal of tools in a coordinated fashion, as well as develop new understandings of and approaches to system and data exploits. Here's a short and simple guide to this challenge.

Detecting and Defending Against Advanced Persistent Threats
APTs are a growing problem for enterprises big and small. Protecting your organization from these targeted threats requires constant vigilance, ongoing employee training and a concerted effort to align security systems to address every phase of an APT. Companies also need to develop a remediation and response plan if, despite best efforts, defenses are breached.

Other reports from the Advanced Threats Tech Center:

• Smarter, Stealthier, Sneakier Malware
• Secure Software Development Lifecycles: Reducing Risk Throughout the App Dev Process
• Stuxnet Reality Check: Are You Prepared for a Similar Attack?
• Malware War: How Malicious Code Authors Battle to Evade Detection

Advanced Threats Newsfeed

• Lookingglass Announces New Cyber Threat Alert And Warning Capability, CyberHUD
• New Research From Fidelis Security Systems And IANS Shows Heightened Need For Advanced Threat Defense
• McAfee and Intel Announce Critical Infrastructure Protection
• Infrax Systems (IFXY) Launches Smart Grid's SPIDer
• DOD Announces Expansion Of Defense Industrial Base Voluntary Cybersecurity Information Sharing Activities
• Wurldtech Provides Testing Accreditation For Siemens CERT Lab

MORE NEWSFEED >>>