Security Resiliency

Computer security is in the headlines yet again. Last week it was the bash “Shellshock” vulnerability, before that it was the Home Depot credit card breach, and now the news is all about the security breach at JP Morgan. [ed.: And since Dan wrote this post, we’re knee deep in news about the Dairy Queen data breach and the Kmart data breach.] It seems as if IT staffs are briefing senior management on how they are handling the vulnerability of the week. 

> Read More

Stealthy Malware is Never Invisible

New malware identified as ‘Poweliks’ is currently in the news because of its stealthy nature.  The malware does not reside as a file on the disk, rather it is stored in the registry and uses some interesting tricks to execute at startup and remain hidden from system administrators.  The full description of the malware can be found on the G Data blog.

> Read More

People Are Your Last Line of Defense

The increasing numbers of attacks profiled in news reports over the last several months demonstrate that we live in an unsecure world.  The Target breach in particular shows how important a complete cyber security program is to an enterprise network environment.  Target’s security systems generated events from the attack, but the events were not followed up on

> Read More

Defending Against Java

Java offers enterprises the ability to write code once and run it everywhere.  However, this flexibility comes with a high cost: reduced security on endpoints. It has lately gotten so bad that Java has been nicknamed Just Another Vulnerability Announcement. Oracle has been working to produce updates to Java that addresses these vulnerabilities,

> Read More

Hiding Under the Covers

“All warfare is based on deception” – Sun Tzu, The Art of War

Attackers like stealth.  Once they have compromised a system, one of their primary goals is to remain undetected. Initially, attackers used malware with pseudo Windows service names such as svchosts.exe, winlogin.exe, lsasss.exe, and others. Although these names appear to be innocuous,

> Read More