360° SearchNetwork Hot Spots Trends Time Series

Publication: Securosis Highlights

First reported 9 hours ago - Updated 9 hours ago - 1 reports

Awareness Training Extends to the Top

Interesting article on the boardmember.com site by Trustwave’s Nicolas Percoco describing a targeted attack at a senior executive. Who’d a thunk sites catering to board members (and other mahogany row folks) would be publishing stuff from security ... [Published Securosis Highlights - 9 hours ago]

Entities: Malware, Security, Trustwave, Mike Rothman, Zero-day Attacks

First reported May 17 2013 - Updated May 17 2013 - 1 reports

Napster

This Botnet is No Pushdo-ver

In our recent little ditty on Network-based Threat Intelligence , we mentioned a bit about how resilience has become a major area of focus for command and control networks. The recent rising of the Pushdo botnet from the ashes for the fourth time ... [Published Securosis Highlights - May 17 2013]

Entities: Botnet, Malware, C2 Command & Control, Mike Rothman, Napster

First reported May 17 2013 - Updated May 17 2013 - 1 reports

A Friday Summary from Boulder: May 17, 2013

They say you can’t go home. What a load of garbage. You can totally go home (unless you’re from Fukushima or Chernobyl). In fact I am writing this week’s Summary in Boulder, Colorado – on a three-week trip to catch up with old friends, play hipster ... [Published Securosis Highlights - May 17 2013]

Entities: GRC, Securosis, Adrian Lane, Mike Rothman, Threat Intelligence

First reported May 17 2013 - Updated May 17 2013 - 1 reports

The Perimeter Won’t Be Rebuilt Overnight

It’s easy to believe the hype. You know, that NGFW (next generation firewall) devices will take over the perimeter tomorrow. Get on the bandwagon now, before it’s too late. And the anecdotal evidence leads you in this direction as well. You see the ... [Published Securosis Highlights - May 17 2013]

Entities: Next-Generation Firewall, Network Security, Mike Rothman

First reported May 16 2013 - Updated May 16 2013 - 1 reports

Network-based Malware Detection 2.0: Advanced Attackers Take No Prisoners

It was simpler back then. You know, back in the olden days of 2003. Viruses were predictable, your AV vendor could virus signatures to catch malware, and severe outbreaks like Melissa and SQL*Slammer were based on brittle operating systems and poor patching ... [Published Securosis Highlights - May 16 2013]

Entities: Malware, Security, Blacklisted

First reported May 15 2013 - Updated May 15 2013 - 1 reports

Boundaries won’t help GRC

Amen to our buddy Paul Proctor, who starts a post, Why I hate the term GRC , with “GRC is the most worthless term in the vendor lexicon.” I couldn’t agree more. 10 years later I still don’t know what it means. Besides everything, as Paul explains: ... [Published Securosis Highlights - May 15 2013]

Entities: GRC, Paul Proctor, Mike Rothman

First reported May 15 2013 - Updated May 15 2013 - 1 reports

Incite 5/15/2013: Fraud Hits Close to Home

We are in the school year endgame right now. The kids will be done for the year in 10 days, and then summer officially begins. It is a frantic time in our house – the kids head off for camp in mid-June and we take family vacations before then. There ... [Published Securosis Highlights - May 15 2013]

Entities: Internet Fraud, Security, Big Data

First reported May 14 2013 - Updated May 14 2013 - 1 reports

The Onion Hack Brings Tears to My Eyes

OK, not really. But as Rich pointed out in last week’s Incite ( Truth is stranger than satire ), the Onion getting hacked and then the hackers posting stuff that seemed very Onion-like was one step short of crossing the streams . In less than true ... [Published Securosis Highlights - May 14 2013]

Entities: Phishing, Mike Rothman, Twitter, Two Factor Authentication

First reported May 10 2013 - Updated May 10 2013 - 1 reports

Bloomberg Pulls a News Corp on Goldman

From the New York Post (of all places): Goldman later learned that Bloomberg staffers could determine not only which of its employees had logged into Bloomberg’s proprietary terminals but how many times they had used particular functions, insiders ... [Published Securosis Highlights - May 10 2013]

Entities: News Corporation, Business Strategy, Insider

First reported May 10 2013 - Updated May 10 2013 - 1 reports

$45M Heist Used a 5 Year Old (at least) Technique

Big news, big money, as hackers stole $45M in a flash attack . They hack into the bank system, focus on debit and pre-paid cards that lack the usual credit card anti-fraud detection, then make massive, rapid withdrawals using mules scattered around ... [Published Securosis Highlights - May 10 2013]

Entities: Computer Hacker, ATM Crime, Verizon Communications Inc, Vulnerability, Illustrator

First reported May 10 2013 - Updated May 10 2013 - 1 reports

Database Breach Results in $45M Theft

Big news today is the hack against banking systems to pre-authenticate thousands of ATM and pre-paid debit cards. In essence attackers modified debit card databases in several middle-eastern banks, then leveraged their virtual cards into cash. From ... [Published Securosis Highlights - May 10 2013]

Entities: Database, Theft, Adrian Lane, Debit Card, Sri Lanka

First reported May 09 2013 - Updated May 09 2013 - 1 reports

Security Earnings Season in Full Swing

Most folks think you need to be a day trading financial junkie to have any interest in quarterly earnings releases and/or conference call transcripts. But in fact, you can learn a lot from following the results of your strategic security vendors and ... [Published Securosis Highlights - May 09 2013]

Entities: Imperva Inc, Security, Qualys Inc

More Content

sort by: Date \| Relevance
Awareness Training Extends to the Top [Published Securosis Highlights - 9 hours ago]
This Botnet is No Pushdo-ver [Published Securosis Highlights - May 17 2013]
A Friday Summary from Boulder: May 17, 2013 [Published Securosis Highlights - May 17 2013]
The Perimeter Won’t Be Rebuilt Overnight [Published Securosis Highlights - May 17 2013]
Network-based Malware Detection 2.0: Advanced A... [Published Securosis Highlights - May 16 2013]
Boundaries won’t help GRC [Published Securosis Highlights - May 15 2013]
Incite 5/15/2013: Fraud Hits Close to Home [Published Securosis Highlights - May 15 2013]
The Onion Hack Brings Tears to My Eyes [Published Securosis Highlights - May 14 2013]
Bloomberg Pulls a News Corp on Goldman [Published Securosis Highlights - May 10 2013]
$45M Heist Used a 5 Year Old (at least) Technique [Published Securosis Highlights - May 10 2013]
Database Breach Results in $45M Theft [Published Securosis Highlights - May 10 2013]
Security Earnings Season in Full Swing [Published Securosis Highlights - May 09 2013]
IaaS Encryption: How to Choose [Published Securosis Highlights - May 09 2013]
McAfee Gets Some NGFW Stones [Published Securosis Highlights - May 08 2013]
Incite 5/8/2013 - One step at a time [Published Securosis Highlights - May 08 2013]
IaaS Encryption: Object Storage [Published Securosis Highlights - May 07 2013]
Finger-pointing is step 1 of the plan [Published Securosis Highlights - May 07 2013]
Some (re)Assembly required [Published Securosis Highlights - May 07 2013]
The CISO’s Guide to Advanced Attackers: Evolvin... [Published Securosis Highlights - May 06 2013]
2FA isn’t a big enough gun [Published Securosis Highlights - May 05 2013]
Now China is Stealing Our Porn [Published Securosis Highlights - May 03 2013]
The CISO’s Guide to Advanced Attacker: Breaking... [Published Securosis Highlights - May 03 2013]
Friday Summary: May 3, 2013 [Published Securosis Highlights - May 03 2013]
Off topic: Cycling is the new golf [Published Securosis Highlights - May 02 2013]
Malware string in iOS app interesting, but prob... [Published Securosis Highlights - May 02 2013]
Getting Logstalgic [Published Securosis Highlights - May 02 2013]
IaaS Encryption: External Key Manager Deploymen... [Published Securosis Highlights - May 01 2013]
Security Analytics with Big Data: Use Cases [Published Securosis Highlights - May 01 2013]
Incite 5/1/2013 - Trailblazing Equality [Published Securosis Highlights - May 01 2013]
IaaS Encryption: Encrypting Entire Volumes [Published Securosis Highlights - Apr 30 2013]

Blogs

sort by: Date \| Relevance
Awareness Training Extends to the Top [Published Securosis Highlights - 9 hours ago] Interesting article on the boardmember.com site by Trustwave’s Nicolas Percoco describing a targeted attack at a senior executive. Who’d a thunk sites catering to board members (and other mahogany row folks) would be publishing stuff from security ...
This Botnet is No Pushdo-ver [Published Securosis Highlights - May 17 2013] In our recent little ditty on Network-based Threat Intelligence , we mentioned a bit about how resilience has become a major area of focus for command and control networks. The recent rising of the Pushdo botnet from the ashes for the fourth time ...
A Friday Summary from Boulder: May 17, 2013 [Published Securosis Highlights - May 17 2013] They say you can’t go home. What a load of garbage. You can totally go home (unless you’re from Fukushima or Chernobyl). In fact I am writing this week’s Summary in Boulder, Colorado – on a three-week trip to catch up with old friends, play hipster ...
The Perimeter Won’t Be Rebuilt Overnight [Published Securosis Highlights - May 17 2013] It’s easy to believe the hype. You know, that NGFW (next generation firewall) devices will take over the perimeter tomorrow. Get on the bandwagon now, before it’s too late. And the anecdotal evidence leads you in this direction as well. You see the ...
Network-based Malware Detection 2.0: Advanced A... [Published Securosis Highlights - May 16 2013] It was simpler back then. You know, back in the olden days of 2003. Viruses were predictable, your AV vendor could virus signatures to catch malware, and severe outbreaks like Melissa and SQL*Slammer were based on brittle operating systems and poor patching ...