Network Security Trends Posts

Why Critical National Infrastructure Organizations Shouldn’t Overlook DDoS Attacks

On the 1st of November the Department of Homeland Security kicked off its National Critical Infrastructure Security and Resilience Month. The month is aimed at raising awareness on the security issues which surround our critical national infrastructure and providing organizations with best-practice advice on ways to help keep these systems safe from physical and cyber security threats.

Read more

DDoS Attacks Can Interfere with Election Campaigns

With the U.S. 2018 midterm elections less than two weeks away, elections officials and political candidates have reason to be concerned about cybersecurity. Potential targets could include either a state or local election system, or the websites of political candidates, or on voter registration systems.

Read more

California Connected-Devices Bill: Is it enough to Stop IoT Botnets?

It was recently announced that the State of California is introducing new legislation which amongst other requirements, will effectively ban the use of weak passwords on internet-enabled devices. The law will come into force in 2020 and means manufacturers of Internet-of-Things (IoT) devices will no longer be able to program their products with default or generic passwords, which have notoriously been exploited by cybercriminals.

Read more

Juniper Networks Enters into Global Sales Agreement with Corero, and Invests $2.0 Million

Last week Corero was pleased to announce the expansion of our global partnership with Juniper Networks; Juniper signed a multi-year agreement to resell Corero’s distributed denial of service (DDoS) protection software products and services, with Juniper’s MX Series 5G Universal Routing platform. Following closely on the heels of that announcement came yet another piece of good news: Juniper is investing $2.0 million in Corero.

Read more

Instagram – the New Advertising Platform for Botnets

Recent reports have revealed that cybercriminals are using the popular social media site, Instagram, as a marketplace to advertise the rental of Botnets. The advertisements do not make it clear how powerful the botnets are; however, some posts are claiming to provide cheap access to the Mirai botnet, which was behind one of the largest cyberattacks in history.

Read more

Small DDoS Attacks Shouldn’t Be Ignored

Organizations that continue to think of DDoS attacks as just large, long-drawn-out attacks are putting themselves at great risk. Over the past few years, Corero has observed that short sub-saturating DDoS attacks are dominating the threat landscape.

Read more

How DDoS Attacks Impact Businesses Across Industries

There is no doubt that the frequency and sophistication of DDoS attacks targeting various industries around the globe is likely to accelerate in the near future. But, what are the potential consequences of DDoS attacks on your business? This is a question every organisation should ask themselves in today’s dynamic cyber threat landscape, where DDoS attackers continue to look out for more creative techniques to create chaos.

Read more

Study Confirms DDoS Attacks Damage Customer Trust and Erode Confidence

Erosion of customer trust and confidence is the single most damaging consequence of DDoS attacks for businesses, according to a study amongst IT security professionals attending this year’s Infosecurity Europe, conducted by Corero Network Security.

Read more

The Current State of DDoS Attacks: Are They Getting Smarter?

There has been a flurry of DDoS reports in the last few months, highlighting the evolving state of DDoS threats and warning of an upcoming wave of even bigger and more dangerous attacks. The sheer number of vulnerable connected devices out there, combined with the hacker community’s unrelenting ability to find new vulnerabilities to exploit, has significantly increased the potential scale of DDoS attacks.

Read more

10-minute DDoS attacks: A Devil in Disguise

One of the biggest cybersecurity threats most organisations underestimate are short, sub-saturating DDoS attacks. However, they can be just as disruptive as bigger attacks and powerful enough to knock a firewall offline so that the hackers can target, map and infiltrate a network to install malware and engage into data exfiltration.

Read more

How Improving Password Security Helps Protect Against Botnets

The DDoS threat landscape has been transformed by the emergence of Internet of Things botnets. Password hygiene of consumer and industrial IoT devices is often lax leading to easy criminal exploitation and potentially devastating attacks. The exponential growth in the number of IoT connected devices is a key driver in the ever increasing scale of the largest DDoS attacks.

Read more

The Effects of DDoS Attacks on Essential Services

The Effects of DDoS Attacks on Essential Services Public services continue to fall victim to distributed denial of service (DDoS) attacks with many industry experts, including Corero, predicting that this is going to get worse before it gets better. Our collective pessimism is being fuelled by dire warnings from government agencies that Nation...

Read more

DDoS For Hire Industry and its Impact on Source-Based Mitigation Techniques

A lot has been written and said about the DDoS for hire industry over the past few years, with major media publications recently reporting on the takedown of a popular Booter website. With all the hype surrounding this, the focus tends to be on ease of use of these malicious services, however, it is equally important to keep in perspective the...

Read more

Botnet-driven DDoS Attacks Represent a Developing Cyberthreat

Security researchers recently discovered a new variant of the famous Hide and Seek (HNS) botnet, which infected nearly 90,000 unique devices from the time of its discovery at the start of the year. The botnet, the world’s first to communicate via a custom-built peer to peer protocol, has now also become the first IoT malware strain that, under certain conditions, can survive a device reboot and remain on infected devices after the initial compromise.

Read more

Critical Infrastructure Organisations Could Face Huge Fines Under NIS Directive

The NIS Regulations are taking effect and those who operate essential services and industrial control systems will be expected to improve their resilience to today’s cyber threats. We examine how critical infrastructure organisations will respond to the rising threat of cyber-attacks.

Read more

DDoS Attacks Can Cost Organizations $50,000 Per Attack

Corero surveyed over 300 security professionals from a range of industries including financial services, cloud, government, online gaming and media sectors, which revealed that DDoS attacks are costing enterprises up to $50,000 (£35,000) per attack.

Read more

Hajime Botnet Scanning for Vulnerable MikroTik Routers

Security researchers have shared concerns about scans being carried out by a Hajime IoT botnet looking to mass-infect unpatched MikroTik devices. This blog explains what is the Hajime botnet, Botnet herding and how to protect against the threat.

Read more

Critical Infrastructure Under Attack

Security researchers have long shared their concerns about potential cyberattacks on critical infrastructure systems. Over the past few weeks, there have been several reports highlighting the dangers of such attacks.

Read more

The NIS Directive – just how tough is it really?

Over the last few months, UK media outlets have been filled with reports about the series of tough new measures being introduced on 9th May to protect our national critical infrastructure against cyber threats.

Read more

The US Government Vs Botnets

U.S. government agencies are working hard to solve the problem of botnets and other cyber threats, and are asking for input from various stakeholders.

Read more

Corero’s Expertise Effectively Eliminates the Double-Trouble Threat of the Memcached Exploit

We’ve identified an “active defense” countermeasure which neutralizes the problem. In more emotive terms, we have found and implemented the “kill switch” for Memcached.

Read more

Bursts, Waves and DDoS: What You Need to Know

A recent Cisco report found that 42 percent of organizations experienced “burst” distributed denial of service (DDoS) attacks in 2017.

Read more

Minding Your MANRS

Maintaining the resilience and stability of the global Internet requires collaborative efforts between Internet Service Providers (ISPs), government agencies, enterprises, security vendors and end users.

Read more

US and European Agencies Warn about the Risk of International Cyber Threats

Critical infrastructure organizations have to take steps to mitigate the possibility of DDoS and other cyber threats.

Read more

Autosploit: A Marriage Made for DDoS Botnets

On January 30, 2018 a new mass exploitation tool called “Autosploit” was released on Github, a Git repository hosting service.

Read more

Pundits Speculate: Did Russian Hackers Launch DDoS Attacks on Dutch Organizations?

The Dutch national tax office said its website went offline briefly, for 5-10 minutes. Regardless of how long they were under DDoS attack, those afflicted Dutch organizations should also be concerned about a security breach.

Read more

Hackers Targeting 2018 Winter Olympic Games

As cyber threats have evolved and increased, so too has the probability of such attacks on the Games.

Read more

New Malware and Mirai Botnet Variants Pose Significant Threats

There is no shortage of malware on the Dark Web. In particular, during the past week security researchers from various points around the world have been talking about three threats, two of which are variants of the now infamous Mirai botnet code.

Read more

DDoS Protection: a Big Need for Small Business

Cyber criminals will go after anybody who appears to be vulnerable with DDoS attacks that can mask nefarious security breaches. Learn more about why all businesses need to protect against DDoS attacks.

Read more

Spamhaus Project Releases Annual Report, Cites 32% Increase in Number of Botnet Command & Control Servers

The number of botnet Command and Control (C&C) IP addresses has dramatically increased in the past year, according to the 2017 annual report from The Spamhaus Project.

Read more

DHS, DOC Draft Report that Urges Government-Industry Cooperation to Strengthen Cyber Defense

The federal government realizes that it alone cannot manifest the reality of its vision; policies, standards, best practices, regulations and laws can go only so far.

Read more

Cybersecurity Compliance and Resilience

IT security professionals have to worry about defending against ever-evolving cyber threats and, increasingly, the C-suite has to worry about following cybersecurity laws.

Read more

Show Them That Crime Doesn’t Pay; Don’t Surrender to Cyber Extortionists

Ransomware and DDoS attacks are two of the most common and dangerous cyber threats now facing organizations.

Read more

Cyber Security Trends: What to Watch for in 2018

Based on Corero’s visibility into environments dealing with DDoS, we’ve summarized a few of the biggest trends we see on the horizon for 2018.

Read more

Pending Legislation May Allow Cyber Victims to Hack Back

A new piece of legislation proposed in October by U.S. Rep. Tom Graves (R-Ga.) and Rep. Kyrsten Sinema (D-Ariz.) would allow Victims of cyber security attacks to “hack back” at  perpetrators.

Read more

DDoS Attacks Gain Notoriety via Bitcoin

The digital cryptocurrency industry is facing two big cyber challenges, both of which affect website availability: system infrastructure capacity, and DDoS attacks.

Read more

DDoS Attacks Can Be Weapons in Cyber Warfare

Banks, energy utilities, transportation hubs and hospitals; these are the most high-profile examples of critical infrastructure that could be targeted by hackers.

Read more

New DDoS Protection for Physical or Virtual Environments

Corero recently launched the SmartWall Network Threat Defense - Virtual Edition (vNTD), which brings real-time DDoS attack visibility and mitigation to virtualized environments, for more diverse, flexible deployment possibilities.

Read more

Cryptocurrency: Top Target for DDoS attacks

It's essential that organizations maintain a comprehensive visibility across their networks to detect and block any potential DDoS incursions as they arise.

Read more

Holiday Hackers Can Ruin Website Availability and Security for Retailers

With so many website visitors during that crucial retail shopping window, companies must brace for spikes in traffic, protect their network security and maintain website uptime.

Read more

The New Face of DDoS-For-Hire Services

The rise of DDoS-for-hire services comes at a time when DDoS attacks are becoming more sophisticated than ever.

Read more

Mitigation Time Matters: The Difference between Seconds and Minutes

Organizations cannot afford to be slow in mitigating distributed denial of service (DDoS) attacks, no matter how large or small the attack.

Read more

Academic Research Reports Nearly 30,000 DoS Attacks per Day

Academics from the University of Twente (Netherlands); UC San Diego (USA); and Saarland University (Germany) recently conducted research that found that one-third of all /24 networks have suffered at least one DoS attack over the last two years. The research also found that “an average of 3% of the Web sites in .com, .net, and .org were involved with attacks, daily.”

Read more

The FBI Wants Victims to Report DDoS Attacks

Local municipal police forces seldom have the resources to track down cyber criminals, but the U.S. federal government has resources, and they want to help stem the surge of distributed denial of service (DDoS) attacks. Last week the U.S. Federal Bureau of Investigation (FBI) issued an appeal to organizations that have been victims of DDoS attacks to share details and characteristics of those incidents with an FBI Field office and the IC3.

Read more

7 Tips for Defending Your Network against DDoS Attacks

Today’s distributed denial of service (DDoS) attacks are almost unrecognizable from the early days of attacks, when most were simple, volumetric attacks intended to cause embarrassment and brief disruption.

Read more

‘Reaper’ Botnet – A DDoS Trick or Treat?

Researchers have discovered a massive new botnet, dubbed ‘Reaper’ or ‘IoTroop’, targeting poorly-defended IoT devices to form a ‘zombie army’ of devices that could rock the entire Internet with a powerful DDoS attack.

Read more

Botnets Growing, via Reaper and Sockbot Malware

In the past week security researchers have identified not one, but two malware types that infect devices to enslave them into IoT botnets: the Reaper, and Sockbot.

Read more

One Year after the Largest DDoS Attack

It’s been a full year since what most believe to be the world’s largest volumetric Distributed Denial of Service (DDoS) attack occurred.

Read more

DDoS Attacks on Sweden’s Transit System Signal a Significant Threat

Critical infrastructure organizations are at significant risk to the damaging impact of a Distributed Denial of Service (DDoS) attack.

Read more

Theft and DDoS Attacks Go Hand in Hand

Even if your organization has experienced a distributed denial of service (DDoS) attack only once, there’s still reason to feel uneasy.

Read more

DDoS Attacks Still on the Rise and Now Targeting Corporate Data

A new global survey by Kaspersky found that Distributed Denial of Service (DDoS) attacks have doubled over the last year.

Read more

Are Power Utilities Prepared for Cyber Attacks?

Accenture recently surveyed 100 utility executives from over 20 countries, and found that 57% of them are concerned that a cyber attack could interrupt the supply of electric power.

Read more

Phantom RDoS Might Be a Fake Ploy, But Beware

A group that calls itself Phantom Squad has launched an email-based ransomware DDoS (RDoS) extortion campaign against thousands of companies across the globe in the past week.

Read more

“Everyday” DDoS Attacks Must Be Mitigated

At last week’s CLOUDSEC 2017 conference, Corero CEO Ashley Stephenson spoke to attendees about the importance of mitigating the “everyday” small-scale distributed denial of service (DDoS) attacks that are pervasive and harmful to global businesses.

Read more

DDoS Attacks on Internet Providers Can Impact Downstream Customers

Enterprises need to consider that even if they have protection against distributed denial of service (DDoS) attacks, their business could be taken offline if their Internet Service Provider (ISP), hosting provider or Domain Name Service (DNS) provider does not have adequate DDoS protection.

Read more

The Rise of Ransom-Driven DDoS Attacks

In recent weeks, cyber attackers have become even more interested in extorting money from organizations by threatening to organize a DDoS attack on critically important online systems.

Read more

Infected Google Play Store Apps Create Potential DDoS Botnet

This week the news broke that 300 apps from the Google Play Store were infected with malware that would allow Android phones to be recruited into a botnet.

Read more

UK Considers Penalizing Operators of Essential Services for Lax Cyber Security

UK organizations that provide critical infrastructure could soon face penalties of up to £17m, or 4% of global turnover, if they suffer a loss of service due to having lax cyber security standards.

Read more

IT Professionals Forecast DDoS Attack Escalation

Corero recently surveyed some 100 IT security professionals at the InfoSecurity Europe conference in London last month, and their outlook on DDoS threat is bleak.

Read more

Federal Government Committee to Tackle the Botnet Problem

An advisory group for the U.S. federal government is taking on the challenge of preventing botnets, and reducing the number of botnets and their power.

Read more

Teen Hackers Can Launch a DDoS Attack for Cheap

You know it’s become way too easy to launch a distributed denial of service (DDoS) attack when even a 12-year old child can do it.

Read more

Cyber Insurance and DDoS Attack Protection

This past spring American International Group (AIG), one of the largest cyber insurance companies, surveyed cyber security and risk experts to gain a deeper understanding of their views of the likelihood and impact of a systemic cyber-attack.

Read more

Are DDoS Attacks on the Rise?

According to Corero’s recent DDoS Trends Report, Corero customers experienced an average of 124 attacks per month in the first quarter of this year (Q1 2017); that’s an increase of 9% compared to Q4 2016. In addition, 79 percent of DDoS attacks that Corero mitigated among its global customer base were less than 1Gbps in volume in Q1 2017. 98 percent of attacks were 10Gbps or less in volume.

Read more

Regulations May Decrease IoT Botnets, but Won’t Stop Them

The Internet of Things brings a host of advantages to consumers and businesses, but it also presents a slew of cyber security concerns.

Read more

Personal Data Security a Priority with New EU Regulations

Companies that have European constituents must prepare for the European Union General Data Protection Regulation that will go into effect in May 2018. The link between DDoS attacks and data theft should not be ignored.

Read more

DDoS Botnets, North Korea and the Threat of Cyber War

U.S. federal law enforcement and computer security agencies recently released a rare security alert, citing that a North Korean hacking group is actively targeting media, aerospace, financial, and critical infrastructure sectors in the United States and around the world. The hackers are believed to have used a botnet creation malware called DeltaCharlie to launch DDoS attacks.

Read more

Responding to DDoS Ransomware Demands & Attacks

Besides the financial loss that a company may experience by paying the ransom, companies must consider another risk: i.e., that they still will be subject to a DDoS attack by the hacker.

Read more

How to Handle DDoS Attacks: A Critique of DDoS Myths

A recent TechSpective article listed 20 ways to help prevent a DDoS attack. Some of the suggestions are helpful, but many of them have little benefit against the types of DDoS attacks which are common today. So, in the interest of busting some DDoS myths, this blog puts the recommendations in context.

Read more

Ponemon Report Weighs in on the Internet of Things

According to Dark Reading, a new Ponemon Institute report states that a majority of companies rely on legacy technologies such as network firewalls and intrusion prevention systems (IPS) to ward off cyber threats such as malware, ransomware and distributed denial of service (DDoS) attacks.

Read more

Attack Detection: The Crucial First Step in DDoS Mitigation

If your IT security system fails to detect and block the majority of DDoS attacks, how can you be sure that your network is truly safe from other incursions?

Read more

WannaCry Ransomware Attack Wreaks Havoc Across Globe

May 12, 2017 now marks an unwelcome milestone in hacking history; the largest-ever ransomware attack occurred that day, affecting thousands of private and public sector agencies across 150 countries.

Read more

DDoS Attack Briefly Cripples the FCC Comment System

It’s hardly surprising that DDoS attacks finally caught the attention of politicians; it was just a matter of time until a DDoS attack affected a government agency. A combination of events has led to more awareness of cyber threats, including DDoS attacks.

Read more

5 Essential Qualities to Look for in a DDoS Mitigation Solution

When vetting various distributed denial of service (DDoS) mitigation services, enterprises would be wise to determine which kind of protection their business needs, and look for five key characteristics.

Read more

DDoS Attacks: The Changing Legal and Regulatory Landscape

Internet service providers are increasingly treated more like public utilities than consumer services; will government regulations require that they block DDoS traffic? That remains to be seen. Ultimately the demands of enterprises and consumers may have more influence than any government regulations. The business landscape may require ISPs to provide DDoS protection, if only to protect themselves from litigation.

Read more

The Threat of North Korea’s DDoS-driven Cyber Attack

DDoS attacks can cripple crucial Internet systems. Learn about the potential damage a cyber attack wielded by North Korea could do.

Read more

DDoS-For-Hire Services Under the Spotlight

The rise of DDoS-for-hire botnets has caused an explosion of attacks, partly due to their cheap price point – they can be launched for just a few dozen dollars per month.

Read more

DDoS Attacks and Political Hacks

The British House of Commons issued a report last week, indicating the possibility that hackers from Russia or China launched a DDoS attack that crashed the United Kingdom's voter registration website before the deadline to register for the historic Brexit vote. Was that the likely cause of the crash, and could something similar happen in the US?

Read more

Why Real-Time DDoS Mitigation Is Essential for Your Network Security

If you think your network is safe from distributed denial of service (DDoS) attacks just because your website or web application has not been taken offline, think again. The cyber threat landscape continues to evolve dramatically. In terms of DDoS attack trends, two things have happened.

Read more

Survey Says Businesses Want DDoS Protection from ISPs

Corero conducted a survey of decision makers and security experts, to get a pulse on industry concerns about DDoS attacks in 2017. Learn about the results!

Read more

Myths that Surround Cloud-based DDoS Mitigation

Now that DDoS attacks are a common occurrence for many companies, more organizations are rightfully worried about protecting their servers and web applications. With that wave of concern comes a slew of advice—some good, some bad—from IT experts about the best anti-DDoS approaches. One example of bad advice is to suggest that organizations can rely exclusively on cloud-based mitigation.

Read more

How Can a DDoS Attack Be Part of a Security Breach?

A recent study by BitDefender showed that 34 percent of companies in the U.S. were breached in the past year, and 74 percent of the victims don’t know how it happened. Companies must realize that DDoS attacks are often part of the toolkit for cyber criminals to launch a security breach.

Read more

Is DDoS Protection Worth the Investment?

Anti-DDoS technology has often been difficult or costly for individual organizations to deploy. Fortunately, DDoS defense solutions have evolved, enabling hosting providers and ISPs to offer affordable DDoS protection to their customers.

Read more

Lack of IoT Security Fuels Terabit DDoS Attacks

Learn why unsecured IoT devices have become the backbone source for current and future multi-terabit distributed denial of service (DDoS) attacks.

Read more

DDoS Attacks, Who Dunnit? The Fight for Improved Detection and Protection

A recent Kaspersky Lab study found that many businesses that have suffered DDoS attacks believe that their competitors launched the attacks. Is there evidence to support their beliefs?

Read more

Mirai IoT Malware Now Infecting Windows Systems

The Windows-based spreader appears to have been created by a developer with advanced skills, and has a richer and more sophisticated code and components than the original Mirai malware. 

Read more

The Importance of DDoS Attack Visibility

As sophisticated DDoS threats continue to evolve, effective security analysis requires continuous visibility into the traffic flowing between the protected network and the Internet. Analysis of past events is valuable to help prepare for future threats.

Read more

Nearly 40% of Companies Lack Skills and Technology to Handle DDoS Attacks

A recent TripWire study highlights the growing problem of cyberattacks, and whether IT staff feel that their companies have the right combination of skills and technology to cope with various types of cyber threats.

Read more

IoT-Driven Botnet Attacks US University

To avoid experiencing similar incidents, companies need to pay close attention to the network settings for their IoT devices and, where possible, separate them from access to the Internet and to other devices.

Read more

Financial Impact of Mirai DDoS Attack on Dyn Revealed in New Data

Several months after the now-infamous DDoS attack on DNS provider Dyn last October, the incident continues to make headlines. Earlier this month, reports emerged about the scale of customer losses that the company experienced in the wake of the attack. According to security ratings provider, BitSight, roughly 8% of Dyn’s customer base stopped using their services in the aftermath of the attack.

Read more

DDoS Attacks Won't Be Blocked by Black Holing/Null Routing

Anti-DDoS solutions have evolved dramatically over the past few years, so it’s surprising to see occasional articles that still recommend outdated approaches, such as remote black holing (also called null routing) to stop unwanted traffic.

Read more

Increased Risks of DDoS Attacks for Ransom to Businesses

DDoS extortion campaigns are a common tool in the cyber-threat arsenal, and one of the easiest ways for an attacker to turn a quick profit. When service availability is threatened, the victim company needs to consider the potential loss in downtime, revenues and brand damage.

Read more

Untangling the Dark Web behind Mirai IOT Botnet DDoS Attacks

Security researcher Brian Krebs believes he has unraveled the mystery of who launched a massive Mirai botnet DDoS attack on his site in September of 2016. If Krebs’ allegation is true, then this is a seamy tale of a good programmer who went bad: a white hat turned into a black hat.

Read more

Law Enforcement Tries to Curb DDoS Attacks

Law enforcement is at a disadvantage against hackers, mostly because distributed denial of service (DDoS) attacks leave little or no trace of evidence. However, police have made some arrests recently, which counts as a tiny bit of progress in the uphill battle against cyber criminals.

Read more

Could Volumetric DDoS Attacks Shut Down the Internet?

Many people are now asking the question, were the 2016 DDoS attacks just warm-up drills or test runs for even larger attacks that would cripple large parts of the Internet? The potential certainly exists; is it probable?

Read more

5 Cyber Security Questions to Ask an Internet Service Provider

Business depends upon Internet reliability and security, so when it comes to choosing your Internet Service Provider (ISP), it pays to ask the right questions. Given the prevalence of DDoS attacks, one can no longer assume that that your Internet service will be 1) always reliable or 2) “clean.”  

Read more

Traditional Layers of Defense Are Not Enough to Stop DDoS Attacks

Although DDoS mitigation solutions have been around for nearly 20 years, there are still some myths about DDoS attacks and much debate about how to best protect a network.

Read more

DDoS Attack Predictions for 2017

What challenges and changes will 2017 bring to the DDoS threat landscape? And why is there reason to be optimistic that the number of volumetric DDoS attacks will decrease in the next few years? Read our predictions for 2017.

Read more

The Link Between DDoS Attacks & Security Breach Dwell Time

The costs of security breaches are infamous, and the methods are myriad, constantly evolving. One might ask, how could a security breach go unnoticed, especially for long periods of time?

Read more

DDoS Hackers for Hire

Unfortunately, just in the past few weeks it’s become exponentially easier to launch a massive DDoS attack. There are two reasons for this evolution.

Read more

The Dangers of Underestimating DDoS Attacks

Organizations should be wary of being quick to claim that their business systems have not been affected by a DDoS attack, because this can be extremely difficult to ascertain.

Read more

DDoS Attacks on Critical Infrastructure

Could a DDoS attack cause a long-term disruption of industrial control systems, which operate or monitor much of the nation’s critical infrastructure?

Read more

DDoS Attacks Open the Door to Ransomware

Short DDoS attacks might seem harmless, in that they don't cause extended periods of downtime. But IT teams who choose to ignore them are effectively leaving their doors wide open for ransomware attacks or other more serious intrusions.

Read more

BlackNurse DoS Attack – What You Should Know

Researchers have warned that a low-volume BlackNurse DoS attack can easily take down certain firewalls.

Read more

Will Companies Suffer DDoS Attacks on Cyber Monday?

Most of the time, Cyber Monday attacks have taken the form of phishing scams and theft of data such as credit card numbers and email addresses. There have not been many major DDoS attacks on Cyber Monday, but with the way DDoS attack trends are going, there is still reason for concern.

Read more

Cleaning up DDoS at the Network Edge

Hosting providers and/or the tenants they serve experience distributed denial of service (DDoS) attacks on a daily basis. Some attacks are large and noticeable, but the vast majority go unnoticed unless the provider has a granular DDoS detection solution.

Read more

Can DDoS Attacks Be Prevented by Policies or Legislation?

To avoid future DDoS attacks, several U.S. lawmakers have called on the government to improve cyber security protections and consider new rules for web traffic. Would such laws or policies help?

Read more

4 New Trends in the DDoS Threat Landscape

The now infamous DDoS attack on DNS provider DYN broke records for the sheer size of the attack. Unfortunately, the scale of that attack is likely to become commonplace in the near future because of a perfect storm of four trends brewing in cyberspace.

Read more

Help Prevent IoT Devices from Becoming DDoS Botnet Slaves

It’s impossible to make sure that every IoT device is immune to botnet enslavement; however, there are things that companies and consumers can do to make it more difficult for DDoS hackers.

Read more

DDoS Attacks, Security Breaches Validate the Need for National Cyber Security Awareness

It’s very apropos that October is National Cyber Security Awareness Month because this month and the preceding month have been chock full of record-breaking cyber attacks.

Read more

Corero Team Discovers a New DDoS Vector

The Corero research team has discovered a new distributed denial of service (DDoS) Reflection/Amplification attack vector that leverages Connectionless Lightweight Directory Access Protocol (CLDAP UDP:389).

Read more

DDoS Attacks: How Service Providers Can Protect the Media

In the run-up to the US election, we can expect to see more and more of the types of DDoS attack that took Newsweek offline last week. However, these attacks can easily be defeated by service providers, at the network edge.

Read more

Modern or Legacy DDoS Protection? The Important Differences

DDoS attacks have evolved over the years and, thankfully, so has DDoS protection technology. However, not all DDoS solutions are equal.

Read more

Bad News: Bots Thrive on the IoT

The explosion of IoT devices and the release of the "Mirai" code enables more botnet-driven DDoS attacks. However, telecoms can help reduce such attacks.

Read more

Sub-Saturating DDoS Attacks Steal Bandwidth

Sub-saturating, surgical DDoS attacks can be a threat to any organization, but the impact on Service Providers can be even greater.

Read more

The IoT Makes it Easier to Launch Massive DDoS Attacks

Despite its advantages, the Internet of Things (IoT) comes with a host of security disadvantages, allowing hackers to harness connected devices for a variety of nefarious purposes, including DDoS attacks.

Read more

6 DDoS Attack Protection Myths

Having been in the business of DDoS protection for many years, Corero has seen plenty of bad advice thrown around by various cyber pundits. Below we have put together 6 common myths around DDoS protection, and our response to them.

Read more

How DDoS and Malware Could Impact the Voting System

Recent stories in the national media have heightened concerns about the potential for hackers to interfere with the upcoming U.S. elections; how could DDoS attacks play a role?

Read more

SDN and NVF: Blessing or a Curse for DDoS Security?

Software Defined Networks (SDN) and Network Functions Virtualization (NFV) technologies are growing more common, but they are inherently vulnerable to DDoS attacks.

Read more

911 Systems at Risk for TDoS Attack Takedown

Researchers from Ben Gurion University in Israel recently discovered that cyber criminals could launch a telephony denial-of-service (TDoS) attack that could take over thousands of smartphones to form a zombie army of botnets that would automatically dial repeated calls to a 911 system.

Read more

The Links Between Ransom, Ransomware and DDoS Attacks

Of all the cyber threats today, distributed denial of service (DDoS) ransom attacks and ransomware are high on the list of IT security concerns because they are growing more common and they are expensive to remediate.

Read more

Study: 78% of Businesses Not Prepared for Security Breaches

A new study published by international consulting firm KPMG and telecoms group BT recommends that businesses collaborate with telecom companies, Internet Service Providers, banks, credit-card providers, insurers and the security industry in a concerted effort to improve cyber security.

Read more

Why is the UK a Prime Target for DDoS Attacks?

Reports surfaced last week that the UK has now become the world’s second most targeted nation for DDoS attacks, following a 220% rise in the number of attacks globally in the last year.

Read more

Choose Your Network Threat Defenses Wisely

Ransomware, Trojans, Malware, and distributed denial of service (DDoS) attacks are some of the most common types of threats. Each has different vectors and flavors, and each brings its own risks and costs. IT pros clearly need multiple layers of security, but which layers are most important?

Read more

Lessons Learned from the Australian Census DDoS Attack

After the DDoS attack on Australian Bureau of Statistics, what can we learn from it? The incident highlights the importance of having DDoS protection at the network perimeter, as well as reliable analytics and clear visibility in the event of a DDoS attack.

Read more

Strategies Shifting for DDoS DNS Amplification Attacks

New research presented at the Black Hat conference indicates that DDoS DNS amplification attacks are now more likely to use SSDP than NTP, and that DDoS attacks may generally be smaller than are commonly reported.

Read more

Improper Network Configuration Can Lead to DDoS Attacks

Recent research found that cyber attackers can launch DDoS attacks by abusing improperly configured DNSSEC (Domain Name System Security Extensions) domains. Learn how to protect your network, whether it includes DNS service or not.

Read more

Does “DDoSCoin” Crypto Currency Encourage More DDoS Attacks?

Recent academic research reinforces the fact that DDoS attacks are not going away, especially if hackers are rewarded with crypto currency.

Read more

NATO Declares the Internet a War Zone

NATO recently published a Cyber Defense Pledge, recognizing the growing threat of nation state cyber warfare and the need for greater cyber security and collaboration among allies.

Read more

Automated DDoS Protection Hardware Fills a Gap in Network Security

There is no shortage of cyber threats, but there is a shortage of trained IT security personnel to guard against them. With automated DDoS mitigation in place, IT security staff would have more time to handle other cyber security threats.

Read more

Small DDoS Attacks Cause Big Problems

Most DDoS attacks are not large, volumetric attacks, and DDoS hackers target all kinds of organizations, not only big, household name companies or government agencies. No website or online application is immune to DDoS, and any size DDoS attack is cause for alarm. You see, DDoS is not just a web availability issue; it’s a security issue.

Read more

IT Security Professionals Want Better DDoS Protection from Service Providers

Corero polled over 100 IT security professionals at the Infosecurity Europe 2016 conference in London last month, and the survey shows that UK businesses are not only worried about DDoS attacks, they want better protection from their Internet Service Providers.

Read more

Meet Corero’s Family of DDoS Mitigation Hardware

If you’re doing research about DDoS protection solutions there are many choices out there, and it can be challenging to find the solution that best fits your organization. Learn about the pros and cons of scrubbing service vs. cloud-based mitigation vs. DDoS mitigation appliances.

Read more

Massive Botnet Attack Proves That Firewalls Offer No DDoS Protection

A massive botnet DDoS attack, composed of approximately 25,500 compromised closed-circuit television (CCTV) systems, has been ongoing for the past few weeks, attacking various businesses across the globe. A firewall offered no protection.

Read more

New Report Points to Alarming DDoS Attack Statistics and Projections

A new report from Cisco includes data on DDoS attacks worldwide, citing increased size and frequency of attacks. However, Corero finds that the vast majority of attacks targeting customers are 1Gbps or less in size.

Read more

Cyber Criminals Sell Compromised Servers to Carry Out DDoS Attacks

A major underground marketplace is selling access to more than 70,000 compromised servers, allowing buyers to carry out widespread cyberattacks around the world.

Read more

What Bank Executives Need to Know about DDoS Protection

A recent KPMG study showed that 1 in 10 banking executives didn't know if their bank had been hacked. Bank executives need to realize how easily hackers breach networks by using Dark DDoS attacks as a smokescreen.

Read more

Can The Criminal Justice System Thwart Botnet-Driven DDoS Attacks?

In mid-May three senators on Capitol Hill introduced a bill (S.2931 - Botnet Prevention Act of 2016) that aims to give law enforcement and the courts more teeth when it comes to going after cybercriminals, especially those that launch botnet-drive DDoS attacks. It's a nice idea, but will it work?

Read more

A DDoS Mitigation Appliance Blocks Attacks

In a recent survey, 30% of respondents said their enterprise relies on traditional security infrastructure products (firewall, IPS, load balancers) to protect their businesses from DDoS attacks. Unfortunately, those companies are still very vulnerable to DDoS attacks.

Read more

Dark DDoS Attacks Often Mask Security Breaches

It's a challenge for network security professionals to detect, never mind block, every intrusion. What’s troubling is how much time it can take for an organization to realize that its security system has been breached.

Read more

Automated DDoS Protection Reduces Costs & Prevents Downtime

Human intervention is insufficient for most cyber security attacks because humans can’t immediately see every attack, and they certainly can’t respond fast enough (in real time) to block all infiltrations.

Read more

Does Artificial Intelligence Apply to Network Security and DDoS Attacks?

Human intervention alone is no longer sufficient to stop cyberattacks. However, it’s important to recognize that not all software techniques that are automatic or reactive should be classified as Artificial Intelligence.

Read more

Benefits of Real-Time DDoS Protection

If your organization is debating the merits of a DDoS protection appliance compared to a DDoS scrubbing service, this blog post offers a short explanation of the key differences between these types of DDoS solutions.

Read more

Key Components of Our DDoS Monitoring Tool for Virtual Machines

Corero’s latest product, the SmartWall® Threat Defense - Virtual Edition (vNTD Monitor), allows service providers who are looking to scale out their security analytics environment to simply “drop” security visibility into any part of their network to analyze the nature of a threat.

Read more

Distributed Denial of Service Attacks are Preventable!

A news story about the recent DDoS attack on the Hawaii Better Business Bureau illustrates common misperceptions about effective DDoS protection.

Read more

Protect Your Network from Cyber Extortion with a DDoS Protection Solution

This week ushered in several news articles about recent DDoS extortions that turned out to be scams conducted by some hackers who pretended to be part of the Armada Collective. Some businesses paid the ransom fee, but they could have avoided the entire problem if they had adequate DDoS protection in place.

Read more

DDoS Attacks Impact the Janet Network & Connected Universities

Last week the Janet Network, the government-funded educational network used by many universities in the United Kingdom, experienced another serious DDoS attack. Universities can’t afford to adopt a “whack-a-mole” approach to DDoS attacks. They need real-time, automatic protection against DDoS attacks to protect network services, maintain availability and protect users and their confidential data.

Read more

Majority of Enterprise Customers Want Better DDoS Protection from ISPs

FierceMarkets and Corero jointly published a new research report based on a survey of ISPs and enterprise customers regarding DDoS mitigation strategies. The report discusses not only the traditional methods of DDoS mitigation, but also the rationale of some ISPs who have not yet adopted more effective anti-DDoS technology.

Read more

DDoS Hackers Using IoT Devices to Launch Attacks

There are millions of connected devices that comprise the Internet of Things (IoT), which leads to many security weaknesses that DDoS hackers can leverage. By using amplification techniques on the millions of very high bandwidth density devices currently accessible, such as baby video monitors and security cameras, DDoS attacks are set to become even more colossal in scale.

Read more

DDoS Mitigation as a Service Offering for Telecoms

For today’s internet-driven businesses, any service degradation or outage can have a detrimental impact on brand, customer loyalty and the bottom line. Increasingly, such incidents are being caused by Distributed Denial of Service (DDoS) attacks, and this is one area where telecoms can take leadership.

Read more

Hosting Providers Can Capitalize on DDoS Protection as a Service

The majority of hosting provider customers expect the provider to ensure “clean pipe.” Here's a summary of a webinar that we co-presented with Web Host Industry Review (WHIR), which discusses how hosting providers can implement the most comprehensive level of DDoS protection to eliminate DDoS attack traffic from their networks, and offer that DDoS protection as a value-added service to their customers.

Read more

DDoS Mitigation Solutions & MSSPs Work Together to Keep SMBs Safe

Cyber attacks are on the rise, affecting all kinds of organizations, yet there is a shortage of cybersecurity employees who know how to prevent and manage cyber threats. Small to medium-sized businesses are increasingly turning to Managed Security Service Providers (MSSPs) for help.

Read more

Corero Receives “Recommended” Rating in NSS DDoS Prevention Solutions Security Value Map

Corero SmartWall® Threat Defense System (TDS) earned a top position in the latest NSS Labs DDoS Prevention Group Test, earning the coveted “Recommended” rating, with high performance in all test categories.

Read more

Survey: DDoS Attacks Cause Loss of Customer Trust & Decreased Revenues

We've released the results of our annual DDoS Impact Survey, which polled technology decision makers, network operators and security experts about key DDoS issues and trends that Internet service providers and businesses face in 2016. Nearly half (45%) of the survey participants indicated that loss of customer trust is the most damaging consequence of DDoS attacks to businesses. See our infographic that sums up rest of the survey results!

Read more

Cyber Warfare or Hacktivism? DDoS Attacks Can Be Used Either Way

Recent DDoS attacks on government and corporate websites in Sweden, Finland and Switzerland illustrate that DDoS can be used as either cyber warfare or political hacktivism.

Read more

Researchers Discover New Vector for DDoS Amplification Attacks

Researchers in Scotland have found a new vector for DDoS amplification attacks: the TFTP protocol (Trivial File Transfer Protocol). Thus far it appears that hackers have not relied heavily on the TFTP protocol; however, you can be sure it will become popular with DDoS attackers.

Read more

The Dangers of Short-Duration, Sub-Saturating DDoS Attacks

Many organizations aren’t even aware of when their sites are experiencing a DDoS attack, because the majority of attacks are under 1 Gbps, and are perceived as only annoying “noise” in the IT background; the attacks are not large enough to get the attention of IT security staff. That doesn’t mean they should be ignored, however. Unseen, low-level DDoS attacks cause two problems.

Read more

DDoS Mitigation Service Provider, Staminus Suffers a Major Security Breach

Staminus, a global hosting and Web security firm, suffered a major blow late last week when it became the victim of a security breach. Staminus is a hosting provider and provider of cloud-based DDoS mitigation services.

Read more

Department of Homeland Security Supports Anti-DDoS Efforts

Give the U.S. federal government credit for attempting to find more broad-based solutions to the global problem of DDoS attacks. We reported a few months ago that DARPA is soliciting research projects on innovative ways to create resilient defenses against DDoS attacks. Now the Department of Homeland Security (DHS) is getting in on the act as well.

Read more

How Corero Protects Against Blended DDoS Attacks

DDoS attacks come in various forms, and hackers have become more sophisticated by launching blended attacks that combine three, four or five types of attacks at the same time. Fortunately, the Corero SmartWall Threat Defense System (TDS) defends against all of them. A recent 75Gbps combined ACK and SYN flood attack on a Corero customer illustrates this point.

Read more

Introducing the Corero Virtual Edition (vNTD) Monitor – a DDoS Detection Engine

Last week we announced a new product: vNTD Monitor, which provides the freedom and flexibility to monitor DDoS activity in real-time against any server, application or network. This industry-leading technology provides visibility of attack traffic, intuitive analytics and alerting of DDoS attack vectors targeting a system or workload.

Read more

A Security Guide for Next Generation Service Provider Network Architecture

In the typical service provider network today, security is often an afterthought; after building the network, engineers typically add encryption and firewalls, neither of which is sufficient to protect against the increasing malware and DDoS attacks that plague networks and service functions.

Read more

Clear and Comprehensive Visibility into DDoS Attack Mitigation

Whether they are online enterprises, hosting providers or Internet service providers, companies need 24/7 insight into their network security, particularly regarding DDoS attacks and other cyber threats that target their Internet-facing services.

Read more

Distributed Denial of Service Attacks Caused 22% of Unplanned Data Center Outages in 2015

The “2016 Cost of Data Center Outages Report,” published recently by Emerson Network Power in conjunction with the Ponemon Institute, states that unplanned data center outages cost companies nearly $9,000 per minute, and the second most common cause of outages was cybercrime, specifically Distributed Denial of Service (DDoS) attacks.

Read more

The Cybersecurity Issue Gets Attention from the White House

President Obama's announcement of a Cybersecurity National Action Plan is an important step towards protecting the American public from the ever-growing threat of cyber attacks.

Read more

Going After the People Behind DDoS Attacks

There are two aspects of fighting DDoS attacks. One is remediation—stopping the attack when it comes in. Corero and other providers have this part of the equation covered. The other aspect of stopping attacks has to do with law enforcement, which can be done only with the help and support of the victim companies.

Read more

DDoS Attacks Rise in Size, Sophistication and Frequency

Distributed denial of service (DDoS) attacks are clearly on the rise: growing in size, sophistication and frequency. Any type of website can be preyed upon by a DDoS attacker, and several high-profile websites have been hit in recent weeks, ranging from corporate enterprises and government agencies to educational institutions. In this blog post Corero COO Dave Larson answers questions about these troubling trends.

Read more

Mitigating Multi-Vector DDoS Attacks

Corero's Security Operations Center* team monitors various customer websites 24/7, 365 days per year. They regularly see DDoS attacks in real-time, many of which are so small that they would be unnoticed by the customer if not for the Corero SmartWall® Threat Defense System (TDS). However, they also see very large, multi-vector attacks in progress. This blog includes sample reports of high-volume, multi-vector attacks detected and mitigated in real-time by the SmartWall® Threat Defense System.

Read more

On the Upswing: Cyber Insurance to Cover the Liability of DDoS Attacks

Cyber insurance is not a substitute for making smart investments in cyber security and following industry best practices. However, it is an important part of almost any business's risk mitigation strategy.

Read more

What Motivates DDoS Attackers?

Whether motivated by greed, cheap thrills or politics, DDoS hackers wreak havoc on websites. The best protection is prevention: defensive solutions that can detect and stop DDoS hackers in their tracks before they do any damage.

Read more

DDoS Rings in the New Year With a Vengeance

High profile DDoS attacks rang in the new year in full force, starting 2016 with a flood (no pun intended) of activity. The morning of New Year’s Eve, BBC websites and other associated online services went dark due to a DDoS attack. Since the outage, hacker group “New World Hackers” have stepped forward claiming responsibility, indicating that the attack was carried out as a “test of its capabilities”.

Read more

Someone is trying to break the Internet, and it isn't Kim Kardashian

Break the Internet? Kim Kardashian's Paper Magazine cover couldn't do it, but now someone is trying to bring it down for real using DDoS attacks on the Internet Domain Name System's root name servers. Root Server Operators (RootOps) reports that on at least two separate occasions, several of the root name servers were hit with an...

Read more

Hacker group is targeting Xbox Live and PlayStation Network with DDoS attacks, just in time for Christmas

Do you know someone who is expecting an Xbox or PlayStation game console under the Christmas tree this year? If so, you'd better tell them to make plans for doing something other than playing with their new game systems for a few days. The New York Daily News reports that the Grinch (aka, a hacker group calling itself Phantom Squad) has vowed...

Read more

DDoS Lessons Learned, and Staying Ahead of These Threats in 2016

The DDoS attack landscape of 2015 has brought a consistent spattering of headlines that further highlight the severity of this type of cyber-attack.

Read more

Carrier Grade NAT and the DoS Consequences

The Internet has a very long history of utilizing mechanisms that may breathe new life into older technologies, stretching it out so that newer technologies may be delayed or obviated altogether. IPv4 addressing, and the well-known depletion associated with it, is one such area that has seen a plethora of mechanisms employed in order to give it...

Read more

Here they come – DDoS attacks via the Internet of Things

Experts have long warned that the inherent lack of security in many of the devices that make up the Internet of Things (IoT) would come back to harm us in the end. Now there is firm evidence that hackers are exploiting weak and default credentials on embedded devices to create botnets that are the sources of DDoS attacks. Closed-circuit...

Read more

ProtonMail Gives in to DDoS Ransom

Last month I published a post in reference to the surge in ransom driven DDoS attacks against Corero’s customers. “Over the last thirty days, roughly 10% of Corero’s customer base has been faced with extortion attempts, threatening to take down their websites and services unless they pay out various Bitcoin ransoms. Through...

Read more

Is DDoS Mitigation as-a-service becoming a defacto offering for providers?

It’s well known in the industry that DDoS attacks are becoming more frequent and increasingly debilitating, turning DDoS mitigation into a mission critical initiative for providers. From the largest of carriers to small and mid-level enterprises, more and more Internet connected businesses are becoming a target of DDoS attacks. What was once...

Read more

Vigilante DDoS attacker goes after offensive websites

It's almost easy to empathize with someone who feels justified in using DDoS tactics to temporarily take down websites that belong to the Islamic State, pedophiles, and racist and homophobic hate groups. Then we have to remind ourselves that, no matter how offensive or repugnant the content of these websites is, it's still considered to be...

Read more

Corero Observes Surge in Ransom Driven DDoS Attacks

The Corero Security Operations Center has seen an increase in cyber-extortionists targeting web hosting providers with Bitcoin ransom demands. Over the last thirty days, roughly 10% of Corero’s customer base has been faced with extortion attempts, threatening to take down their websites and services unless they pay out various Bitcoin...

Read more

Rutgers University gets an F for its failure to prevent repeated DDoS attacks

On September 28, 2015, Rutgers University experienced another DDoS attack—the fifth such attack in less than a year. Now some students and parents are asking for a refund of a portion of the tuition they have paid, attributing the demand to the university's inability to keep services available.  You see, the university's Board...

Read more

DDoS Defense as-a-service: A new Revenue Opportunity

In the past 12 months Corero has worked with many organizations world-wide; helping to solve their DDoS dilemma by deploying Corero’s SmartWall Threat Defense System (TDS).  Today Corero’s technology is protecting large swaths of the internet against the ill-effects of DDoS attacks.  As more-and-more service providers,...

Read more

DDoS Impact on Mobile Networks – Radio Congestion

Most CSP’s and Mobile Carriers have deployed some form of DDoS scrubbing complex in their network to clean large, long duration DDoS attacks. While this is a necessary first step in proactively working to defeat the DDoS challenge, the threat landscape is constantly changing and requires a more modern approach to protection. Based on...

Read more

Groups like DD4BC are just the beginning!

The group calling themselves “DDoS for Bitcoin” (DD4BC) continues to extort money from a host of companies located all over the globe, and today very few organizations are able to adequately protect themselves from DD4BC’s tactics. The group’s extortion campaigns have been increasing recently which include a preemptive...

Read more

DDoS Defense Initiatives – It looks like everyone is getting involved!

Over the past few weeks news feeds all over the world have been pulsating about the recent DARPA announcement.  On August 14th, 2015 the U.S. Defense Advanced Research Projects Agency (DARPA) announced an initiative called Extreme DDoS Defense (XD3).  Interestingly enough, DARPA is not the only U.S. government agency calling for research...

Read more

Lizard Squad retaliates against the UK's National Crime Agency following arrests of "customers"

Lizard Squad just can't leave it alone. Last week we reported that the National Crime Agency (NCA) in the United Kingdom arrested a number of teenagers who used Lizard Squad's DDoS tool Lizard Stresser. (See Users of DDoS-as-a-Service are arrested in the UK.) Just days after those arrests, the NCA's website was attacked and...

Read more

DARPA announces the Extreme DDoS Defense Program to solicit innovative ways to thwart attacks

Do you think you have what it takes to come up with a really innovative way to mitigate the effects of DDoS attacks? If so, the Defense Advanced Research Projects Agency (DARPA) wants to hear from you. Recognizing that DDoS attacks can have serious consequences on businesses as well as government agencies and military branches, the agency...

Read more

Users of DDoS-as-a-Service are arrested in the UK

Back in January I told you about DDoS-as-a-Service, brought to you by the nefarious hacking group known as Lizard Squad.

Read more

Optimizing Carrier DDoS Mitigation Scenarios - Part 2- Peering Point Deployment

In an in-line peering point DDoS protection deployment scenario, SmartWall ® Network Threat Defense Appliances (NTD) are deployed on each of the Service Providers’ peering points to their upstream Internet bandwidth providers.  This ensures always-on DDoS attack mitigation services while benefitting from the highest levels of...

Read more

DDoS extortion campaigns on the rise

Just recently the Internet Complaint Center (IC3) issued an alert to businesses regarding a rise in extortion campaigns, tied to threats of DDoS attack activity unless a ransom is paid. The rise in DDoS attacks generally, is not surprising at all and the use of the “DDoS threat” for ransom or extortion is not a new tactic in...

Read more

The DDoS Opportunity Awaits

In the late 1990’s a large number of DSL providers were raising millions of dollars in venture capital to build their DSL networks in the United States. in order to offer broadband Internet access to local consumers. Many subscribers were still utilizing dial-up services and the demand for faster Internet connections and more available...

Read more

FBI Warning! Businesses Are Threatened with DDoS Attacks Unless Extortion Money Is Paid

If you're running an illegal business that the authorities would like to shut down, you are highly unlikely to call the police or FBI if a cyber attack is affecting your business. And so it is that online operators of "unregulated activities" such as illegal gambling sites are finding themselves to be the victims of extortion...

Read more

If it looks like a duck, quacks like a duck and walks like a duck…

Several high profile organizations experienced ‘unexplained’ service outages yesterday, begging the question “is there any connection across these discrete outages”. All trading on the New York Stock Exchange was halted for nearly four hours for undisclosed internal technical reasons, while a so-called technical glitch halted United Airlines flights around the country for about two hours. The Wall Street Journal’s web site was also rendered unavailable just after the NYSE halted trading.

Read more

DDoS – A Global Epidemic

Corero’s Q4, 2014 DDoS Trends and Analysis Report highlights that organizations are faced with DDoS attack attempts at an alarming frequency. For example, Corero’s customers on average are experiencing up to four DDoS attacks per day –up to 351 DDoS attacks per quarter.  What we find even more interesting is that 96% of the...

Read more

Shapes of DDoS Threats

For a device to offer DDoS protection it must be able to handle the different traffic profiles that constitute the current DDoS attack landscape. By illustrating the relative layer 3 and layer 4 counts of source and destination one can easily see the major categories of DDoS Threats. After introducing a basic traffic shape, anomalous variants will...

Read more

Denial of Service Attack Grounds Airplanes for Hours

If you're old enough to remember the turn of the millennium, then you'll recall the big Y2K scare. Many people believed that computers that were never designed to accommodate the change of the millennium – from the year 1999 to 2000 – would have such crazy problems that airplanes in flight might fall out of the...

Read more

The State of Internet Security is Getting Worse, According to Akamai

Akamai is out with its State of Internet Security report for the first quarter of 2015. This report is based on actual, observed traffic as opposed to being the result of user surveys, making it a good record of recent security conditions. The report opens with a very troubling statistic: the number of DDoS attacks recorded in the first quarter...

Read more

High school student charged with a felony after DDoSing his school district

Sure to be voted "least popular student" in the West Ada, Idaho, school district: the 17 year old kid who took down the district's computer system, forcing students to retake the state mandated achievement test multiple times. In mid May, just as 36,000 students across the district's 52 schools were taking their Idaho Standard...

Read more

Sorry Kids, Your Final Exam Has Been DDoS’d

It’s that time of year when Colleges and Universities are hustling and bustling with year-end activities such as graduation, senior occasions, final athletic events and countless ceremonies. It’s also the time when final exams are well underway. Perhaps it is a coincidence (or maybe quite the opposite) that we are hearing of several...

Read more

Telescope Protesters Are Not Acting With "Aloha"

Most people would consider Hawaii to be an idyllic place, but there's quite a controversy erupting over the plan to build a new telescope on Hawaii Island ("the Big island"). Not just any telescope, mind you, but one of the world's largest, known as the Thirty Meter Telescope (TMT). Construction of the $1 billion+ scientific...

Read more

Who have you pissed off lately?

One of the prime motivations for DDoS attacks today is hacktivism. That is, some individual or group is trying to inflict revenge or punishment on the targeted company because of political or social beliefs. One of the more famous uses of DDoS as a hacktivist tool is the take-down of Sony Pictures' systems in retribution for the planned...

Read more

When you fight fire with fire, you risk getting burned

Censorship watchdog GreatFire.org lit a fire that has turned into quite a conflagration. GreatFire.org is known for punching holes in China's Great Firewall, the surveillance and censorship system that attempts to prevent Chinese businesses and citizens from reaching the outside world via the Internet. GreatFire provides open access to the...

Read more

Man your battle stations – DDoS is pulling a fast one on you

The DDoS threat landscape is a broad, ever evolving and dynamic topic that is covered by many different perspectives. One angle that doesn’t always get the spotlight is the use of DDoS attacks as a diversionary tactic or profiling mechanism for advanced assaults against a target victim. Traditionally the term “DDoS” has been...

Read more

Are DDoS attacks getting bigger or smaller?

There has been a flurry of DDoS reports from DDoS protection vendors as of late, and Corero has thrown its hat in the ring as well. The recently released Corero DDoS Trends and Analysis report offers a unique perspective of the growing DDoS threat; offering a stark contrast to the majority of the reports saturating the headlines this month. The...

Read more

Industry Observations of DDoS Trends

Observing and analyzing DDoS attacks over a period of time helps us all understand trends so that we can better prepare for the future. Verisign has recently published its DDoS Trends Report for the last half of 2014, and there are some interesting observations. For one thing, attacks are growing larger in size. In the attacks observed by...

Read more

Why DDoS scrubbing-lanes?

With regards to scrubbing-lane approaches, years ago Internet Service Providers (ISP) realized, “Yes DDoS is a problem we will have to deal with now and in the future”.  From some reports as early as the year 2000 ISPs began observing DDoS attacks traversing their networks. How did they see the effects of DDoS attacks - way back...

Read more

Don't Dig a Well When Your House is on Fire

Relying on human intervention to mitigate DDoS attacks is like digging a well when your house is on fire. When it comes to ensuring service availability and maintaining uptime and SLAs, hosting providers should use minimal (if any) manual intervention when defending against a DDoS attack.

Read more

Return on Investment vs. Return on Availability

In my discussions with organizations looking to protect their business from the wrath of DDoS attacks, I often hear the same question, “How do we obtain a Return on Investment (ROI) on a DDoS protection solution?”  Years ago I would attempt to delineate a potential ROI model, often on the fly.  On several occasions, I worked...

Read more

More than half of U.S. businesses were targeted by a DDoS attack last year. Was yours among them?

How pervasive have DDoS attacks become? According to research from the global network services company BT Global Services, two out of every five organizations worldwide were targeted by DDoS attacks last year. That's the global average. In the United States, more than half (58%) of all organizations were targeted. Those aren't good...

Read more

Experiencing Pain you can’t Explain?

Last week I attended the Corero annual sales kickoff at our HQ in Hudson, MA. While there, I had the opportunity to spend several days with one of our most seasoned security engineers, David B.  He was discussing his experience regarding a hosting provider who was currently evaluating the Corero SmartWall® Threat Defense System (TDS) as a...

Read more

The double-edged sword of operating a hosting data center  

The more customers you host in your data center, the better, right?  Of course, that means more revenue.  And if those customers are in multiple industry verticals, even better, correct?  Supporting a variety of customer types protects  against revenue fluctuations if rough economic times affect a certain vertical and not the...

Read more

The biggest threat to your SLAs - DDoS Attacks (Part II)

It’s obvious that latency and outages caused by DDoS attacks can severely impact uptime measurements.  A sustained outage caused by an attack could result in an organization losing or reducing its uptime certifications. The reality of the impact of DDoS to a provider’s APS ratings is staggering if you put it into...

Read more

The biggest threat to your SLAs - DDoS Attacks (Part I)

It is no secret that Hosting Providers live and die by the Service Level Agreements (SLAs) and uptime guarantees they offer to their customers.  Organizations select providers, and remain loyal when SLA thresholds are continuously met.  Hosting Providers are fighting an up-hill battle in striving to meet these aggressive guarantees....

Read more

Looking for a Cheap Service for DDoS Penetration Testing? How Does $2.99 Sound to You?

Lizard Squad, the hacking group that takes credit for attacking the Sony PlayStation Network and the Microsoft Xbox network back in December, now wants to be your commercial provider of a sort of "penetration testing" toolkit. CNN recently reported that anyone can rent the Lizard Squad tool called Lizard Stresser for as little as $2.99...

Read more

Hope for the best, but plan for the worst.

From my time spent in the military back in the 1980’s I remember many of the lessons learned.  The title of this blog is one of them. Without a plan, all of the hope in the world solves little, if anything and hope simply cannot replace a good plan. Hope is not a strategy for success. With the recent news pertaining to Lizard Squad...

Read more

The Hacker Group Anonymous as Do-Gooder?

We are usually writing about the hacker group Anonymous in terms of the harmful attacks its members launch against business and government websites. But now the BBC is reporting that Anonymous is claiming credit for knocking a terrorist recruiting website offline. Anonymous is declaring war on jihadist websites following the recent terrorist...

Read more

The Web as Equalizer in Cyber Terrorism

When the World Wide Web rose to prominence two decades ago, it was called the great equalizer. By having a Web presence, a small company could look as impressive as a large company when it came to courting prospective customers and employees. Individuals could access information that previously had been locked away in hard copy sources only....

Read more

DDoS attacks: Normally I don't blame the victim, but in this case the blame is deserved

April 2011 – Sony Playstation Network, Sony Online Entertainment (SOE), and the Sony Qriocity music service (now known as Music Unlimited) were all knocked offline by a large-scale DDoS attack. The group Anonymous claimed responsibility for this attack. Sony was so busy trying to get its services back online that it failed to notice that a...

Read more

Interview with Corero CTO, Dave Larson – It’s Game On for DDoS

The Gaming Industry, given its high-volume, high-transactional environment, requires 24/7 accessibility. Any downtime or interruption has a significant financial and reputational impact. The Gaming Industry thrives on the Internet, which makes them especially sensitive to DDoS attacks not only by motivated attackers, but also competitors and poor...

Read more

Can we still trust email?

You'd better be extra vigilant as you read through your business emails these days. Cyber attackers are growing more tenacious in their use of corporate email systems to plant malware on networks. Here are a couple of proof points. Symantec recently posted an article on its Security Response blog about attackers behind malicious spam...

Read more

'Twas the Night Before Payday

Enjoy a little bit of Holiday Fun!  Watch the Video   'Twas the night before payday, when all through the net Most attackers were stirring, increasing the threat. Tomorrow’s targets were chosen, sighted in their crosshairs, In hopes the victims, soon would be theirs.   Evading the law, and even the...

Read more

The DDoS myth about the firewall and the IPS

It is about time we put an end to the myths that often come up when choosing a network security solution to protect against distributed denial of service (DDoS) attacks.  We'll take a look at a couple of common myths, namely: Myth #1: An IPS can protect against Distributed Denial of Service (DDoS) attacks Myth #2: A...

Read more

What Does a DDoS Attack Really Cost? It Depends...

In a recently released report companies estimated the average cost of a successful DDoS attack – one that actually disrupts a target's business – is $40,000 per hour. $40,000 per hour. It's a nice composite number that is easy to present to management when you need to justify a budget for preparing for the potential of a...

Read more

Insights from the FBI on Fighting Cyber Crime

If your company experienced an IT security breach, would you contact law enforcement? According to an unofficial poll by the FBI and Trend Micro, about 60% of people said yes. I'd venture to guess that a portion of that 60% would only report the incident because some law or industry regulation requires them to do so.

Read more

Increased use of Intelligent, Adaptive DDoS Attack Techniques

Many equate DDoS with only one type of attack vector – volumetric. It is not surprising, as these high bandwidth consuming attacks seem to frequent the headlines most often. Volumetric DDoS attacks are easier to identify, and defend against with on-premises or cloud anti-DDoS solutions, or a combination of both. Recently, Corero Network...

Read more

One More Type of Cyber Attack to Worry About: Redialing for Dollars—Your Dollars

Attention company cyber sleuths: here's one more type of cyber attack that criminals are using to steal billions of dollars a year, mostly from small businesses. Keep your eyes open for this one and read the phone bill closely.   An article in The New York Times details how hackers are using phone networks to direct businesses'...

Read more

SSDP Amplified Attacks, a Sitting Duck against Sophisticated DDoS Analytics

The craftiness of cyber attackers never ceases to amaze me and now a new kid on the block has emerged – the SSDP Reflective/Amplified DDoS attack.   Many people may wonder what SSDP is.  SSDP otherwise known as the Simple Service Discovery Protocol is a network based protocol used for the advertisement and discovery of network...

Read more

Looking for a job? Cyber Aces is hosting another National Cybersecurity Career Fair in November

Last spring I wrote about Cyber Aces hosting its first National Cybersecurity Career Fair (NCCF).  Cyber Aces is a non-profit organization dedicated to identifying and encouraging individuals with an aptitude for information security to refine their skills and talent. One of the organization's missions is to grow the cybersecurity...

Read more

Using sFlow for Security Analytics

sFlow (sampled flow) is a scalable protocol for statistical monitoring of a network.  When used for security monitoring, it can provide valuable insight for establishing baseline behavior and identifying deviations from the baseline.  Security administrators can be alerted when an anomaly is detected and investigate whether new security...

Read more

Software developers get SWAMP'ed, and that's good for software security assurance

October is National Cyber Security Awareness Month. The theme of this week's awareness messaging is how to build secure software products, and we've got a great tip on how you can do that. If you look at the evolution of software, it has changed quite a bit over the last 20 to 25 years. Software is more complex than ever, and the size...

Read more

Shellshock – Picking up the Pieces

4.1 million. That’s the number of news items, blogs, webpages, reports, and opinion articles related to the recently discovered ‘Shellshock’ (Bash) vulnerability that were matched via a quick Google search for ‘Shellshock bash bug’ this morning. There’s no denying that this vulnerability is one of the...

Read more

49½ pounds of DDoS attack visibility

Why is visibility important? The answer is an easy one to deliver. When you’re under a DDoS attack or when one of your customers comes under attack, “end-point pipe” visibility is the key to quick mitigation. You cannot proactively defend a network if you cannot detect, analyze and respond to the attack and this level of visibility is critical to proper DDoS protection.

Read more

SANS Institute's Webcast on Shellshock is Worth Watching

On September 25, Alan Paller, the Director of Research for the SANS Institute, sent out a FLASH report about the vulnerabilities involving Bash. This report has some very good information for security practitioners that is worth repeating here. The vulnerability, dubbed Shellshock, affects the Bash command processor which is used in most Linux...

Read more

D'oh! Get Your Hammer and Your Payment Card Hacked at "the Homer Depot"

By now the news of the massive payment card data breach at the Home Depot is well known. The company has acknowledged the theft of an estimated 56 million debit and credit card numbers, making it the largest retail breach on record. In a September 18 press release confirming the breach, the merchant says malware discovered on its systems...

Read more

Corero is growing - do you have the skills to be a part of the team?

Conversations recently overhead in the busy hallways of the Cambridge Innovation Center (CIC) include the number of in-flight projects being pursued by a single entrepreneur(60+!), a business plan for a(nother) new startup mining Facebook images, and the next international gig to be social media-enabled by another busy team.  And starting...

Read more

NATO Nations work to level the playing field in response to cyber attacks

It has been interesting to see news recently of a NATO agreement that indicated that member states would now come to each other’s aid in the event of digital attacks as well as in the case of military attacks.  This newly signed deal reaffirms that cyber defense is now, more than ever critical component to a Nation’s comprehensive...

Read more

Promoting Voyeurism in the Name of Marketing and Advertising

About the same time the story about the celebrity photo hacking incident broke, I read another disturbing article that does not bode well for personal privacy. San Francisco tech blogger Wendy Lee wrote about advertisers trolling through personal photos that people are posting to social media sites to learn more about their customers. How creepy...

Read more

When Trends Collide: Data Collectors Are Gathering Information from Smartphones Used for BYOD

I had an interesting conversation the other day with Rob Shavell, the co-founder and CEO of the online privacy company Abine. We talked about two big trends in mobile computing and what happens as a consequence of their intersection. This collision of trends could have big implications for companies that permit employees to use their...

Read more

Passwords Are Like Underwear—They Aren't Meant to Be Shared

In the world of IT security, perhaps nothing is so maligned as the humble computer password. End users hate jumping through hoops to create and remember complex passwords that contain letters, numbers and special characters. IT security professionals complain that end users ignore corporate policy and create obvious passwords like, well,...

Read more

Boost Your Security Posture through Membership in an Industry Information Sharing and Analysis Center (ISAC)

It's a huge responsibility to try to ensure cyber security for an organization, regardless of its size. Few companies would say they have the full complement of resources they would like to have in order to properly protect themselves from cyber threats. On the belief that there is strength in numbers, many organizations are joining an...

Read more

Six Common Sense Steps from the FFIEC to Address DDoS Attacks

Who can forget the series of distributed denial of service (DDoS) attacks on American banks back in 2012 and 2013? Some of the attacks were highly effective in knocking online banking services offline for days at a time. Over time, financial institutions (FIs) learned to bolster their defenses until the attacks grew less and less effective at...

Read more

Why Prompt Breach Notification Is Important

In a blog post last April, I wrote about a merchant that waited up to a year to notify customers that their payment card information may have been compromised in a breach. There were extenuating circumstances; the federal authorities investigating the breach asked the merchant to stay silent about the incident during the lengthy investigation. The...

Read more

Specially Crafted Packet DoS Attacks, Here We Go Again

One of the unique types of Denial of Service (DoS) attacks involves the usage of specially-crafted packets.  Most cybersecurity professionals are already familiar with volumetric and amplified DDoS attacks, but more recent attention has been surrounding fragmented and application-layer DDoS attacks. However, few understand what a...

Read more

Considering Standards Security

The Internet Engineering Task Force (IETF) Request for Comments (RFCs) are required by RFC 2223, Instructions to RFC Authors, to have a section titled “Security Considerations” that is supposed to call out any special security implications relating to the protocol itself or to the networking infrastructure around it. Unfortunately, the...

Read more

Why Do We Call It Cyber Crime If We Don't Treat It Like a Crime?

My subdivision outside of Houston, Texas has a monthly newsletter, and one of the features is the neighborhood police patrol report. It's mostly stuff like items being taken from unlocked cars or suspicious people or vehicles in the neighborhood. Every now and then someone reports identity theft or fraudulent charges on their credit card. I...

Read more

Why Would a Cute Little Slow Loris Take Down a Web Server?

You've heard of the "infinite monkey theorem," which states that if you put a hundred monkeys in a room with a bunch of keyboards they will eventually type the works of Shakespeare. Is it possible that another little primate, the incredibly cute slow loris, is capable of taking down web servers with a clever type of denial of service...

Read more

For Sale: Practically All the Details of Your Personal Life

When documents released by Edward Snowden showed that the National Security Agency (NSA) is collecting various types of data on ordinary American citizens, a lot of people were quick to voice their opinion that this is just wrong. Many Americans don’t believe our federal government should be able to snoop on us to learn who we choose to call...

Read more

Cash is King!

As early as 2005, government and other Internet security experts were openly discussing the concept of ‘Maybe the Cloud Can Help Secure the Internet’.  Should the ISPs, Hosting Providers, Colocation and other bandwidth providers get involved in helping to secure the Internet? According to an article still floating around the...

Read more

Here’s Why Even Official Public App Stores Can’t Be Trusted

Here’s Why Even Official Public App Stores Can’t Be Trusted One of the first rules of protecting end user devices has always been “Install anti-virus software and keep it up to date.” Even as people have shifted from laptops and desktops to more mobile devices like smart phones and tablets, security experts advise...

Read more

How to Get More Value from Your Vulnerability Assessments and Penetration Testing

A lot of companies do vulnerability assessments and penetration testing of their own systems to try to head off cyber attacks. Some companies are compelled to do annual pen testing because of regulations that govern their business. Regardless of the reasons for doing the testing, companies are spending good money on the process and should look for...

Read more

Best Common Practice - 38, Perhaps Wise Beyond Its Years

Best Common Practice - 38, Perhaps Wise Beyond Its Years Perhaps a little known fact in the inner workings of what we know as the World Wide Web, is that ability to spoof Service Provider source IP addresses and send traffic into the Internet using a fake or pseudo IP address is quite a common practice. Most often used for malicious purposes...

Read more

The Oxymoronic Notion of “Online Privacy”: When Information is Too Private for a Search Engine to Display

There was a ruling by the Court of Justice of the European Union this week, and it’s causing quite a bit of controversy on the U.S. side of the pond. The ruling has to do with online privacy and the obligation of Internet search engine operators to respect individuals’ privacy by not displaying specific search results if requested to...

Read more

The State of PCI Compliance in 2014: Getting Better but Still Insufficient

2014 marks the 10-year anniversary of the Payment Card Industry Data Security Standards (PCI DSS). It is also the year that version 3.0 of the set of security standards was released. All merchants who accept credit and debit cards as a form of payment should now be upgrading their systems to meet the new higher standards of PCI DSS 3.0. There...

Read more

ISACA Launches Cybersecurity Nexus, a Comprehensive Program for Information Security Professionals

A few weeks ago I wrote about an opportunity for entry-level information security (infosec) professionals to get some training and “skill up” for their careers. Now there is a new option for people coming into the infosec profession. Today ISACA is launching a comprehensive new program called Cybersecurity Nexus (CSX).

Read more

What’s Needed Now: Supply Chain Integrity Testing

Listen up, all you security experts who want to be an entrepreneur! John Pescatore, the SANS Institute Director of Emerging Security Trends, sees an opportunity for the Next Big Thing in tech security. In Pescatore’s view, there’s a growing need for supply chain integrity testing. In the wake of all the digital spying revelations...

Read more

Who Are Breach Disclosure Laws Meant to Protect? One Merchant Held up Notifications for More Than a Year at the Request of Federal Authorities

I live in Texas, and there’s a regional retailer that has just announced a data breach that is believed to have affected more than half a million customers. The announcement is controversial because the company, Spec’s, supposedly knew about the theft of payment card data almost a year ago and is just now telling customers. As you...

Read more

Who Is Reading Your Email, and for What Purpose?

Thanks to the NSA, so much attention has been on the fact that the federal government is collecting metadata about our phone calls that we have taken our eyes off what’s happening on the email front. There have been a few stark reminders in the news recently that email isn’t private and we shouldn’t use it to transmit sensitive...

Read more

Cybersecurity Professionals Are in Big Demand as Staffing Shortages Hit Critical Levels

In a previous blog post I talked about the upcoming National Cybersecurity Career Fair (NCCF) this June 18 and 19, 2014. NCCF is an innovative virtual meeting place for the top cybersecurity employers and entry to mid level cybersecurity jobseekers in the United States. It turns out that this job fair is desperately needed by employers in...

Read more

DDoS Attacks - A Mainstream Occurrence and Disruption to Your Business

Corero recently partnered with John Pescatore, Director of Emerging Security Trends with the SANS Institute in developing a survey program designed to shed more light on organizations’ experiences with DDoS attacks. What we uncovered does not come as a surprise to those well entrenched in the DDoS defense space. The results continue...

Read more

National Cybersecurity Career Fair in June Will Connect Employers to Entry Level Cybersecurity Workers

Do you know anyone who is an aspiring cyber security professional? Here is some important information to pass along to help them get their career started. This is also big news if your organization is looking to recruit entry-level people for IT security positions. Coming up this June 18 and 19, 2014, Cyber Aces is presenting the first National...

Read more

Vulnerable WordPress Servers, A Real Cause for Concern

Attacks against, and attacks used to manipulate WordPress servers have been seeing more of their fair share of publicity over the last several months.  As we dig a little deeper into the two attack scenarios, a few key points come to light. In the spring of 2013 many WordPress servers located in both Hosting Centers and DMZs throughout the...

Read more

Cybersecurity in the U.S. Healthcare System is in Critical Condition and Needs Intensive Care

Last fall my husband was visiting a relative in the hospital when he noticed an Ethernet port on the side of the bed. He asked the nurse what the hospital uses the port for. She explained that they occasionally connect patient-monitoring devices to the port on the bed to facilitate transmission of alerts to the nurses’ station. For example,...

Read more

Hacking Attacks are Practically Guaranteed at the Sochi Olympics

The winter Olympics get underway in Sochi, Russia this week, and most of the attention about security has been focused on physical security and the potential for acts of terrorism. Russian President Putin has promised a “ring of steel” around the Olympic venues to provide a high level of physical safety for the athletes and tens of...

Read more

The Role of Service Providers in Strengthening the Nation’s Cybersecurity

In November 2013, the President’s Council of Advisors on Science and Technology (PCAST) submitted a public report to U.S. President Barack Obama. The report, Immediate Opportunities for Strengthening the Nation’s Cybersecurity, provides key insights from a more comprehensive but classified assessment of the Nation’s cybersecurity...

Read more

What’s in that Refrigerator—Fish or Phish?

Well, here’s a switch. Usually televisions are bringing crap into our households. Now experts have learned that some smart TVs have been sending crap (in the form of spam) out of their owners’ houses. A recent press release from Proofpoint, Inc. details how the security service provider uncovered an Internet of Things (IoT) based...

Read more

Federal Investigators Warn Retailers: If You Have a POS System in Operation, You May be at Risk

Hang on to your credit cards and start checking your free credit reports:  The latest news about retail breaches is not good.

Read more

LinkedIn Admits Being Inundated with Fake Accounts – Could that Portend a Wave of Social Engineering Attacks?

I’ve never been a fan of social media. There’s something very unnerving to me about putting personal or private information about yourself online for anyone to see. Don’t try to tell me that you can adjust who sees your content with security settings; I don’t believe for a minute that privacy settings actually keep your...

Read more

Survey Shows that Small Merchants Exhibit Lax Security Practices and Put Consumers’ Financial Data at Risk

Ever since news of the Target breach broke a few weeks ago, everyone from security experts to concerned consumers have been hyper-sensitive to what’s happening in retail security. If it’s true that 110 million consumers had their financial account data compromised in that one breach alone, it’s no wonder many of us are fearful...

Read more

Six Ways that Most Companies Shortchange Their Enterprise Security

I recently had a conversation with Michael Sutton, vice president of security research for Zscaler and head of Zscaler ThreatLabZ. We talked about where many organizations are falling short today in defending against current threats and especially the more dangerous advanced persistent threats. I’ve singled out six common shortcomings that...

Read more

Attack of the Month Video Blog Series: Reflective (Amplified) DDoS Attacks

Happy New Year everyone! I'm pleased to kick off 2014 with another dynamic video blog post. Today's video discusses the real threat of Reflective, or as some call them, Amplified DDoS Attacks.  As you may recall from our initial v-blog post the goal for these 5 minute sessions is to dissect and analyze a specific attack type each...

Read more

Considering a Master’s Degree Program? Look to the SANS Technology Institute for a Fully Accredited Program Focused Solely on Cybersecurity

If you are an IT security professional and you’ve been thinking about going back to school to earn a master’s degree, the SANS Technology Institute (STI) master degree program might now be a more attractive choice for you. The graduate institution is now fully accredited by The Middle States Commission of Higher Education, an...

Read more

Two DDoS Attackers are Given 5 Year Jail Terms for Blackmail, Unauthorized Impairment of Computers

Polish computer programmers Patryk Surmacki and Piotr Smirnow were recently sentenced to 5 years and 4 months in jail for perpetrating a blackmail scheme that also involved the use of a DDoS attack as intimidation. Prior to sentencing, the pair plead guilty to blackmail and they admitted to conspiracy to access, use and impair computers without...

Read more

Take the SANS Institute’s Holiday Hacking Challenge: It’s a Hackerful Life

The long holiday season is here, and if you’re one of the lucky ones, you probably have a few days off from the grind you call work. When you’ve had enough of your kids’ over excitement and your relatives’ overstaying their welcome, why not steal away by yourself for a few hours and work on the SANS Institute’s 10th...

Read more

Guilty Pleas for 13 People Involved in a PayPal DDoS Attack, and a (Strange) Call for Leniency from the Founder of PayPal’s Parent Company

On December 6, thirteen defendants pleaded guilty in U.S. federal court to charges related to their involvement in the cyber-attack of PayPal’s website as part of the group Anonymous. In pleading guilty, the defendants admitted to carrying out a Distributed Denial of Service (DDoS) attack against PayPal in December 2010. Ten of the...

Read more

Tech Titans Want Governments to Reform Their Data Surveillance Practices

The data titans of Silicon Valley have said, “Enough is enough!” A coalition of the world’s leading tech companies is asking for the U.S. and other national governments to put a stop to unfettered data collection and surveillance and other practices that inhibit the free movement of lawful data around the globe.

Read more

Attack of the Month Video Blog Series: Pre-Attack Recon Scans

I'm pleased to introduce myself to the Security Bistro community and hope that you welcome this video blog with open arms. The Corero Network Security team and I are excited to introduce a reoccurring  monthly video post that aims to dissect and analyze the various cyber attack types that are infiltrating network environments across the...

Read more

Consumer Electronics Manufacturer LG Has a Reprehensible Privacy Policy

I came across a blog post the other day that really angers me. British IT consultant Jason Huntley wrote the detailed article LG Smart TVs logging USB filenames and viewing info to LG servers in mid November. He outlines how he discovered that his LG brand smart TV was collecting private data about his viewing habits and using it to serve...

Read more

Malware as Performance Art? OpenDNS Shows the Dangerous “Dance” of Cryptolocker

By now practically every information security professional and thousands of unfortunate victims are aware of CryptoLocker, the dangerous malware that encrypts all of a victim’s files and holds them for ransom. Security experts say it’s relatively easy to remove the malware itself but the damage is done when entire file systems cannot...

Read more

Finally, a Detailed Set of Cybersecurity Guidelines for SMBs (But Enterprises Can Use Them Too)

Small and medium businesses (SMBs) often don’t pay enough attention to cybersecurity, but they are no less vulnerable than their enterprise counterparts are to data breaches and attacks. In fact, attackers might consider SMBs to be an easier path into larger enterprises that are the real target. In his blog post “Are Small Business...

Read more

The National Computer Forensics Institute Trains U.S. Law Enforcement Professionals on Digital Evidence

In 2011, young mother Casey Anthony went on trial for the murder of her two year old daughter Caylee. You may recall some of the lurid details from the case. In June 2008, the mother reported her child as missing. Caylee’s skeletal remains were found by a utility worker in December 2008. Prosecutors felt they had enough evidence to charge...

Read more

Nobody Reads Terms and Conditions, Do They? Pay Attention To What You Agree To!

Recently I needed to download some software to my PC and, being the security-conscious person that I am, I made an attempt to read the software provider’s terms and conditions (T’s & C’s). I’ll admit that I got just so far in really reading the script. Then I started skimming the words, and then skipping entire...

Read more

A Lesson in Social Engineering: How a “Security-aware” Organization Was Completely Duped

There is a must-read article published IDG News Service and posted to Network World. (See Fake social media ID duped security-aware IT guys.) This is the story of how security experts conducting penetration tests of an unnamed European organization used a very convincing but very fake social media persona to infiltrate the targeted organization....

Read more

Official Memo Says the Lack of End-To-End Testing Poses “A High Risk” for the Federal Healthcare Exchange

In an earlier post, I speculated that the systems behind the healthcare exchange marketplace known as the Federally Facilitated Marketplace (FFM) and hosted on Healthcare.gov were not tested end-to-end and could not be trusted to ensure data security and privacy. My speculation a few days ago is now totally confirmed by the people in...

Read more

What’s the Word From Healthcare.gov? “Trust Us With Your Most Sensitive Data.”

Healthcare.gov, the website for the Affordable Care Act, has been in the news a lot this month. Ever since it was launched to the public on October 1, it has been riddled with performance problems. Administration officials have stated that the issues stem from the sheer complexity of a system that is being asked to do so much. I’m not...

Read more

Gartner VP Confirms DDoS Attacks Were Used as Smoke Screens to Hide Financial Fraud

In an article posted on BankInfoSecurity.com, Gartner Research vice president Avivah Litan confirms that some of the DDoS attacks that have rippled through the banking industry over the past year have been a cover-up for fraud. While bank cyber security personnel were distracted in combating the denial of service attacks, hackers were busy...

Read more

There’s a Bidding War For People With Good Cyber Security Skills

If you are a cyber security expert – or you are on your way to becoming one – you’d better stock up on Ray-Bans. Your future is so bright, you’re going to need them. According to an article published by NBC News, there is a global shortage of skilled cyber security professionals.     The...

Read more

The Global Industrial Cyber Security Professional Certification (GICSP) is Launching in November

There’s an important new cyber security certification coming to market at the end of November. I recently talked to Mike Assante of SANS Institute and Scott Cassity of Global Information Assurance Certification (GIAC) to get the details because I think there will be tremendous interest worldwide in this certification and the associated...

Read more

New Windows 8.1 Security Improvements Help Protect Against Pass the Hash Attacks

This National Cyber Security Awareness month, we’d like to congratulate and thank Microsoft on their efforts to block Pass the Hash cyber-attacks. Known by Microsoft as “one of the most popular types of credential theft and reuse attacks,” Pass the Hash attacks are known for their ability to infiltrate full networks within...

Read more

National Cybersecurity Awareness Month: The Government Agency Behind it Can’t Participate at This Time

Oh, the irony. I don’t know whether to laugh or cry. October is National Cybersecurity Awareness Month. This is the month that the U.S. federal government wants us all to take responsibility for cyber security. Public companies, private companies, individual consumers, government agencies, institutions of every ilk, hardware and software...

Read more

Cyber criminals increasingly use advanced methods to implement attack vectors

European Union Agency for Network and Information Security (ENSIA) recently launched their Mid-Year 2013 Threat Landscape report, a sneak peek into what’s to come in the full ENISA Threat Landscape report to be published before the end of 2013. The brief summary gives readers a bit of insight into the changes in trends since the 2012...

Read more

PCI-DSS 3.0: Will it Successfully Address Compliant Insecurity?

I and many others have been saying for a long time that being compliant with a regulation or industry mandate does not make a computing environment secure. There are numerous reasons this is true, ranging from “the check list approach” to “not understanding the actual intent of specific compliance controls.”  This is...

Read more

Collateral Damage From the NSA Spying Debacle: Trust in U.S. IT Companies is Shattered

There’s an old proverb that goes something like this: Crap rolls downhill. (Well, the proverb uses an even more crude slang word instead of “crap,” but I’m trying to be polite here.) I think this proverb aptly applies to the fallout from Edward Snowden revealing secret details of government mass surveillance programs...

Read more

Lessons Learned From the Banking Industry DDoS Attacks: Good Advice Worth Heeding

Now that the banking industry has gone through four rounds of very public DDoS attacks, experts are looking at what happened to extract some “lessons learned” to turn this negative into a positive. Even if your business isn’t a financial institution, there’s good advice here that’s certainly worth...

Read more

Store Systems Security: Preparing for the Retail System and Security Paradigm Shift

I was in an Office Depot the other day. There was one person in line at the checkout counter and another customer approaching the line. Then a sales clerk intercepted the person heading toward the line and said, “I can help you right here, sir.” The clerk had a mobile device in her hands. She swiped the customer’s credit card,...

Read more

A Three-pronged Approach to Eliminating Phishing Emails, part 1

According to the Verizon 2012 Data Breach Investigations Report, more than 95% of the breaches Verizon investigated in recent years started with a phishing email. You know how it goes. A worker receives an email that looks perfectly legitimate. Maybe it appears to come from his bank, or from a shipping company he does business with. There’s...

Read more

A Three-pronged Approach to Eliminating Phishing Emails, part 2

In my previous article I outlined the first element of the three-pronged approach to eliminating phishing emails. This involves email service providers screening and rejecting spoofed emails based on explicit policies specified by legitimate email domains. About 85% of all ESPs already observe these policies when they are provided, so now the...

Read more

Sophisticated Attackers Combine E-mails With Phone Calls

Security vendor Symantec has given fresh details of a series of sophisticated cyber attacks targeting mainly French companies in which the criminals combine e-mail with voice calls to steal money. “These tactics, using an email followed up by a phone call using perfect French, are highly unusual and are a sign of aggressive social...

Read more

Here we go again. Another stolen laptop puts patient information at risk

It happened again—another doctor’s office, another stolen laptop laden with patient records. The Houston Chronicle is reporting that a laptop computer containing unencrypted information pertaining to nearly 600 patients has been stolen from the University of Texas Health Science Center at Houston. Sigh. When will they ever...

Read more

A new generation of IT security solutions for an evolving threat landscape

I recently had a chat with Manish Gupta, senior vice president of products at security vendor FireEye. Gupta described how the IT threat landscape has changed dramatically over the last three or four years, and how this has rendered legacy security solutions rather weak. This means that a new generation of IT security solutions has to be developed...

Read more

Chrome Has a Better Bug Catcher Than Mozilla

A study comparing two leading vulnerability rewards programs (VRPs) has found that the one offered by Google Chrome is working better than that run by Mozilla. The study, by Matthew Finifter, Devdatta Akhawe and David Wagner of the University of California, Berkeley, was presented this month at the USENIX Security Symposium in Washington,...

Read more

A must-read report for everyone involved in software development: “The State of Application Security"

If you have any role at all regarding security in the application development process – especially a leadership role that oversees development – you simply must read a new report by the Ponemon Institute and the application security company Security Innovation. You’ll find “The State of Application Security” here....

Read more

“Jekyll App” Beats IOS Security Measures

Researchers at Georgia Institute of Technology say they have developed what they call a “Jekyll app” for iOS devices that bypasses Apple’s security measures and can be used for a range of malicious purposes from sending tweets and dialing numbers to operating the camera. In a paper presented this month at the USENIX...

Read more

Google Encrypts All Data In Cloud Storage

Google Cloud Platform announced this week that it is now automatically encrypting all data before it is written to disk – but many users were skeptical about the security advantages. Dave Barth, Google Cloud product manager, said in a blog post the goal was to make it as painless as possible for users to secure their...

Read more

Dalai Lama’s Website Hacked

The Chinese-language website of Tibet’s exiled leader, the Dalai Lama, has been compromised in a “precisely targeted” watering-hole attack, a Kaspersky Labs researcher reported. Senior security researcher Kurt Baumgartner described the attack in his blog. “A snippet of code on the Central Tibetan Administration...

Read more

Gartner Sees Security Opportunity in Expanding Mobile Market

The proliferation of mobile devices is opening new opportunities for security vendors, but innovative approaches to the market are needed, Gartner Inc says in a new report. Ruggero Contu, research director at Gartner, says one of the challenges facing vendors is that consumer adoption and willingness to pay for antivirus software on mobile...

Read more

Lavabit, Silent Mail Close Down

Two secure e-mail services, Lavabit and Silent Mail, were closed down this week in what many observers called fall-out from the Edward Snowden leaks about NSA spying on communications. “I have been forced to make a difficult decision: to become complicit in crimes against the American people or walk away from nearly ten years of hard...

Read more

Thinking About How to Secure the Internet of Things (IoT)

Michael Cooney of Network World published a semi-silly article about malware affecting smart toilets that run the Android operating system. (See Just when you thought it was safe to go to the bathroom – toilet malware strikes.) The article reports that TrustWave SpiderLads issued a security bulletin to warn users of the...

Read more

Windows 8.1 Upgrades Security Measures

Software giant Microsoft has unveiled the new security measures in Windows 8.1, including fingerprint biometrics, multifactor authentication for BYODs and enhanced malware resistance. Dustin Ingalls, Group Program Manager for Windows Security & Identity, in a blog this week, listed the major features as trusted hardware, modern access...

Read more

Industrial Plants Can Be Disrupted With a Remote

The wireless control systems used at many major infrastructure facilities have vulnerabilities which could allow a hacker with a radio frequency (RF) transceiver to close down a plant from up to 40 miles away; two security researchers told the Black Hat convention in Las Vegas.

Read more

Don’t Believe Everything You Read

Lies, damned lies, and statistics – it’s a phrase that has been attributed to Mark Twain and former British Prime Minister Benjamin Disraeli, among others. Whoever it was that said it first, he could have been talking about vulnerability statistics.

Read more

Stock Exchanges Fear Cyber Threat is Growing

Researchers working in the securities sector have warned that stock exchanges around the world have become the targets of cyber-criminals and that the potential exists for attacks that would close down financial markets. The warning was made in a report issued this month (July 2013) by the International Organization of Securities Commissions...

Read more

Android Master Key Malware Surfaces in China

The first known malware to exploit the Android master key vulnerability described by BlueBox Security has been found in an application market based in China, a McAfee researcher reported this week. Mobile malware researcher Daisuke Nakajima said the app used the vulnerability to hide the malicious classes.dex from Android’s package...

Read more

I Spy With My Little Eye…A Scam!

If someone offered you the opportunity to secretly read your friends’ instant messages without being detected, would you want to do that? You could spy on your significant other, or your friends and coworkers—and no one would be the wiser. All you have to do is go to a discreet website and provide your cell phone number so you can...

Read more

Your Computer Has Been Locked! Pay Money Now if You Ever Want to Use Your PC Again!

Recently I got a phone call from a friend who told me her PC had popped up a big bold warning message that told her that a virus had been detected on her computer. She couldn't get the message to clear off of her PC—the computer seemed to be frozen. The message said that she could pay $39 to load software that would completely remove the...

Read more

What To Do When Ransomware Holds a PC Hostage

In my previous post, I talked about ransomware locking a user out from his PC. This article is geared toward the IT professional who may be called upon to attempt to unlock the PC and clean up the mess the malware leaves behind. For the advice below, I consulted with John Harrison, Group Manager at Symantec Security Response. His team is in the...

Read more

FBI Ransomware Could Be Generating Big Income

A new type of ransomeware that tries to fool victims using Macs or Windows into paying fines of $300 could be making its authors hundreds of thousands of dollars a day, according to a senior security researcher at Malwarebytes. Jerome Segura wrote in a blog that the scam displays a message purportedly from the FBI telling the user that his or...

Read more

Study Finds “Surprises” in Browser Warning Effectiveness

Computer users generally take note of browser warnings about unsafe websites, but up to 70 percent of Google Chrome’s SSL (secure socket layer) warnings fail to dissuade users from visiting a site, according to a recent study. The research on Chrome and Mozilla Firefox was conducted in May and June this year by Devdatta Akhawe of the...

Read more

Privacy Double Standard: You Can Track Online But Not On Foot

There’s an article in the New York Times about how retail stores are increasingly using technology to track customers’ movements and interests when they are physically in the stores. (Check out the article’s video to see some of this technology in action.) Stores use Wi-Fi signals from customers’ mobile phones to track...

Read more

Data encryption in the cloud is not enough to keep the feds from eying your data if they want to

The New York Times reported that Microsoft has collaborated with the National Security Agency (NSA)more extensively than it previously acknowledged. According to classified internal NSA newsletters that were disclosed by the former NSA contractor Edward Snowden, Microsoft has helped the NSA find ways to circumvent its encryption on its Outlook.com...

Read more

Def Con Asks Feds to Stay Away

In further fall-out from the Edward Snowden spying revelations, the organizers of the hacker's convention Def Con this week asked officials of the federal government to stay away from the event. In a post on the Def Con website, the founder of the event Jeff Moss said: “When it comes to sharing and socializing with feds, recent...

Read more

EDA Overreacts to Malware Scare

The Economic Development Administration (EDA) in Washington, D.C. physically destroyed computers and other IT equipment worth $170,000 in a comedy of errors sparked by a relatively harmless malware incident, according to an audit report. The report by the inspector general’s office in the Department of Commerce, released late last month,...

Read more

Don’t Write Your BYOD Policy from Scratch – Check Out These Samples to Jumpstart Your Own Policy

Whether or not your organization allows employees to use their personally owned devices to access corporate resources, you need to have a written policy that covers the acceptable use of mobile devices. This policy should clearly communicate to all employees what is, and is not, acceptable use of their smartphones, tablets and other mobile devices...

Read more

McAfee Says South Korea Is Cyber Espionage Target

The cyber attack on South Korean banks and media outlets in March was part of a wider four-year military espionage operation against the Seoul government, McAfee Labs said this week. In an analysis of a series of hacking attacks on South Korea since 2009, the security software company said the attackers used a remote-access Trojan to compromise...

Read more

Are You a Tim McGee Wannabe? Check Out the New Certified Cyber Forensics Professional Certification

If you’ve ever watched the TV show NCIS and thought how cool it would be to have a job like Tim McGee, the cyber forensics scientist, then I have good news for you. The International Information Systems Security Certification Consortium, Inc., (ISC) ², has recently announced the availability of a new certification, the Certified...

Read more

Researcher Says Vulnerability Affects Nearly Every Android Phone

Bluebox Security reported this week it had discovered a vulnerability affecting 99 percent of Android cell phones that allows a hacker to do anything from steal data to create a mobile botnet. “The implications are huge,” Bluebox chief technical officer Jeff Forristal said in a blog post “This vulnerability, around at...

Read more

Video Games Maker Says Website Hacked

Ubisoft, the video game developer and distributor, warned clients this week that its website had been hacked and urged all users to change their passwords. In a post on its website, the company said hackers had recently gained access to some of its online systems and stolen user names, e-mail addresses and encrypted passwords. "No...

Read more

Malware Pair Work in Tandem to Evade Removal

Microsoft has identified two separate forms of malware that work together on an infected computer to make it far more difficult to remove them. In a Malware Protection Center blog, Redmond anti-virus researcher Hyun Choi named the malware as Vobfus and Beebone. What makes them particularly troublesome is that they download updated versions...

Read more

Mobile Malware Follows the Money

Mobile malware mushroomed more than six-fold in the year ending in March, and the people behind it are increasingly behaving like calculating business professionals, a study from Juniper Networks says. “Similar to legitimate developers focused on the rise of mobile, cyber criminals are looking to maximize their return on investment with...

Read more

Step-By-Step Instructions to Implement DMARC in Your Organization, Part 2: Deploying the DMARC Record

In my previous article I covered the preliminary tasks that need to be done when you want to implement the DMARC standard to protect your email domain(s). This article gets into the meat of what to do for actual deployment. I’d like to thank Alec Peterson, CTO of Message Systems, for these step-by-step instructions. Remember that list of...

Read more

Step-By-Step Instructions to Implement DMARC in Your Organization, Part 1: Laying the Groundwork

A few weeks ago I wrote about a way to reduce the likelihood of having your company’s email domain abused by phishers. Alec Peterson of Message Systems and Sam Masiello of Groupon provided good information and advice for deploying the Domain-based Messaging, Authentication, Reporting and Conformance (DMARC) standard for your...

Read more

Next on the IT Security Horizon: Security Analytics

John Pescatore recently joined the SANS Institute as the Director of Emerging Security Trends. His entire 30+ year career has focused on IT security, which gives him a pretty interesting perspective on where we’ve been and where we’re headed. I talked to him recently about what’s on the horizon for IT security. Linda: ...

Read more

So, You Wanna Be a Penetration Tester?

Tips for Entering the Penetration Testing Field It’s an exciting time to be a professional penetration tester.  As malicious computer attackers amp up the number and magnitude of their breaches, the information security industry needs an enormous amount of help in proactively finding and resolving vulnerabilities.  Penetration...

Read more

Phishing Increased Nearly 90% Last Year, Kaspersky Says

The number of internet users worldwide reporting phishing attacks increased an astonishing 87 percent in the year ending April 30,  Kaspersky Lab said in a survey report.  It said 37.3 users reported phishing in the period, compared with 19.9 million in the previous 12 months. “For some time, phishing remained relatively...

Read more

Microsoft Launches Bounty Program To Fix Security Flaws

Microsoft this week announced that it would for the first time pay cash rewards directly to hackers who can demonstrate vulnerabilities in Windows and Internet Explorer – with “truly novel” techniques earning a possible $150,000. Katie Moussouris, a senior security strategist at the software giant, said the bounties were a...

Read more

Many WordPress Plugin Developers Don’t Build Tight Security into Their Code, Leaving Millions of Websites Vulnerable to Hacking

A new paradigm has taken root in the word of application development. These days we have a number of application “platforms” that are supported by marketplaces where hundreds or thousands of developers post their apps or plugins for download. Some of the world’s most popular platforms are Apple’s iOS, Google’s...

Read more

US And Russia Launch Cyber Threat ‘Hotline’

The Cold War 24-hour hotline established to prevent accidental nuclear war between the US and the then Soviet Union has been updated to deal with a modern risk – accidental cyber war. The White House, in a release this week, said the new use for the hot line was among the results of two years of talks between Washington and Moscow on...

Read more

Moving from Compliance to Risk-Based Security – Part 2

In my previous post, Moving from Compliance to Risk-Based Security - Part 1, I mentioned that I would share my discussions with two security executives who feel strongly about this topic. Both of them participated in the Wisegate CSO peer discussion documented in the report Moving From Compliance to Risk-Based Security. These experts clearly...

Read more

NSA Director Defends Surveillance Of Phones, Internet

The director of the National Security Agency, Gen. Keith Alexander, today (Tuesday June 18) defended US spying on phone calls and internet traffic, saying it had prevented some 50 terror attacks around the world.

Read more

Wall Street To Stage Cyber War Game

As concern mounts over cyber warfare between nations, major Wall Street firms will take part later this month in a simulated network disruption exercise aimed at testing their ability to respond to a widespread attack. The exercise, Quantum Dawn 2, has been organized by the Securities Industry and Financial Markets Association (Sifma) as a...

Read more

The Dark Side Of Covert Clouds

We know it happens all the time – employees want to get something done quickly, so they bypass the bureaucracy of their company’s IT department and with a couple of clicks go straight to the cloud. But by doing so, they greatly increase the risk of exposing the company’s network to malware. A recent survey of IT professionals...

Read more

Google Reports ‘Political’ Phishing Attacks In Iran

Phishing attacks in Iran have spiked dramatically in recent weeks and appear to be related to presidential elections in the country tomorrow (Friday June 14), Google said this week. Eric Grosse, vice president of security engineering, said in a blog post that over the last three weeks the company had detected and disrupted “multiple email-based...

Read more

PRISM Leaker Stirs US-China Cyber Feud

Edward Snowden, the source of the leaks about the US government’s PRISM cyber spying program,  claimed this week that the US has been hacking computers in China for at least four years.

Read more

Moving from Compliance to Risk-Based Security, Part 1

After 10 years of managing an IT audit function for an international energy company, I had the opportunity to head up their IT Strategy group that was charged with creating Organizational IT Security and Risk profiles and plans. The charge of this function was to annually evaluate organization-wide internal and external risk as it relates to...

Read more

Global Security Technology Market Seen Booming

Gartner analysts this week forecast that the worldwide security technology and services market would grow 8.7 percent this year to $67.2 billion as cyber threats become increasingly sophisticated and dangerous. The analysts, attending a Gartner summit on security and risk management at National Harbour, MD, said the market could grow to more...

Read more

Storm Over PRISM Leaks Widens

The saga of one of the most significant leaks of government information in recent US history has taken a new twist with the decision by the whistleblower – former CIA technical staffer  Edward Snowden – to go public.

Read more

US Government Angry Over Internet Spying Leaks

Director of National Intelligence  James Clapper has denounced leaks to The Washington Post and Guardian newspapers this week which revealed that his agency is spying on e-mails and other internet traffic obtained from nine major companies.

Read more

Microsoft, FBI Claim Success Against Citadel Botnets

Microsoft and the FBI have carried out a major operation against cyber criminals using Citadel malware, saying they disrupted more than 1,000 botnets responsible for about $500 million in financial fraud globally.

Read more

McAfee Report Cites Citadel Threat

Cyberspace grew both more dangerous and irritating in the first quarter of the year, according to McAfee Labs’ threat report for the period. In a report issued this week, the tech security company sounded a special warning about the Citadel Trojan, which has been updated to extract personal information from victims. “In the first...

Read more

Apple Users Warned of Charger Security Threat

If you thought your iPhone or iPad was relatively safe from being hacked, think again – researchers at Georgia Institute of Technology say they have found a way to infect them with malware using a simple-to-make USB charger.

Read more

Global Security Software Revenue Up 7.9 Percent in 2012

New cyber threats helped to boost global revenue from security software to $19.13 billion last year, a 7.9 percent increase from 2011 revenue of $17.73 billion, according to the IT research company Gartner, Inc. In a release issued this week, Gartner research director Ruggero Contu said the security market experienced increased demand for...

Read more

How Secure Are We At Home?

More and more Americans are installing home automation systems which, among other things, control physical access and security. If the list of topics at next month’s Black Hat conference is anything to go by, we should be getting nervous. Very nervous.

Read more

Hagel Accuses China of Cyber Attacks

Defense Secretary Chuck Hagel publicly accused the Chinese government and military at the weekend of carrying out cyber attacks and expressed Washington’s determination to work “vigorously” to keep cyberspace safe. The accusation was made in an address on Saturday to the Shangri-La security conference in Singapore, which...

Read more

Music, Light Used to Trigger Malware on Mobiles

Researchers at the University of Alabama at Birmingham say they have developed and tested malware that can be triggered on a smartphone using light, sound, magnetic fields or vibration – posing a critical new cyber-security threat. In a paper released this month at a cyber-security symposium in Hangzhou, China, the researchers said...

Read more

IT Security Professionals Speak Frankly about “Bring Your Own” Devices, Applications, Web Services, Cloud Storage and More

Sometimes the best learning opportunities are when IT security professionals sit around and talk to each other about their challenges, what they’ve tried for their own environments, what works and what doesn’t work. People need to talk to peers outside of their own organization to get a feel for what others are doing. This is the...

Read more

Syrian Hackers Attack Media, Israeli Infrastructure

Anonymous backers of Syrian President Bashar al-Assad have reportedly hacked the Twitter account of British broadcaster ITV and made a failed attempt to sabotage the water supply of Haifa in Israel. The attack on ITV last Friday took place just days after Twitter introduced its new “two-factor” authentication system in an attempt to...

Read more

Is your company vulnerable to a DNS amplification attack? Maybe, but it’s in the hands of your Internet connectivity provider

In the past few weeks, we’ve been hearing more about a type of DDoS attack called a DNS amplification attack. In sending out a general alert about this type of attack, the U.S. Computer Emergency Readiness Team (US-CERT) defined the problem as follows:   The basic attack technique consists of an attacker sending a DNS...

Read more

Small Is Beautiful for Cyber Criminals

Hackers are increasingly targeting small companies for cyber-attack and the amount of malware directed at mobile operating systems is rapidly escalating, according to Symantec’s Internet Security Threat Report for 2012. The report, issued last month, said half of all targeted attacks last year were aimed at businesses with fewer than...

Read more

Commission Calls For ‘Aggressive’ Anti-Hack Laws

A high-level commission into the theft of US intellectual property (IP) has made wide-reaching recommendations on tightening cybersecurity, including “aggressive” changes to the law to bring it  up to date with rapidly evolving computer crime. The Commission on the Theft of American Intellectual Property, chaired by former...

Read more

Stuxnet May Have Been a Flop, Report Says

A new report published by a respected British think tank has challenged the conventional wisdom that the Stuxnet worm was a major setback to Iran’s nuclear ambitions. Ivanka Barzashka, a researcher in the Department of War Studies at King’s College London, said in the  report  – based largely on data from the...

Read more

Cyber Attacks on Critical Infrastructure Could Cause Disaster

Critical infrastructure in the US –  including the energy sector with its nuclear power facilities – is increasingly coming under cyber attack from hostile nations and a range of other hackers, with potentially disastrous consequences. The warning was issued earlier this month by Charles Edwards, deputy inspector general of the...

Read more

Possible Stuxnet Defense Developed

Researchers at North Carolina State University (NCSU) have developed an innovative way of protecting networked control systems from cyber attack – raising the possibility of a defense against Stuxnet-type sabotage. A release from NCSU (http://news.ncsu.edu/releases/wms-chow-dncs/) said Dr. Mo-Yuen Chow and PhD student Wente Zeng had...

Read more

Yahoo to Buy Tumblr, Vows Not to Screw It Up

Internet pioneer Yahoo! Inc. announced today (Monday) it was buying Tumblr for $1.1-billion in an acquisition that some analysts were quick to criticize as holding little value for Yahoo shareholders. Tumblr founder David Karp, a 26-year-old high-school dropout, will make about $250-million from the deal, according to the New York Times. A...

Read more

On Your DMARC, Get Set, Go! Putting Integrity into Your Email Security Policy, Part 2

In Part 1 of this post about the DMARC (Domain-based Message Authentication, Reporting and Conformance) standards for digital messaging integrity, Alec Peterson of Message Systems and Sam Masiello of Groupon, both representing DMARC.org, gave us great information about the new technical specification designed to reduce the phishing abuse of known...

Read more

Incapsula: Wordpress Default Setting Opens up Sites to DDoS Exploit

Popular content management system Wordpress is harboring a default setting that is making is susceptible to compromise, according to recent research. Gur Shatz, CEO of IT security vendor Incapsula, wrote in a blog post that a recent Distributed Denial of Service (DDoS) attack mitigated by his firm exposed this vulnerability.

Read more

On Your DMARC, Get Set, Go! Putting Integrity into Your Email Security Policy, Part 1

What are you doing to make the integrity of your corporate email/messaging an integral part of your information security policy? If you don’t have a definitive answer for this question, then read on. I’ve got some great advice from experts on the topic that you can take action on today to protect your company’s brand. I...

Read more

APWG: Nearly Half of All Phishing Attacks Leveraged Hacked Hosting Providers

Hacked hosting providers are becoming a fertile launch pad for new phishing attacks, accounting for nearly half of all phishing incidents during the second half of 2012, according to new research from the Anti-Phishing Working Group (APWG). The fact that these phishing attacks are increasing is not surprising, since based on earlier reports...

Read more

FSOC: Financial Regulators Warn of Ongoing Cyber Attacks

The federal government issued a strong warning to the financial services sector: Beware of cyber threats, according to the recently released 2012 Financial Stability Oversight Council (FSOC) report. The FSOC report, which fulfills a Congressional mandate to describe "significant financial market and regulatory developments, analyze...

Read more

What’s Needed to Leave Your Leather Wallet at Home and Pay with Your Mobile Wallet Instead—We’re Almost There

At a recent stop at Starbucks, I pulled out my iPhone and held it up for the counter clerk to scan. With a quick beep, I paid for my frothy cold drink and put my phone back in my purse. A few customers in line behind me were intrigued by this and asked me how I used my phone to pay. I showed them the Starbucks mobile app and told them it only...

Read more

Companies Know the BYOD Risk, Yet Most Still Allow It: Symantec

Despite the security risks involved in bringing personal technology into the workplace (BYOD), many employers believe that the benefits of allowing workers to use their own devices far outweigh the potential pitfalls, according to a recent Symantec survey. The survey, which polled 236 attendees of the recent Symantec Vision conference on how...

Read more

Trojans Account for Nearly 80 Percent of All Computer Infections Worldwide: Report

Trojans are still the cyber criminals delivery mechanism of choice accounting for nearly three out of every four new malware samples in circulation, according to a new report. Panda Security’s anti-malware laboratory, PandaLabs, analyzed IT security events and incidents from January through March 2013. Despite their inability to...

Read more

"Community Defense" For a Safer Internet

Early identification of attacks across a community of Web applications can significantly improve the effectiveness of application security, according to the latest Imperva Hacker Intelligence Initiative report. The report, "Get What You Give: The Value of Shared Threat Intelligence," analyzed real-world attack traffic against 60 web...

Read more

Verizon: "No Organization is Immune to a Data Breach in this Day and Age"

Opportunistic attacks, the majority of which were financially motivated, were far and away the biggest threat source of 2012, accounting for 75 percent of all breaches analyzed in the latest Verizon Data Breach Investigations Report (DBIR). State-affiliated cyberespionage campaigns held the number two breach spot, accounting for 20 percent of...

Read more

Small, but Mighty: Three-Quarters of DDoS Attacks Less Than 100 Mbps

More than a third of companies endured a disruptive attack last year, according to a new survey [pdf]. Thirty-five percent of those surveyed across industries dealt with at least one Distributed Denial of Service (DDoS) incident, with attacks on the retail sector seeing the largest year-to-year increase (16 percent to 39 percent), making for a...

Read more

Solutionary: North Korea Cyberattack Activity Boomed in February

February saw a significant jump in cyber attack activity emanating from North Korea, according to recent analysis. IT security vendor Solutionary found that “touches”-- a known reconnaissance, an overt external attack or the attempted exfiltration of data -- from North Korean IP addresses spiked during the month of February....

Read more

Not Just for PCs Anymore, Malware is Showing up on Offshore Drilling Rigs

I live in Houston, Texas, the undisputed Energy Capital of the World. Houston has an entire area of town nicknamed the Energy Corridor where numerous oil and gas companies have their headquarters, or at the very least, a major presence. Within those gleaming towers, geologists, chemists, engineers and a host of other highly educated professionals...

Read more

Survey: Consumers Not Pleased with Current Online Authentication Process

When it comes to online business, the traditional username/password authentication process generates plenty of consumer frustration, according to a new survey by the Ponemon Institute. Roughly 50 percent of respondents in the Ponemon survey, "Moving Beyond Passwords: Consumer Attitudes on Online Authentication," were either...

Read more

Insider Threats Are Top of Mind With Security Pros, Not With the Enterprise

It's the Devil you know. Insider threats are a major security concern for security professionals, yet management is not always taking the proper steps to mitigate -- or even acknowledge -- risk, according to the findings of two recent surveys. IT security vendor AlgoSec polled 179 information security and network operations professionals...

Read more

There’s BadNews, and There’s Really Bad News

By now you’ve probably heard about BadNews, a malware family that is targeting Android phones. In a blog post of April 19, the security firm Lookout reported that it had discovered BadNews in 32 apps across 4 different developer accounts in Google Play. Lookout reported its findings to Google, and the apps (and developers) have subsequently been removed from the app store—but not before millions of people downloaded the affected applications.

Read more

Flooded: DDoS Bandwidth Increased 700 Percent During Q1 2013

The DDoS tidal wave continues to grow. The average Distributed Denial of Service (DDoS) attack bandwidth totaled 48.25 Gbps in the first quarter of 2013, a 718% increase over last quarter, and the average packet-per-second rate reached 32.4 million, according to a new report by DDoS defense provider Prolexic. Prolexic culled data from their...

Read more

Game "Hacks" Could Leave You Vulnerable to an Even Bigger Hack

If you're looking to "hack" your way towards a better video game score OR tempted to download a copy of the latest title through your friendly neighborhood file-sharing service, don't bother. It's almost certainly loaded with malware, according to new research. Anti-virus provider AVG analyzed scores of such hacks and...

Read more

NQ Mobile: 95 Percent Of All Mobile Malware Afflicts Android OS

Mobile malware threats increased 163% to more than 65,000 in 2012, according to a new report by NQ Mobile. This huge year-to-year spike in threats are mostly impacting a single operating system, with nearly 95 percent of all mobile malware discovered in 2012 targeting the Android OS, according to NQ Mobile, its 2012 Security Report is based on...

Read more

Cybersecurity Bill Passes House, Faces Uncertain Future in Senate

Despite White House protestations and a threatened veto [PDF], the House of Representatives passed the Cyber Intelligence Sharing and Protection Act (CISPA) Thursday by a comfortable 288 - 127 margin (17 members did not issue a vote). The primary aim of CISPA is to encourage corporate and public sector information sharing that could help defeat...

Read more

Anonymous' DDoS Attack Against Israel Leverages Botnet Network

Botnets were responsible for the recent cyber attack aimed at Israel, according to a review of the incident from Trend Micro. On April 7, the hacktivist group Anonymous reportedly began a targeted Distributed Denial of Service (DDoS) campaign against various Israeli websites i/blog/wp-admin/post.php?post=6834&action=editn retaliation for...

Read more

From US-CERT: Tips To Avoid Becoming A Victim Of Spear Phishing

We’ve often reported that spear phishing is a favorite technique that attackers use to plant malware or otherwise gain unauthorized access to networks. Now the Industrial Control Systems Cyber Emergency Response Team (ICS-CERT), which is part of the Department of Homeland Security, reports on a spear phishing campaign in which the attackers...

Read more

Cybercrimes of Opportunity in Wake of Busy News Week

Tragedy tends to bring out the best in the human spirit, but to those without a moral compass, it can mean opportunity. The recent Boston Marathon bombing has apparently brought out cyber criminals looking to take advantage of a wounded public’s need to know, generating a massive spam and malware campaign. Michael Molsner, a regional...

Read more

Report: SMBs Being Battered By Targeted Threats

Symantec's newly released Internet Security Threat Report found that there was a 42 percent rise during 2012 in targeted attacks in comparison to the previous year. SMBs -- companies with fewer than 250 employees -- were particularly impacted by this spike in cybercrime, finding themselves on the receiving end of 31 percent of all targeted...

Read more

UK-Based IT Managers Increasingly Concerned About DDoS: Survey

Of all of the threats in the cyber criminals toolkit, the Distributed Denial of Service (DDoS) attack continues to weigh heavily on the mind of UK-based IT managers, according to a recent report. Nearly half (41 percent) of all IT managers surveyed claimed they were ‘highly or extremely’ concerned about their organization being the...

Read more

Tech Pros Leaving Thousands At The Negotiating Table

Just happy to be employed and not so sure you should tempt fate by quibbling over a few bucks? By not negotiating, many IT professionals are leaving thousands on the bargaining table, according to a new survey. Dice.com, a career site for technology and engineering professionals, surveyed 838 hiring managers and recruiters. The majority said...

Read more

ZeroAccess Botnet Tops Security Vendor's Q1 Threat List

The top threat impacting cybersecurity worldwide this quarter remains ZeroAccess, the Bitcoin mining botnet, according to network security vendor Fortinet. Based on reporting from FortiGate devices worldwide, ZeroAccess is the number one botnet threat the team is seeing. ZeroAccess is used primarily for click fraud and Bitcoin...

Read more

More Than 60 Percent Of Enteprises Allow BYOD: Report

More than 6 out of 10 companies (64 percent) allow employees to bring their own devices (BYOD) into the workplace, with the majority of these citing improved productivity as the main driver, according to a new survey. For 58 percent of these companies, they allow a mix of corporate-liable and individual-liable devices. A full third of companies...

Read more

FireEye Reports That It Detected 89 Million Malware Events That Slipped Right Past Firewalls, IPSs And Other Layers Of Security

FireEye Inc. has just come out with its Advanced Threat Report for the second half of 2012. The content is based on research and intelligence conducted by the FireEye Malware Intelligence Lab and data collected from several thousand security appliances installed at the company’s customer sites around the world.

Read more

Report Roundup: Where Big Data Was And Where It's Going

Big Data is being put to big use, as a little more than half of companies globally have adopted some sort of Big Data initiative in the past year, according to a new global trends report. Tata Consultancy Services (TCS) just wrapped up a massive global big data study, surveying 1,217 companies in nine countries spanning four regions of the...

Read more

New Survey Predicts The Rise Of The "Everyday Hacker"

It's so easy, almost anyone can do it. Hack, that is. Easily accessible information will allow for those with only rudimentary technical skill to exploit such things as an SQL injection vulnerability, according to a new report from Veracode.

Read more

Privacy Advocates Vs. Legislators: House To Revisit CISPA This Week

Call it 'cybersecurity' week in our nation's capital, as Internet privacy advocates clash with legislators on the best way enact quality cybersecurity legislation. The House Intelligence Committee plans to revisit the polarizing Cyber Intelligence Sharing and Protection Act (CISPA) this week, scheduling a "mark up" session...

Read more

McAfee: "Can You Trust Retailer’s Security And How They Protect Your Information?"

McAfee reports on the growing risks the industry is facing with both legacy and newer point of sale systems (POS), finding that retailers need to be more than simply PCI DSS compliant to protect consumer data. “The industry is very fragmented with a large base of smaller merchants utilizing secondary market or used point of sale...

Read more

Access Governance: Perceptions And Misconceptions

We touched on Access Governance (AG) last year, but have found that misconceptions about the space still fuel some of the discussion. Access Governance is basically the overarching system that governs who has access to what in a given organization, or as we wrote last year, it approaches identity management from a “business...

Read more

Evolving Threats To Drive Cloud-Based Security Market

Sales of cloud-based security services will grow 69% over the next 5 years, according to new research. This forecast comes on the heels of a big year in the market for global cloud and customer premises equipment (CPE)-based security services, which grew another 12% in 2012 to $13 billion, according to Infonetics' just released Cloud and...

Read more

ICS-CERT Reports On Phishing Campaign Against 11 Energy Sector Companies

A spear phishing campaign, seeking to leverage public information to ensnare its victims, was reportedly leveled against 11 different energy sector firms, according to a recent report. The latest edition of the Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) Monitor, a quarterly publication, said that information —...

Read more

SDN: Really Important To The Network, Yet Confusion Reigns

Software Defined Networking (SDN) is one of the latest network operation buzzwords, promising to revolutionize cloud and enterprise networks alike. The concept is so vital, that most organizations consider it the single most important network technology initiative, according to a new survey. Despite its importance, many companies are still...

Read more

Technology Companies Attacked Once Every Minute, According To New Report

The average enterprise is under a constant state of duress, experiencing a malware event roughly once every three minutes. The rate of malware activity, of course, varies across type of industry. For technology companies, the most highly targeted vertical, that figure drops down to once every minute, according to FireEye's 2nd Half of 2012 Advanced Threat Report.

Read more

Stating the Obvious: CIOs Work Hard

Always tethered to the clock, an organization's chief information officer (CIO) is more likely to be working nights, than enjoying some quiet time at home, according to a new survey. The majority of CIOs surveyed -- 73 percent -- said they they check in with work "often" or "somewhat often" on evenings and weekends. Only...

Read more

IBM: Web Application Vulnerabilities Threaten The Enterprise

Web application vulnerabilities remained one of enterprises most pressing issues, rising 14% in 2012  over 2011 end of year numbers, according to a recent report. These vulnerabilities were exploited by attackers who, more often then not, injected malicious scripts and executables onto legitimate websites, targeting client side...

Read more

Password Problems: Majority Of Security Pros Violate A Big Mobile Best Practice

Even security pros practice poor security "hygiene," with some 83 percent saying they use the same password across multiple mobile applications, according to a new survey.

Read more

Malware Threats And Inconsistent BYOD Policy Driving Mobile Security Market Growth

The mobile security services market has no where to go but up, according to a new industry forecast. The confluence of a 261% uptick in the number of mobile threats, coupled with increasingly complex malware designed to exploit a wider range of mobile devices and inconsistent BYOD policies, is signaling significant growth in the mobile...

Read more

Enterprise Cloud Security Solutions Still Have a Ways To Go; Report

Enterprise cloud security practices are improving (slightly), but there remains a long way to go, according to a new report. Only around 50 percent of IT leaders surveyed in a new report said they are confident they are aware of all of the cloud services in use within their organization, a roughly 5 percent improvement since 2010. For Mike...

Read more

IT Pros: Not As Stressed As They Used To Be

The number of IT professionals considering leaving their job due to workplace stress has declined from 67% last year to 57% in 2013, according to a recent survey. That doesn't mean that life is simple for IT professionals -- far from it. Nearly two-thirds (65 percent) of all IT administrators surveyed still consider their job stressful...

Read more

US-Cert Issues DNS Amplification DDoS Alert

Distributed Denial of Service (DDoS) attacks have become a routine part of the security threat landscape, striking banks, online retails sites and other interconnected targets. In addition to the well-publicized ongoing hacktivist DDoS campaign against global financial institutions (which hit, among others, American Express last week), attacks...

Read more

Got Work? Revisiting The Market For Security Professionals

As security professionals from across the globe gathered last month at RSA, some of the conversations inevitably turned towards jobs; and many organization's inability to find quality candidates. This has been an issue in the information security field for years, but has recently been vaulted back into the spotlight as President Obama very publicly revisited the issue of cybersecurity.

Read more

The State of Server Security: Malware Up, Confidence Down

The conundrum is obvious. While incidents of advanced attacks targeting servers has risen, confidence in being able to identify and stop these attacks has dropped, according to a recent report. 25 percent of respondents in Bit9's annual Server Security Survey said their servers were attacked in 2012, up 8 percent over the previous year....

Read more

80 Percent Of Companies Suffered Web-Borne Attack In 2012; According To Webroot

If you're not on the receiving end of a web-based attack, you're in a distinct minority. Eight out of ten companies endured at least one such attack last year, according to a new survey by security vendor Webroot. Organizations that allow employees to freely access the Web are experiencing high rates of malware threats, including...

Read more

IDC: Worldwide DDoS Prevention Market To Reach $870 million

The 300 Gb/s of traffic hurled at Spamhaus earlier this week during an epic Distributed Denial of Service (DDoS) attack may just be start of an even larger trend: The expanded growth of the DDoS prevention industry. The worldwide market for DDoS prevention solutions -- including products and services -- is expected to grow by a compound annual...

Read more

Report: Nearly 94% Of Endpoints Running Java Are Vulnerable To Exploit

The announcement of a new Java vulnerability seems about as common as sunshine in San Diego. The past few weeks have witnessed a number of Java zero-day vulnerabilities. And according to managed security provider Websense, some 94 percent of browsers may be vulnerable to at least one Java exploit. Charles Renert, Vice President at Websense...

Read more

Report: All Is Relatively Secure In The Cloud

One of the biggest silver linings surrounding cloud computing of late has been its exponential growth. Spending on cloud services is forecast to grow 18.5 percent to $131 billion worldwide this year, according to Gartner. But with this expansion comes the obvious question: Is it secure? Alert Logic, a cloud security vendor, released its new...

Read more

EMEA Security Appliance Market Remains Strong

International Data Corporation (IDC) reported today that quarterly security appliance sales in EMEA grew by 5.2% in Q42012 over the same quarter last year. According to IDC’s Quarterly Security Appliance Tracker, factory revenue for the market hit $696.8 million in Q4. For all of 2012, it said factory revenue was about $2.5 billion, a 2%...

Read more

Report: Traditional Antivirus Struggles To Detect Malware Delivered Via FTP

If you’re looking to deliver malware that effectively evades detection, your best bet is to deploy it using run-of-the-mill File Transfer Protocol (FTP). Malware let loose in this fashion evaded detection by traditional antivirus measures 95 percent of the time for more than 30 days, according to a new report [PDF]. The inaugural Modern...

Read more

How Do You Like This? Facebook Likes Reveal Your Private Traits And Attributes

Did you know that each time you Like something, you are giving up just a little bit more of your privacy? In fact, depending on your Likes, someone may be able to accurately predict a range of highly sensitive personal attributes you possess, including your sexual orientation, ethnicity, religious and political views, use of addictive substances, and more.

Read more

Is Spam Increasing? A Look At Some New March Campaigns

Global spam increased 64 percent last month, according to Cisco's IronPort Threat Operations Center. And the election of a new Pope hasn't quelled the unholy barrage of junk and malicious email. Barracuda Networks caught more than 400,000 emails purporting to be CNN news updates with salacious Pontiff-related headlines. One click, and the user is delivered to a domain that points directly to a black hole exploit kit.

Read more

South Korea Cyberattacks: Bravado, Cyberwarfare Or Smokescreen?

The wave of cyberattacks that rattled South Korea this week, targeting television broadcasters YTN, MBC and KBS as well as two major commercial banks, Shinhan Bank and NongHyup Bank, were caused by a piece of wiper malware known as Trojan Horse/Trojan.Jokra and WS.Reputation.1, according to initial research by Symantec.

Read more

GAO: IRS Needs To Resolve Information Security Issues

The taxman isn't immune to information security woes. The Government Accountability Office (GAO) has just issued a new report highlighting continued information security woes at the IRS. The report titled, "Information Security: IRS Has Improved Controls but Needs to Resolve Weaknesses," says that longstanding policies and endemic...

Read more

Buzzz: Researcher Creates Honeypots To Lure In ICS Attackers

High profile malware attacks -- like Stuxnet, Duqu, and Flame -- have made the security surrounding Industrial Control Systems (ICS) and specifically Supervisory Control and Data Acquisition (SCADA) a very big topic. These attacks piqued the interest of Kyle Wilhoit, a Threat Researcher at Trend Micro, who wanted to find out what was really...

Read more

How Secure Is That Security Appliance?

The trusted firewall that is guarding your network may not be as secure as advertised. In a recently released white paper (PDF) titled "Hacking Appliances: Ironic exploits in security products," Ben Williams, a penetration tester for the NCC Group, discovered that roughly 80% of the security products he tested had vulnerabilities...

Read more

Report: 86% Of All Vulnerabilities Found In Third-Party Programs; SCADA At Particular Risk

Go ahead, patch those Microsoft products all you want. It won't necessarily make you impervious to attack, according to a new report. A vulnerability review, issued last week by the vulnerability management company Secunia, found that 86 percent of vulnerabilities discovered in the most popular 50 programs in 2012 were in non-Microsoft (or...

Read more

New Training From SANS Institute: How To Discover If Malware Is Running In RAM Only On Your Systems

Brian and I recently had an opportunity to talk with Jesse Kornblum, an instructor for the SANS Institute. Jesse has developed and just started teaching an advanced course called Windows Memory Forensics In-depth. This course would be valuable for any IT security professional working in an industry or for an organization that has a constant target...

Read more

Breach Bracket: The "March Madness" Tournament Every School Is Trying To Avoid

The security researchers over at AppSecInc's TeamSHATTER -- a company that provides database security, risk and compliance solutions -- have released their annual data breach madness “bracket," highlighting which educational institutions have endured data breaches over the past 12 months.

Read more

U.S. National Vulnerability Database Is, Apparently, Very Vulnerable

No one noticed until yesterday, but administrators of the U.S. National Vulnerability Database (NVD) -- an online/searchable repository of known security flaws and vulnerabilities -- took the site down after they noticed some suspicious activity. That was on March 8th. As of this morning, here is what you see when you log on: Kim...

Read more

Cyber-Threat Report: Americans Attacking Americans? Maybe

The big eye-popper from the latest Solutionary Global Threat Intelligence Report (GTIR), which provides insight and analysis including the cost of cyber threats that enterprises, governments and mid-market organizations faced throughout 2012 and how to defend against them, are the numbers. In data gleaned from real-world interactions with...

Read more

Survey: The Trouble With SIEM

Security Information and Event Management (SIEM) was supposed to make life easier for IT professionals, analyzing the torrent of incoming security data from the network perimeter to provide real-time analysis on security threats. Instead, it seems to have become a bit of an albatross for security pros who have to wrestle with increased...

Read more

Report: Two-Day Long DDoS Attack Breaches U.S. Utility

While phase three of Operation Ababil is now in full swing, banks are not the only enterprises that remain at heightened cyber threat alert. A new case study issued by anti-DDoS vendor Prolexic recounts a recent Layer 4 Distributed-Denial-of-Service (DDoS) attack leveled against U.S. electric utility. Also referred to as a "syn...

Read more

GitHub hit with back-to-back DDoS attacks

It happened...again. In February 2012, GitHub -- the popular code sharing site -- experienced what they called a prolonged and "intense" week long Distributed Denial of Service (DDoS) attack. In a statement at the time, Github said that the "attack is global, and has been very intense at times. Yesterday morning, for example,...

Read more

Study: Majority of Small Businesses Suffer Data Breaches; Disclosure Is Another Matter

Small businesses have big data breach problems, and they're having a hard time admitting it. A new Ponemon survey, commissioned by the The Hartford Steam Boiler Inspection and Insurance Company -- a part of reinsurance behemoth Munich Re -- found that while more than half the U.S. small businesses surveyed experienced at least one data...

Read more

UK Survey: Consumers Have Trust Issues with Banks

Ronald Reagan liked to say "trust, but verify." The people of the UK have spoken, and they feel the same. They're having a difficult time trusting that the financial services industry -- and other organizations that use call centers -- are adequately protecting their personal information. Banks top the list of organizations...

Read more

Phishing, SMiShing And Wishing It Would Stop!

Lately it seems like I’ve been getting more than the usual number of emails that give me pause. Could this one be a phish, I wonder? What about that one? Even my husband and fellow blogger Brian showed me a curious email the other day. It certainly looked legitimate, appearing to come from a bank we do business with, but we concluded that...

Read more

Survey of RSA Attendees Shows General Security Readiness Lacking

Trapping thousands of security professionals in a room is a great way to gauge which way the industry winds are blowing. At RSA, F5 Networks chose to harness this massive amount of infosec brain power to conduct a security trends survey. They posed two qualifying questions to booth visitors to ascertain whether these practitioners had any...

Read more

Hacktivists: Phase 3 of Their Campaign Against U.S. Financial Institutions Underway

They're back. In a February 26th Pastebin post, the Izz ad-Din al-Qassam Cyber Fighters promised to resurrect their cyber campaign against U.S. financial institutions if offending YouTube videos were not removed from the Internet. The videos were not removed and earlier this week, in another Pastebin missive, the Islamic group...

Read more

Kaspersky: New Botnet Discovered; Potential Threat to Chilean Banks

If you have money in any Latin American banks, it might be a good idea to begin storing some of that cash under the mattress. According to a recent blog post from a Kaspersky Labs expert in Argentina, a new weapon in the emerging Latin American cybercrime space is now targeting two large Chilean banks. AlbaBotnet is designed to unleash phishing...

Read more

Gartner: Application Layer DDoS Attacks to Increase in 2013

Volumetric, blunt-force attacks will remain the primary type of Distributed Denial Of Service Attack (DDoS) in the coming year, but there will be noticeable growth in the incidence of low-and-slow application layer DDoS attacks, according to new research by Gartner.

Read more

Evernote Potential Target of Attack; Issues Security Notice

Did you have trouble logging into Evernote this morning? You’re not alone. The popular note taking software service said it appeared to have been the victim of a coordinated attempt to access secure areas of their service. In a Security Notice issued on its blog, Evernote, which according to the company services 50 million users, tried to...

Read more

RSA Coverage: Japan Offers Best Privacy and Security Policies for Cloud

If you want a secure and private cloud-computing environment, there is no safer place than Japan. On Thursday, The Business Software Alliance (BSA), the software industry’s international watchdog, previewed findings from the forthcoming 2012 Global Cloud Computing Scorecard. The pre-release only shows the scores in the privacy and...

Read more

RSA Coverage: Bad Intentions Will Cost You

All breaches are not created equal. Those with malicious intent cost organizations on average nearly twice ($840,000) as much as those with non-malicious designs ($470,000), according to a new study commissioned by Solera Networks and undertaken by the Ponemon Institute. The report, “The Post Breach Boom,” surveyed security...

Read more

RSA 2013 – an Insider's Take

Bleary eyed and staggering off of an eight-hour flight, it is impossible to miss the signs. They’re all around. A large banner hangs over the escalator that heads down towards baggage claim. It is anti-virus maker Trend Micro issuing the first of many “warm welcomes.” A little self-promotion combined with a healthy dose of big...

Read more

Playing in RSA’s Innovation Sandbox

Zuly Gonzalez inadvertently “RickRolled” herself. Or perhaps it was by design. The co-founder of Light Point Security took to the stage at Monday’s RSA Innovation Sandbox to the opening strains of Rick Astley’s hackneyed Internet meme. The message was a simple one: don’t let the web “RickRoll” you....

Read more

RSA Coverage: Stuxnet Much Older than Thought

Stuxnet, the sophisticated piece of malware that made headlines back in 2010 as the first computer cyber weapon is an evolved version of an earlier incarnation of the infamous worm, according to a Symantec white paper issued at the RSA conference today. The newly discovered Stuxnet variant, according to analysis of the version number embedded in...

Read more

Hacking Twitter Isn’t Even a Challenge. Burger King and Jeep Learned This Lesson the Hard Way.

First Burger King and now Jeep. Both prominent companies have suffered embarrassment since having their Twitter accounts hijacked this week, reportedly by Anonymous. It’s unfortunate, but these two companies join a long list of other businesses, news media outlets, politicians (including Barack Obama), celebrities and even average citizens...

Read more

The Facebook Hack Attack: Finding “No Evidence” Doesn’t Mean Data Wasn’t Compromised

On February 15, Facebook Security posted a public notice that the company “discovered that our systems had been targeted in a sophisticated attack.” Facebook Security was unusually frank about the details of the attack, including the revelation of how the compromise happened. (Facebook employees’ computers were infected with...

Read more

ISACA Advanced Persistent Threat Survey Shows Some Eye-opening Findings

Advanced persistent threats (APTs) have been in the headlines over the past couple of years for affecting some high profile enterprise networks. Many thought these attacks were limited to government networks. However, in January 2010, the source code and intellectual property of Google and at least 20 other companies in the high-tech industry and defense industrial base were targeted and compromised during “Operation Aurora.”

Read more

FTC Tells the Mobile App Ecosystem: Don’t Play Fast and Loose with Consumers’ Privacy Rights

If you read either of my previous posts about (the lack of) mobile application security and privacy, you might think we are living in the Wild West as far as the onus being on the user to look out for his or her own best interests.   Well, we are.  It’s like there’s no sheriff protecting the community. As the owner of...

Read more

Where Are You Most Likely to Pick Up Drive-by Malware? A Porn Website, a Gambling Website, or a Business News Website? The Answer Might Surprise You.

All of you porn surfers out there can just relax. Despite what your momma told you, browsing a porn website isn’t the most sure-fire way to get malware put on your PC. According to the 2013 Cisco Annual Security Report, many people (including security professionals) have preconceived notions about where they are most likely to encounter...

Read more

That Really Cool App You Put on Your Smart Phone is Probably Collecting All Sorts of Information - and You Don’t Even Know It

A few weeks ago I warned that mobile applications may not behave the way that users expect them to. As a follow-up to that post, I talked more in-depth with Domingo Guerra, president and co-founder of Appthority. Guerra’s company has analyzed hundreds of thousands of mobile apps to discover what they do, not just on the surface but...

Read more

Making the Case for National Cyber Labs

Recently I received a most interesting link from a friend, about a tiny city that was actually a perfect working model of a real-life city built by the SANS Institute. It had real banking networks, power grid networks, public transit systems, a hospital, a military complex, you name it. It’s a fully decked out city in miniature. And the...

Read more

Kaspersky and Hypponen on the Evolution of Hacking and Cyberwar

Kaspersky Lab's fonder and CEO Eugene Kaspersky and Mikko Hypponen, Chief Research Officer at F-Secure, recently examined how hacking has evolved from mere script kiddies meddling for kicks or to build street cred with their peers into an environment where cyber criminals, hacktivists and even governments are engaged in serious offensive...

Read more

Amended COPAA Rules Expand Data Privacy Protections

Effective July 1, 2013, the amended Children’s Online Privacy Protection Act (COPPA) will take effect. In today’s world, as those of us in security and compliance know all too well, the same information that enables our business and moves our world quickly to the latest and greatest innovation, puts our private information and that of...

Read more

Who to Contract Before a Data Breach Occurs

Data breaches continue to headline the news, and it’s likely to get worse before it gets better. The invasion of consumer technologies in the workplace promises to put more data at risk than ever before. There’s a growing tendency for Boards of Directors to become involved when a breach occurs. An event puts the organization at risk;...

Read more