Articles
Point of Persistence
Several recent cyber attacks have served as great reminders that we need to continue to re-assess how we are protecting our networks and ensure that we make no assumptions of any device being secure in the network. One example of this is “SYNFul Knock,” a type of persistent malware that allows an at…
The Need To Solve for Time
Ponemon Institute called 2014 the year of the “Mega Breaches,” which will be remembered for its series of mega security breaches and attacks. These “Mega Breaches” are perfect examples of what is commonly known as Advanced Persistent Threats (APTs). The Ponemon Institute survey asked, among many que…
The Dreaded “5-Tuple”
If you were to ask any security administrator who had to manage the security policies across an organization, they would probably define the “5-Tuple” as a “hard to understand, cryptic method leftover from the 1990s’ policy management for implementing access control and segmentation capabilities in…
Cyber Threat Management from the Boardroom Risk: Lost in Translation
I was at the Gartner Security and Risk Management Summit at the Gaylord National Harbor and had the opportunity to attend the session, “Finding the Sweet Spot to Balance Cyber Risk,” which Tammie Leith was facilitating. During the session, the panel had been discussing how the senior le…
RATs in Your Data Center
News agencies like ABC News, CNN, and others have run stories on the FBI sting operation against more than 100 hackers who were involved in using and/or distributing the Blackshades RAT (articles in the hyperlinks for reference). For a mere US$40, a novice computer user can become a hacker and gain…