Beyond SWGs (Part 3): What’s in the Sandbox?
Anti-malware sandboxes have emerged as a key defensive weapon in cybersecurity. But what are they? In general, they’re appliance- or cloud-based services that capture an executable document, file or script and “detonate” the object in a virtual machine or emulator.… Continue reading
Beyond SWGs (Part 1): Cybersecurity in the Cloud
Enterprises have long relied on secure web gateway (SWG) appliances to enforce appropriate use policies and protect staff and their endpoints from malware. In recent years, however, the SWG market has struggled to cope with cybersecurity issues cloud computing and… Continue reading
Cyber-Insurance: A Market-Based Approach to Risk Management
Cyber-insurance has never taken off in the industry. But that may be about to change with recent announcements from a major underwriter that a larger pool of policies, and larger policies, than were provided in the past are now going… Continue reading
Industrial Control Systems (ICS) ISAC Vision for Security Information Sharing
At first, the Industrial Control System Information Security and Analysis Center (ICS-ISAC) was just a notion Chris Blask got in 2006 that ICS facilities needed situational awareness of computerized systems at the facility level, and that better regional,… Continue reading
My Heartbleed Resources
It’s gotten so that a couple times a day I see a new Heartbleed checker tool or list. I decided to separate a quick, running summary of these resources from my Heartbleed impact assessment blog post. The resources below… Continue reading
Net Quake: What to do about Heartbleed?
From Schneier on Security: “Heartbleed is a catastrophic bug in OpenSSL: ‘The Heartbleed bug allows anyone on the Internet to read the memory of the systems protected by the vulnerable versions of the OpenSSL software.… Continue reading
Security Monitoring of FireEye Off-Target During 2013’s Big Retail Breach
Two week’s ago, Bloomberg Businessweek broke this news:
“The biggest retail hack in U.S. history wasn’t particularly inventive…It’s a measure of …how conventional the hackers’ approach [was] that Target was prepared for such an attack…As they uploaded exfiltration… Continue reading
A Good Question: Should we Focus on Threats or Just Vulnerabilities?
My post “Should we Focus on Threat Assessment or Just Vulnerabilities” just went up on RSA’s blog. Hopefully, there, it will reach a wider (or different) audience than we have here and also drive some traffic back to… Continue reading
Cyphort Launches a New Advanced Threat Defense Platform
With no relenting in the growth of malware and advanced persistent threat (APT) activity, its good to see new vendors enter the advanced threat defense space. Cyphort is the latest entry to the advanced threat, or malware, defense market niche… Continue reading
Direct Memory Access That Kills (on CSI Las Vegas)
In Direct Memory Access I wrote about ways that advanced hackers can get complete access in just a few minutes even if you password-protect your device and its not connected to the Internet. Now, the topic of direct access has… Continue reading