As hackers get better at breaking into networks and compromising data, IT security experts continue to debate the best ways to defend their systems against highly targeted malware attacks. In the PCWorld article, “How to Stop Hack Attacks In One Easy Step: Whitelisting,” InfoSec pro Tony Bradley highlights some of the key differences between application whitelisting and traditional blacklist-based defenses. Let’s review those difference, but then I want to make the case for Total Application Control (TAC)–a blending of the best of both approaches. ( Read More… )
When it comes to protecting network endpoints against more cunning and deceitful modern malware attacks, deploying proven security tools to prevent malicious code from exploiting your system is job #1. Unfortunately, the cat-and-mouse game between IT security professionals and hackers is not easily won, if ever won at all. The key, of course, is to stay one step ahead of your adversary at all times.
That said, what continues to baffle me is the ongoing practice of re-applying beatable security technologies to evolving malware, and expecting a different outcome. ( Read More… )
Most recent comment:
JT Keating
Thank you very much, Greg. I must admit that it takes a lot for me to not keep yelling ...
No one will argue that deploying security updates is important, but a recent exploit showed the difference between having a patch available and actually implementing it (again). Today’s reality is that hackers are far quicker to exploit known vulnerabilities than users are to patch them.
In the article, “Hackers move fast to exploit just-patched IE bug,” Symantec reported that after Microsoft issued a patch for 11 bugs in Internet Explorer last week, active attacks were spotted on one of the “patched” vulnerabilities just three days later. Although the vulnerability has seen limited attacks at this point, it is another in a long line of examples that demonstrate why enterprises need multiple layers of protection–most of which truly need to be completely out of the hands of users. ( Read More… )
According to the article, “Top five strategies for combating modern computer security threats,” today’s surreptitious, very low profile cyber threats are exploiting any vulnerability they can to get malware onto a user’s laptop or computer. These computer viruses require organizations to proactively defend their networks from a growing volume of malicious software that can mutate within hours or even minutes to evade detection.
One of the recommended techniques for protecting computer systems from unauthorized and malicious software is application whitelisting. Clearly, we are biased, but we completely agree more with those across the industry (including the author of the article) who are recognizing the anti-malware benefits of application whitelisting over reactive blacklisting products.
Furthermore, we also agree with some of the cited shortcomings around basic application whitelisting technologies. ( Read More… )
For some time now, we’ve been hearing about how users often fail to install security updates for known vulnerabilities months, or even years, after a fix is available. As an IT security professional, this blows my mind because such practices create security holes that leave computers, and now corporate networks, susceptible to targeted cyber attacks. However, I am a realist: most users do not really think or care about security until something happens to them directly.
In the article, “Malware Authors Relying on Poor User Updating Practices,” cyber criminals understand this, and are taking advantage of users’ negligence around installing the latest security updates on their PCs. According to Ralf Benzmüller, head of G Data SecurityLabs, cyber crooks are not just targeting current security gaps, they also have their eye on unclosed vulnerabilities that for one reason or another have been disregarded by users. ( Read More… )