Well is it or is it not? Who cares? Let’s take out the debate about whether or not the new FISMA regulations actually do anything for security practices, and face the reality that we, as government entities (whether directly employed by or contractually attached to a government entity), must fulfill our compliance obligations. Those of us who want to actually secure our environments will not only abide by the compliance mandates, but we will also implement security standards and practices that truly improve security within our appointed domains.
With the variant types and levels of threats, the exponential growth in numbers of attempted attacks and the possibility that some threats are state sponsored, federal government security professionals that are responsible for the nation’s information must do everything possible to minimize the attack surfaces provided to our enemies. The days when a Firewall and an antivirus product provided security to our resources are long gone. ( Read More… )
Today’s cyber attackers have added a new weapon into their arsenal: a sophisticated memory attack known as “Reflective Memory Injection”. Reflective Memory Injection goes beyond traditional memory exploits like skape/jt to easily compromise and own a victim computer.
Most security professionals today know that CoreTrace Bouncer provides advanced threat protection based on its adaptive application whitelisting technology. But Bouncer goes well beyond simple whitelisting–including extensive memory protection capabilities.
At CoreTrace, we believe actions are always better than words. So I recorded a video that shows how an attacker would use Reflective Memory Injection to compromise a victim computer, then demonstrates how Bouncer automatically prevents the attack.
Take a look and feel free to let me know if you have any questions. ( Read More… )
Corporations are virtualizing their data centers and are increasingly moving their IT processing into the Cloud. While executives are driving this transition because of significant cost and management benefits, it also brings a new set of security risks.
Corporate executives are not the only ones that want data moved into the Cloud. Since your organization has valuable information, you have APTs that will work hard to steal it. Your APTs want you to move away from your own tightly controlled physical environment to one in the Cloud—where your data can be at risk in a variety of ways, including from attacks that began by attacking hosted systems owned by other organizations.
Please join Steve Pate, founder and CTO of High Cloud Security, and Daniel Teal, founder and CTO of CoreTrace, for an interactive webinar designed to help you understand the risks and learn how to protect your data at each step in the evolution from physical systems in your network to guest systems in the Public Cloud. ( Read More… )
Control systems are critical to the safety, performance and availability of the national power grid, pipelines and other critical infrastructures. These critical points of control must be forcefully protected at all times—but the systems have some unique operational realities that must be considered.
Please join an expert panel, led by Joel Langill, President of SCADAHacker.com, for an interactive discussion about the future of critical infrastructure attacks and how to effectively combat them. Mr. Langill will be joined by Walter Sikora, Vice President of Security Solutions at Industrial Defender, and Selim Nart, Vice President of Professional Services at CoreTrace. ( Read More… )