When it comes to protecting network endpoints against more cunning and deceitful modern malware attacks, deploying proven security tools to prevent malicious code from exploiting your system is job #1. Unfortunately, the cat-and-mouse game between IT security professionals and hackers is not easily won, if ever won at all. The key, of course, is to stay one step ahead of your adversary at all times.
That said, what continues to baffle me is the ongoing practice of re-applying beatable security technologies to evolving malware, and expecting a different outcome. Continue reading this post…
No one will argue that deploying security updates is important, but a recent exploit showed the difference between having a patch available and actually implementing it (again). Today’s reality is that hackers are far quicker to exploit known vulnerabilities than users are to patch them.
In the article, “Hackers move fast to exploit just-patched IE bug,” Symantec reported that after Microsoft issued a patch for 11 bugs in Internet Explorer last week, active attacks were spotted on one of the “patched” vulnerabilities just three days later. Although the vulnerability has seen limited attacks at this point, it is another in a long line of examples that demonstrate why enterprises need multiple layers of protection–most of which truly need to be completely out of the hands of users. Continue reading this post…
According to the article, “Top five strategies for combating modern computer security threats,” today’s surreptitious, very low profile cyber threats are exploiting any vulnerability they can to get malware onto a user’s laptop or computer. These computer viruses require organizations to proactively defend their networks from a growing volume of malicious software that can mutate within hours or even minutes to evade detection.
One of the recommended techniques for protecting computer systems from unauthorized and malicious software is application whitelisting. Clearly, we are biased, but we completely agree more with those across the industry (including the author of the article) who are recognizing the anti-malware benefits of application whitelisting over reactive blacklisting products.
Furthermore, we also agree with some of the cited shortcomings around basic application whitelisting technologies. Continue reading this post…
For some time now, we’ve been hearing about how users often fail to install security updates for known vulnerabilities months, or even years, after a fix is available. As an IT security professional, this blows my mind because such practices create security holes that leave computers, and now corporate networks, susceptible to targeted cyber attacks. However, I am a realist: most users do not really think or care about security until something happens to them directly.
In the article, “Malware Authors Relying on Poor User Updating Practices,” cyber criminals understand this, and are taking advantage of users’ negligence around installing the latest security updates on their PCs. According to Ralf Benzmüller, head of G Data SecurityLabs, cyber crooks are not just targeting current security gaps, they also have their eye on unclosed vulnerabilities that for one reason or another have been disregarded by users. Continue reading this post…
I’m very proud to announce that the CoreTrace Bouncer application whitelisting solution is in the testing process to be certified to Common Criteria Evaluation Assurance Level (EAL) 3+. As we go through evaluation under the Canadian Common Criteria Evaluation and Certification Scheme (CCS), I’m completely confident that our platform will become the first application whitelisting solution to be certified to Common Criteria EAL 3+.
As a former Air Force Information Warfare Officer, I know the dangers today’s threat landscape poses to our critical infrastructure, government and military systems. Continue reading this post…