For organizations that run the nation’s most critical infrastructures, it’s important to understand that today’s targeted cyber attacks are designed to carry out any number of activities including monitoring network processes to bringing down the grid. Just because hackers haven’t carried out an attack doesn’t mean malware isn’t already resident in a system waiting for the most opportune time to launch.
Cisco recently initiated the End-of-Life process for the Cisco Security Agent (CSA) endpoint security solution.
Even before Cisco announced CSA’s end-of-life, CSA customers have been interested in CoreTrace’s application whitelisting solution, BOUNCER, because of BOUNCER’s ability to protect endpoints at a fraction of the HIPS administration effort. BOUNCER can do this by:
Rapidly secure endpoints without requiring manual tuning
Auto-generate whitelists for each computer
Protect against even the most sophisticated malware like memory attacks
Prevent unauthorized applications
Dynamically update each system’s whitelist for new authorized applications and upgrades
With targeted malware attacks posing greater threats to health care institutions, the director of CDPH, Dr. Mark Horton, said ensuring the privacy of patient data is a critical component to the medical industry.
“Medical privacy is a fundamental right and a critical component of quality medical care in California. We are very concerned with violations of patient confidentiality and their potential harm to the residents of California.”
While Federal regulations such as HIPAA have prompted health care organizations to take measures to better protect digital patient records, stopping highly targeted cyber attacks continue to be one of the industry’s top challenges. Continue reading this post…
The sharing of personal information over the Internet has been a huge driver for targeted attacks, which are designed to steal highly sensitive corporate information. According to the article, “Surviving today’s targeted attacks,” hackers who once sought fame and notoriety are now motivated by money. Targeted attacks go after the most valuable corporate data including source codes, future product information, third-party data, executives’ emails and customer information. Stefan Tanase, senior security researcher at Kaspersky Lab, said there are four steps cyber criminals take in executing a targeted attack: Continue reading this post…
An interesting study released this week shows that about 1.3 million malicious ads are being viewed online everyday. Most of these malvertisements are pushing drive-by downloads and fake security software. Some of the key findings in the report include:
Users are twice as likely to get infected by a malware ad on a weekend
The average lifetime of a malvertisement is 7.3 days
97% of Fortune 500 websites are at a high risk due to their external partners (JavaScript widget providers, packaged software providers etc.)
69% of Fortune 500 companies use external JavaScript to render portions of their sites
64% of Fortune 500 companies are running outdated web applications
This study drives home the point that everybody is exposed. Whether it’s a consumer hitting an ad on a website that’s got malware or an attack targeting the person running the grid, the fact is as long as there’s a human being in the loop malware is going to get deposited.
What I find interesting is that malvertisments targeting consumers take the same payload-type approaches as APTs that are specifically designed to go after the top government or corporate information, but just not in the same highly targeted, sniper-type fashion. But whatever approach is taken, the cornerstone to every one of these types of attacks that deposit some type of targeted malware is the payload.
This brings me to a poll question I’d like to ask you: What’s the most important step to stopping malware payloads? Said differently, if you could only do ONE thing to stop these attacks, which approach would you take? I’d love to get your feedback on it.
Questions? Leads on topics? Ideas for improvement? Or just want to open up a dialog and chat with us about — whatever? We want to hear what you have to say!