Much has already been written about the impact of Operation Aurora on the threat landscape. The international attacks on some of the world’s leading Internet companies reminded us once again of the vulnerabilities within interconnected networks that can be accessed from virtually anywhere in the world.
These attacks also illustrate the growing need for, and strength of, application whitelisting solutions. As Aurora first gained access by attacking an endpoint within Google’s network to trick a user into installing malware, even leading antivirus software designed to detect such viruses and malicious code couldn’t stop it from running within the network. Continue reading this post…
As we close the door on another year of protecting our networks from the never-ending security threats, I hope the information I’ve provided in this blog has been valuable in your ongoing efforts to make your enterprise more secure. December was a month with a number of articles focused on the larger trends in security in 2009. Continue reading this post…
According to Gartner’s Avivah Litan, even two-factor authentication systems can’t stop today’s cyber thieves. Over the past few months, banks around the world that rely on one-time-password authentication systems have been compromised by man-in-the-middle attacks, despite having two-factor security in place.
Thomas Claburn of InformationWeek writes in his article, “Strong Authentication Not Strong Enough,” that fraudsters are now using call forwarding to bypass security measures. Continue reading this post…
With industrialized hacking on the rise, organizations serious about protecting their data must take proactive measures if they expect to win the war against cybercriminals. That’s Imperva CTO Amichai Shulman’s straight-forward message to applications owners everywhere and lists some real trends that are threatening businesses everywhere. My take, this is a good list, but while proactive is good, protective is better.
In this week’s TechJournal South article, “Industrialized hacking tops five data security trends for 2010″, Mr. Shulman’s data security firm listed its top five security predictions for 2010: Continue reading this post…
November was a busy month for security stories. The month kicked off with more stories of massive security patches from both Microsoft and Apple leaving me to wonder when the patching madness will ever end. Windows 7 was found to have a flaw that allows denial of service attacks. Internet Explorer v7 (IE7) even made it into the news with the latest vulnerability, but I question efforts to patch an aging application, why not just upgrade or use Firefox? If they aren’t willing to upgrade, do people really think they will patch IE7?
Without further delay, here are the stories that caught my eye in November: Continue reading this post…