Access management is a crucial function for every organization with an Internet connectionand it’s a lot harder these days. The explosion of remote workers and mobile devices has complicated and confused once-rudimentary access management functions, while the popularity of social media and other Web 2.0 sites have added a more challenging dimension to the work environment.
APTs: One Layer Is Not Enough
One in five security professionals recently surveyed by ISACA say its organization has experienced an advanced persistent threat (APT) attack.
Analyst Commentary – Security Appliance Growth Continues
There was a flurry of news articles out recently highlighting some interesting data points from IDC. In particular, according to IDC, worldwide factory revenue from security appliances was up 7.2% year on year to $2.3 billion, as unit shipments increased 5.2% to 538,428. Granted, Q4 is generally the strongest quarter in the tech industry, so it should be no surprise to most to see a strong finish to the year
Windows XP-iration
After April 08,2014, the Extended Support for Windows XP will expire and Microsoft will cease to issue any more updates or patches. It will have a significant impact on Windows XP users, particularly in terms of vulnerabilities and exploits. If you just bought a computer recently and it came with a copy of Windows 7 or 8, you don’t need to worry about Microsoft’s Windows XP expiration deadline.
Android malware gets phish-y
Last week the security world was abuzz with news of a new attack vector for mobile attacks.
When is a Rogue AP not a Rogue AP?
One of the WORST riddles I can recall from my youth is, “When is a door not a door? When it’s ajar.” A riddle that’s also a pun?!… Seriously, who comes up with this
Sandboxing Technologies, Techniques Get Another Look
Neil MacDonald, a vice president at Gartner, wrote in a blog last week the idea of sandboxing potentially malicious content and applications isn’t new, but interest in this type of approach – particularly on Windows desktops – is on the rise. A growing number of virtualization and abstraction techniques available on Windows, he wrote, create isolation to provide security separation. FortiGuard Labs describes sandboxing as a practice employed by security technology to separate running progra…
Insomni’hack 2013
Insomni’hack 2013 took place last week at Geneva and I had the opportunity to attend. Insomni’hack DAY 1 consisted of one day workshops on subjects ranging from “Linux exploitation” to “How to make sure your Pentest Report is never empty”. I had the chance to attend a workshop on “Practical ARM exploitation” given by black Steve (@s7ephen) and white Steve (Stephen Lawler)
Digital Attack on Korean networks: Wipers, Time-Bombs and Roman soldiers
On March the 20th, little after 2pm, several South Korean financial institutions and TV broadcasters networks were impacted by a destructive virus, which wiped hard drives of infected computers, preventing them to boot up upon restart. Since then, the team here has been up on the deck, dissecting the attack components. So far, here is what we’ve found out, that, to our knowledge, hasn’t been published anywhere yet: * The attack made use of two different droppers, in charge of d…
Network World Security Landscape Video Podcast (March)
In this month’s Network World Security Landscape video podcast, reporter Keith Shaw speaks with Fortinet’s Derek Manky on trends he saw at this year’s RSA tradeshow, a new Claco cross platform botnet that’s migrating from the smartphones to PCs, the recent Evernote hack and the recent trend of companies migrating to two factor authentication.