Articles
Point of Persistence
2 min read
Several recent cyber attacks have served as great reminders that we need to continue to re-assess how we are protecting our networks and ensure that we make no assumptions of any device being secure in the network. One example of this is “SYNFul Knock,” a type of persistent malware that allows an attacker to gain […]
The Need To Solve for Time
4 min read
Ponemon Institute called 2014 the year of the “Mega Breaches,” which will be remembered for its series of mega security breaches and attacks. These “Mega Breaches” are perfect examples of what is commonly known as Advanced Persistent Threats (APTs). The Ponemon Institute survey asked, among many questions, “When was the breach discovered?” Surprisingly, the results […]
The Dreaded “5-Tuple”
4 min read
If you were to ask any security administrator who had to manage the security policies across an organization, they would probably define the “5-Tuple” as a “hard to understand, cryptic method leftover from the 1990s’ policy management for implementing access control and segmentation capabilities in networks. Despite its complexity, 5-Tuple has been a mainstay in […]
Cyber Threat Management from the Boardroom Risk: Lost in Translation
5 min read
I was at the Gartner Security and Risk Management Summit at the Gaylord National Harbor and had the opportunity to attend the session, “Finding the Sweet Spot to Balance Cyber Risk,” which Tammie Leith was facilitating. During the session, the panel had been discussing how the senior leadership teams address the problem of putting their […]
RATs in Your Data Center
3 min read
News agencies like ABC News, CNN, and others have run stories on the FBI sting operation against more than 100 hackers who were involved in using and/or distributing the Blackshades RAT (articles in the hyperlinks for reference). For a mere US$40, a novice computer user can become a hacker and gain access to anyone’s computer, […]