At the Crossroads of eThieves and Cyberspies

Lost in the annals of campy commercials from the 1980s is a series of ads that featured improbable scenes between two young people (usually of the opposite sex) who always somehow caused the inadvertent collision of peanut butter and chocolate. After the mishap, one would complain, “Hey you got your chocolate in my peanut butter!,” … Читать далее

Chasing APT: Persistence Pays Off

The IT director for an international hedge fund received the bad news in a phone call from a stranger: Chinese hackers were running amok on the fund’s network. Not seeing evidence of the claimed intrusion, and unsure about the credibility of the caller, the IT director fired off an email to a reporter. “So do … Читать далее

Who Else Was Hit by the RSA Attackers?

The data breach disclosed in March by security firm RSA received worldwide attention because it highlighted the challenges that organizations face in detecting and blocking intrusions from targeted cyber attacks. The subtext of the story was that if this could happen to one of the largest and most integral security firms, what hope was there … Читать далее

Advanced Persistent Tweets: Zero-Day in 140 Characters

The unceasing barrage of targeted email attacks that leverage zero-day software flaws to steal sensitive information from businesses and the U.S. government often are described as being ultra-sophisticated, almost ninja-like in stealth and anonymity. But according to expert analysis of several recent zero-day attacks – including the much publicized break-in at security giant RSA — … Читать далее

Hacked Companies Hit by the Obvious in 2009

As a rule, I tend to avoid writing about reports and studies unless they offer truly valuable and actionable insights: Too often, reports have preconceived findings that merely serve to increase hype and drum up business for the companies that commission them. But I always make an exception for the annual data breach report issued … Читать далее