Threatpost spent much of the last year chasing after Greg Hoglund, the founder and CEO of HB Gary. First, it was to get his reaction to the bruising encounter his firm had with the hacking group Anonymous. Then it was an endless series of requests on the aftermath of that hack, including the departure of HBGary Federal CEO Aaron Barr, and the company’s decision to pull out of the RSA Conference in 2011. When Greg finally did speak out it wasn’t to us.So we were happy when Hoglund, whose firm was recently acquired by the company Mantech International Corp., agreed to speak at the Kaspersky Lab Security Analysts’ Summit in Cancun, Mexico in February. His talk there on “Lateral Movement and Other APT Interaction Patterns Within the Enterprise” reinforced Hoglund’s reputation as one of the top experts on malicious code.Threatpost editor Paul Roberts caught up with Hoglund after the speech. And, while Anonymous and HBGary Federal were not up for discussion on the record, Hoglund offered some great insights into the delicate art of tracking down remote access trojans (or RATs) after they have a foothold in your network, as well as the mistakes companies make in trying to prevent and respond to security incidents.
Browsing Category: SMB Security
The adult Web site DigitalPlayground.com was hacked. A group calling itself TheConsortium has claimed credit for the attack, saying it stole credit card information on 40,000 paying customers and even listened in on a company conference call.
You wouldn’t know it from reading the news, but business identity theft is becoming an increasingly large concern for small business owners, according to a report filed by NPR’s Yuki Noguchi today on Morning Edition.
Adobe issued two security bulletins on Tuesday, fixing a critical security vulnerabilities in Shockwave Player, and another affecting its RoboHelp authoring product.
By Rob LemosThere are a lot of good reasons to have remote-access software installed on a business network: It might be there to allow a remote administrator to manage a database; or to give a third-party point-of-sale management firm to apply patches; or even to allow a PBX vendor access to the server managing their client’s voice-over-IP lines. Unfortunately, through poor configuration, bad passwords or vulnerabilities, the software is also allowing attackers in to steal data and is becoming an increasingly popular attack vector.
DDoS attacks come in all shapes and sizes, and in a lot of cases, the victims of the attacks don’t much care who is executing the attack or why. They just know that their network is being overwhelmed with junk traffic. But the last year has seen a major volume of politically motivated attacks, and new research shows that as much as 35 percent of DDoS are the result of some political or ideological motivation.
A report from Web security firm zScaler finds that Web pages hosted by the firm Dreamhost are being redirected to a scam Web site in Russia following a hack of the company’s servers last month.
Join Paul Roberts, Threatpost editor, and his guests, Michael Guigli, CEO of CloudConnect and Tim Armstrong, Malware Researcher at Kaspersky Lab as they discuss Virtualization and the security challenges faced by small businesses.
Researchers at the security firm M86 report that hackers have compromised hundreds of Web sites that use the WordPress content management system. The sites, mostly small Web pages and blogs, are being used to fool spam filters and redirect unwitting visitors to drive by download Websites that will install malicious software on vulnerable systems.
Hundreds of government employees in Seattle, Washington received fraudulent emails yesterday that appeared to be traffic violation notifications but were, in fact, vehicles for infection by malicious software.