Black Hat is upon us and, with it, a lot of chatter about the dangers posed by so-called “APT,” or advanced persistent threats. Rather than get trapped in the hype bubble, Threatpost editor Paul Roberts took the opportunity to check back in with a recognized expert on detecting and combating APT-style attacks: Amit Yoran, the former CEO of NetWitness Corp. and now a Senior Vice President at RSA, The Security Division of EMC. Yoran says that the darkest days may yet be ahead in the fight against APT style attacks, with mounting attacks and a critical shortage of security talent. To cope, both private sector firms and the government need to stop fighting the last war and pivot to the kinds of practices and monitoring that can spot sophisticated attackers.
Browsing Category: Social Engineering
Microsoft researchers are warning about a new Trojan horse program for Android mobile devices that sends out premium SMS messages once installed.
In the first six months of 2012, 36 percent of targeted attacks focused on small businesses of fewer than 250 employees, and there were an average of 58 attacks per day, according to a new research report. At the end of 2011, small businesses were on the receiving end of only 18 percent of such attacks.
The security firm Trusteer reports that new Web-based attacks are targeting Android smartphone users in a campaign to circumvent two-factor sign-on features used by many banks to protect account holders.
It does not matter how cute it is, or how relieved you are to finally find it after having lost it, or how mad you are at those hacks over at your bank for misspelling your name. It cannot be stressed enough that it is always a terrible, terrible idea to post pictures of your credit or debit card on the Internet.
A new Mac OS X backdoor variant has begun making the rounds online, targeting a Turkic ethnic group in central Asia, according to a post on Securelist’s blog earlier today.
A recent fraud ring through which attackers raided high-value bank accounts, nicknamed Operation High Roller (.PDF), employed attacks that were quick, required no human interaction and have already affected several tiers of credit unions, regional banks and large global banks, over the last several months.
Do you find e-mail pleas for help from the widow of Democratic Republic of the Congo strongman Mobutu Sese Seko unconvincing or downright silly? That may be the point, according to Microsoft researcher Cormac Herley.
A joint letter from some of Washington D.C.’s leading minds in the areas of defense and diplomacy is urging Congress to pass a cyber security bill in some form this year, saying that the U.S. is urgently in need of a new policy and ill-prepared for cyber attacks.
The Facebook security team is adding some new security features to the social network’s mobile applications, including upgrades to the login mechanism and account recovery options.