It’s The Adversaries Who Are Advanced And Persistent

By Scott Crawford & Nick SelbyThere has been much talk recently about the “Advanced Persistent Threat.” According to Richard Bejtlich [1] and others, the term originated with the US Air Force around 2006, which explains why Bejtlich and others with an Air Force pedigree, such as Mandiant founder Kevin Mandia, have made much of the term.

Lessons Learned From the Aurora Attacks

It’s been more than two weeks now since the cyber-end of the cyber-world caused by the cyber-attacks on the cyber-networks of Google, Adobe and several other high tech companies, and amid all of the noise and hand-wringing there has been precious little in the way of cool, logical analysis of what lessons might be drawn from the incidents.

ExxonMobil, Others Attacked Via Email

At least three US oil companies were victims of highly targeted,
email-borne attacks designed to siphon valuable data from their
corporate networks and send it abroad, according to a published report
citing unnamed people and government documents. Read the full article. [The Register]

Microsoft’s Internet Explorer (IE) could inadvertently allow a hacker
to read files on a person’s computer, another problem for the company
just days after a serious vulnerability received an emergency patch. Read the full article. [Computerworld]

The cost of a data breach increased last year to $204 per compromised
customer record, according to the Ponemon Institute’s annual study. The
average total cost of a data breach rose from $6.65 million in 2008 to
$6.75 million in 2009. Read the full article. [IDG News]

The Internet Systems Consortium (ISC), the company behind the open source DNS BIND, software, has released security updates to resolve a DNSSEC-related vulnerability that could lead to Denial-of-Service (DoS) attacks. Read the full article. [The H Security]

Zimuse-A and its variant, Zimuse-B, overwrite MBR (Master Boot Record)
files on infected drives with their own data, either 40 days or 20 days
respectively after infection. This malicious behavior corrupts records
and makes data recovery difficult if not impossible, researchers report. Read the full article. [The Register]

Subscribe to our newsletter, Threatpost Today!

Get the latest breaking news delivered daily to your inbox.