Posts Tagged 'advanced persistent threats'
It’s hard enough to keep pace with network demands and be able to detect threats in real time. It’s even harder to stay on top of all the information generated about those threats, intrusions and suspicious network behavior. Enter SIEM, Security Information and Event Management, which in an age of big data has become essential […]
Recently, the McAfee Advanced Exploit Detection System (AEDS) has delivered some interesting RTF files to our table. These RTFs have executables “attached” to the documents. Usually, some words in the documents try to convince users to click and run the attachments. The following figure shows the point at which a user clicks on the attachment. […]
The security world, as many specialty fields, is full of acronyms. Those of us in the business know a SIEM from an IPS from a NGFW, and we’re happy to explain the difference to customers, many of whom know exactly what we’re talking about. There’s one set of acronyms, though, that can be confusing: APTs […]
Last month many Internet users were suddenly forced to trade in Bitcoins. This was not for general purposes–they were paying to get their data back. Their systems had been hijacked by ransomware. Ransomware is a type of malware that infects a machine, locks data files or the entire system, and demands payment to free the […]
Recent headlines (here and here) may have struck fear into those living near major energy installations due to references about the Stuxnet malware. In 2009, this particular strain of malware caused significant damage to the Nantanz nuclear facility, reportedly destroying a fifth of Iran’s nuclear centrifuges. Recent reports about Operation Dragonfly, however, appear to be […]