My buddy Aamir Lakhani wrote about how traditional security products such as Stateful firewalls and older IPS/IDS solutions are not cutting it for today’s level of threats. This post covers why the “Next-Generation” of security technology matters. The original post can be found HERE.
Organizations are replacing their Stateful firewalls with Next-Generation firewalls (NGFW) and Next-Generation Intrusion Prevention systems (NGIPS). Most traditional firewalls are nothing more than packet filters that keep track of who initiated the traffic to automatically allow response traffic back to originator. IPS vendors such as Sourcefire and McAfee (Intel Security) are rapidly adding advanced features to protect against insider threats, application vulnerabilities, mobile devices, and malware. One must wonder are the days of traditional perimeter security devices such as Stateful firewalls and single-pass IDS systems numbered?
The future of security must reach beyond the capability of an appliance. There are too many attackvectors that are continuously changing to detect with a silo solution. It basically comes down to this …. there are only so many signatures that can be checked against as well as behavior algorithms that can be put in place before you must let traffic pass. Odds are, a malicious attacker will eventually bypass detection based on the fact that there are hackers out there with a rack of all the latest vendor IPS, Firewalls, etc. in a lab designed to test how effective a piece of malware is against any enterprise security solution. So in a nutshell, you will only be able to stop the majority of attacks launched against your network. Something will eventually get through. This means detecting and preventing can’t be your only security strategy. Continue reading →
Aamir Lakhani from drchaos.com wrote a good article on how chaining together social engineering tactics compromised a highly visible twitter account. The original post can be found HERE.
Who can we trust? It’s a tough question. We think we can trust our friends, co-workers, mentors, and colleagues because they are people we see and interact with often as frequently as we do with our family members. Unfortunately, there is risk in trusting others, particularly when those we trust have privileged access to our accounts and sensitive information. When our trust and exposure extends to those who we work with, and incorporates intimate knowledge of our business concerns, corporate cultural developments, and technology secrets, we must face the reality of insider threats. Unlike external attackers, those we consider to be on the inside of our trust circles do not need to hunt for valuable information, nor do they need to exploit strong perimeter defenses; insiders already know what is valuable and where it is stored.
Katrin Deres is a passionate blogger, and works in a marketing team at a mobile tracking company. For more information visit mSpy. Here is a guest post with some of my input covering how to protect mobile devices used by children and young adults.
Smartphones have revolutionized the way we live and are an important tool that most of us depend on daily. With that being said, a smartphone in the hands of a responsible adult is very different from allowing children access to them. Giving smart devices to children without considering its impact can spell big trouble for parents! Continue reading →
I’ve said this many times before … the Internet is full of bad things. Of those bad things, one of the most common threats is Phishing attacks. Wiki defines phishing as ”the act of attempting to acquire information such as usernames, passwords, and credit card details (and sometimes, indirectly, money) by masquerading as a trustworthy entity in an electronic communication”. The majority of successful phishing attacks clone popular social networking sources and provide hyperlinks with the hope a target will click the link without questioning the authenticity of the source.
I wrote a post about what to look for regarding fraud email and craiglist sales HERE and 2 example craiglist cons HERE. The concepts are generally the same regarding identifying phishing attackers however in some cases, the attack will be a clone of a real message or website, which makes it very difficult to detect. Best practices is THINK BEFORE YOU CLICK! Here are some examples why this is important. Continue reading →
Tung Yin is a professor of law at Lewis & Clark Law School in Portland, Oregon. His main area of focus is national security law, criminal procedure, terrorism and law, and federal criminal law. He has conducted extensive research on domestic legal problems that were borne from counter-terrorism practices and policies in the aftermath of 9/11. Professor Yin has more than a decade of experience as a lawyer. A lot of his work is featured on leading newspaper sites such as Washington Post. The NSA has been one of the issues that professor Yin has addressed through his expertise. His opinion has been featured on several national television shows dissecting the NSA. In his interview, he highlights the dynamics of the NSA in our lives and helps us gain a better perspective of the dos and don’ts of dealing with the NSA. Continue reading →
Pickpocketing is an old yet popular crime. Reason for this is the return can be as high as a robbing a store without the risk of using weapons or be identified by victims. Pickpockets can operate as a team or individually and typically involve a form of deception to conceal the crime. Most victims won’t realize they have been robbed until the pickpocket is long gone and if caught, the criminals face minimal jail time since lethal threats are not involved. Here is a review of the most common tactics used by pickpockets and methods to avoid becoming a victim. Continue reading →
My buddy Aamir wrote a great post on Cryptolocker. The original can be found HERE.
Cryptolocker is malware that is categorized as ransomware. According to Wikipedia, “Ransomware comprises a class of malware which restricts access to the computer system that it infects, and demands a ransom paid to the creator of the malware in order for the restriction to be removed” (Wikpedia).
Cryptolocker is dangerous because if you are infected with the malware, you are in danger of losing all your files that are local to your machine, including attached storage (USB drives) and connected network drives. The network drives or any other mass storage media that shows up as a drive letter could be corrupted by the malware. Continue reading →