Anthem: Yet Another Victim of the “Highly Sophisticated Attack”


The people at RiskIQ posted a interesting article covering the Anthem breach. The original post can be found HERE. 80 Million Personal Records Compromised!!!!! WOW

It should come as no surprise that another major data breach is in the headlines. Anthem, the nation’s second largest insurance provider, may have had as many as 80 million personal records compromised. There are several factors that make this breach notable. Primarily, it is the first major health insurance breach of its scale. The largest breach prior was the loss of over 4 million records by CHS. Continue reading

VN:F [1.9.22_1171]
Rating: 5.0/5 (3 votes cast)

NSS Labs Breach Detection Systems (BDS) Comparative Analysis Report


NSS labs just released their Breach Detection Systems Report found HERE. The purpose for this report is based on the concept that there is a need for security solutions that extend beyond defense measures found in common security products such as Anti-Virus and IPS network appliances. NSS labs have developed a name for the feature designed to stop advanced threats known as having “Breach Detection” capabilities.  Its pretty much technology you would implement as a last layer in the event a threat breaches your firewall, AV and network security defenses. Continue reading

VN:F [1.9.22_1171]
Rating: 0.0/5 (0 votes cast)

Federal News Radio Featuring The Cybersecurity Imperative

Pannels My buddy Aamir Lakhani joined a handful of security experts for a session on Federal News Radio. The radio show can be found HERE Continue reading

VN:F [1.9.22_1171]
Rating: 0.0/5 (0 votes cast)

THE SOCIAL MEDIA DECEPTION PROJECT : How We Created Emily Williams To Compromise Our Target

Disclaimer: This post has been modified to exclude specific subjects not approved for public viewing


Emily Williams and Robin Sage

Emily Williams and Robin Sage don’t exist in the real world. They are fake social network accounts designed to obtain sensitive information. Robin Sage was created in late 2009 to obtain information from intelligence on US military personnel. Her story was presented at the Black Hat hacker conference upsetting many people by exposing the type of sensitive data provided over social networks. Joey Muniz and Aamir Lakhani decided to go one-step further and ask the hard question: “what else can happen outside of data being leaked over social networks”. We decided to find out using Emily Williams. Continue reading

VN:F [1.9.22_1171]
Rating: 4.9/5 (14 votes cast)

The Business Value Of NetFlow : Why Invest In NetFlow Technology?

LadyWallThere has been a rapid increase in demand for security solutions that can defend against Advanced Persistent Threats (APTs). Why? Because today, cyber criminals don’t use a specific attack to compromise targeted networks. Continue reading

VN:F [1.9.22_1171]
Rating: 5.0/5 (1 vote cast)

RSA NetWitness: An Anatomy Of An Attack

Here is a post from my friend Aamir Lakhani’s blog about RSA NetWitness. The original can be found at Cloud Centrics ( Really good post on NetWitness.

RSA NetWitness

RSA NetWitness is a unique solution that captures, store and analyze network data traffic. This gives you the able to see exactly what comes in and goes out of the network in real time . In simple terms, RSA offers to you a Network CCTV. Not only that, NetWitness also allows you to see the traffic in action as it reconstructs the data that flows through the network into its original format according to its own type or application. This helps you strengthen your security measures by taking appropriate action. On top of that, since all traffic is captured and stored, you will be able to go back to a particular period of time and conduct historical data analysis. Nothing escapes undetected. Continue reading

VN:F [1.9.22_1171]
Rating: 5.0/5 (2 votes cast)

Defending Against Distributed Denial Of Services DDoS Attacks

DDoSIf you are internet facing, you are vulnerable to Distributed Denial of Services or DDoS attacks. Attacking network services is on the rise as the price for computing power decreases and people become more dependent on technology. Studies from leading service providers show DDoS attacks have grown from 9 to 500 Gbps in the last five years. Botnets are becoming an underground commodity that can be rented for as low as 10 dollars an hour to launch strategic DDoS attacks. Governments are investing in military strategies based on the ability to interrupt enemy computer services through targeted DDoS attacks. These attacks are indeed a weapon of mass disruption. Continue reading

VN:F [1.9.22_1171]
Rating: 3.5/5 (2 votes cast)

Cyber Crime Is A Well Funded Enterprise. A Look At Who Is Hacking You

Cyber Crime
Some people believe people behind Cyber Crime are disgruntled teenage hackers looking to cause chaos for fun. In some cases that may be however the majority of Cyber Crime is performed by well-funded organized criminals. Yes, I’m talking about the godfather like people who robbed banks and distributed narcotics on the street corner prior to the computer age. Organized crime realized it’s faster to automate an attack against millions of virtual targets rather than physically deal with criminal activity. Who is really behind Cyber Crime and how do they operate? Lets take at look at a case study of popups to understand the Cyber Crime organization. Continue reading

VN:F [1.9.22_1171]
Rating: 0.0/5 (0 votes cast)