Why right now is the best time to assess your cyber response to COVID-19
A RAT that Tweets: New ROKRAT Malware Hides behind Twitter, Amazon, and Hulu Traffic
To carry out attacks, malware and botnets rely on communication with a Command & Control server (C&C or C2) to receive instructions. As a result, today’s security tools have become extremely adept at detecting traffic to and from malicious IP addresses. When a system or device starts talking to a malicious IP or domain, alarms sound and IT security…
The Power of Community: My Real-Life Lesson in Community-Sourced Threat Intelligence
Last week, my husband received the dreaded call from our bank. “Hello Mr. Smith. We’ve noticed some unusual activities on your credit card account. Will you please verify the following charges?” Whammy. A stolen credit card (yet, still in his wallet). These things happen, I suppose. Luckily, we made out relatively unscathed. Thanks to the magical…
StoneDrill: Shamoon Wiper Attacks Reloaded – Notes from the Underground
Nothing can tarnish a great film like a terrible sequel: The Matrix Reloaded, Independence Day II: Resurgence, The Lost World, Weekend at Bernie’s II (seriously, how long can you carry around a corpse in sunglasses?) Terrible sequels seem to surface mysteriously and unwantedly, rehashing the same old story with a slight variation on plot line and cast members. …
Hybrid Cloud Security, Part III: A New Approach to Threat Detection in the Cloud
I started rock climbing about five years ago with top ropes. I learned how to belay, how to tie knots, and how to trust my harness, rope, and belay partner to keep me from falling whenever I missed a hold. So, last year, when a new bouldering gym opened in my neighborhood, I was stoked—except for one small problem:…
Centralized Logging in the Cloud
Centralized logging is essential to network security and compliance reporting. So, how does log management evolve as you migrate services and workloads to public cloud infrastructure? Not to sound dramatic, but log data is the lifeblood of your security posture. The data captured in the logs of your network devices, systems, and applications feeds into your Security Information and Event…
Hybrid Cloud Security, Part II: New Security Challenges Take Shape in the Cloud
When you stare at the clouds long enough, you begin to see things that weren’t there before. There’s a rabbit. Or, maybe it’s a duck. A gust of wind and suddenly, an elephant shapeshifts into a flying saucer. If you look at public cloud infrastructure long enough, you get the same effect. When you migrate workloads and…
Hybrid Cloud Security, Part One: Familiar Threats in an Unfamiliar Territory
Cloud computing is rapidly becoming a must-have for organizations of all shapes and sizes, making hybrid cloud security a big concern—and often a big question mark—for IT security professionals. A recent IDC report predicted that cloud adoption in organizations will grow 45% by 2018. This prediction is not lost on cyber-attackers, who are constantly adapting their attack methods and devising…