LizardStresser, a DDoS botnet that inspired many cybercrime groups to create their own botnets, was recently used in attacks as large as 400 gigabits per second (Gbps) that leverage the power of IoT devices. [Read More]
Dan Schiappa, VP with Sophos, has published a stinging rebuke against Cylance product comparison methods, saying the Cylance rigged a test by changing disabling default settings in Sophos' product. [Read More]
As it turns out, attackers use standard networking, administration and other tools in most post-intrusion activities, and not malware, a recent report from behavioral attack detection provider LightCyber reveals. [Read More]
Enterprises should establish security policies with regard to traffic inspection, and implement the right mix of SSL decryption and traffic inspection systems that don’t introduce latency or business disruption.
Advanced attack campaigns are typically multi-vector, prolonged and adaptive to the defenses they encounter - unlike the defending side, which is inherently more rigid and structured around products and security solution silos.
Micro-segmentation approaches play an important role in reducing the attack surface, the points of infiltration in the heart of the data center. By governing the traffic among servers, they reduce the risk of bad actors.
For the NSA, one of the hardest things to hack against is a network with out-of-band TAPs—which enable the continuous monitoring of network activity by sending copies of packets to security inspection and analytics devices.
Threat intelligence has little value unless it is put into context of an organization’s security posture. Most enterprises don’t have the resources to apply the required logic to correlate external threat data with their internal security intelligence.