Guest Blog Post
Why network forensics should become ongoing maintenance
April 12, 2012
Company network attacks — and successful intrusions — continue at a steadily rising pace, for a litany of reasons. The core driver is a complex dynamic. We continue to expand commercial uses of the Internet, pumping more cloud services, social media and mobile devices into the mix.
The end result is an ever expanding canvas of attack surfaces for highly skilled and motivated cybergangs to tap into corporate databases. In this LastWatchdog guest post, …More
The cloud collaboration conundrum
April 9, 2012
The core mantra of those marketing cutting-edge technology often boils down to the notion that you can never have too many connections. More and more connections — to friends, co-workers, events, work projects and what have you — are desirable and achievable, now that the Internet has been fully assimilated as the globe’s commercial transactions backbone, the underlying spin goes.
However, many of these new ways to …More
Why DDos attacks persist
March 16, 2012
Denial of services attacks made big news in 2011 as hacktivists refined techniques to rally like-minded protestors to shut down targeted websites for ideological reasons. Sony, Visa, MasterCard, the U.S. Chamber of Commerce and many others got hit.
That trend has not abated. And now governments may be getting into the act, orchestrating such attacks. Earlier this week the BBC accused the Iranian government for …More
Why botnets have become invincible
December 29, 2011
When I first wrote about “Zombie networks” in this 2004 cover story, hackers were in the early stages of developing the most efficient ways to systematically infect Internet-connected Windows PCs and convert them into obedient bots — at scale. The big driver back then was to assemble botnets to spread spam.
Today botnets have become the engine that drives all forms of cyber attacks. It’s simple enough …More
RSA’s Coviello: companies face new reality of persistent threats
December 22, 2011
It’s been a breathtaking year for mega databreaches. Security token giant RSA last March disclosed an embarrassing hack in which its crown jewel SecurID tags technology was pilfered.
And tech security journalist Brian Krebs in October shed light on a list (presented to Congress) of 760 organizations that were similarly hacked, including a who’s who of the Fortune 100.
That’s just one subset set of …More
Why someone needs to compel companies to disclose cyberattack details
December 21, 2011
A flurry of mega databreaches rocked the Internet in 2011. They included RSA, Epsilon, Bank of America, HBGary, the U.S. Chamber (twice), Sony (multiple breaches) and DigiNotar. Meanwhile, the most sophisticated attack campaign yet seen, Duqu, has now likely burrowed deep inside dozens of corporations.
Meanwhile, new variants of tried-and-true consumer attacks — ranging from drive-by downloads, to clickjacking to phishing campaigns — have made the …More
Why the FTC’s COPPA revisions fall short
November 9, 2011
The Federal Trade Commission has drawn positive reviews from both Democratic and Republican lawmakers for its proposal to update the Children’s Online Privacy Protection Act, or COPPA.
The 1998 COPPA law bans website publishers and social networks from collecting or using information from children under 13. Enforcement, however, has been spotty. And it’s common practice for website operators to do the minimum to meet the letter …More
keep looking »