I have spent my whole life working with and using technology. From a Commodore 64 console as child to the first IBM XT computers. With this lifetime of experiences, I find the technical evolution curve is growing faster with each passing year. While many credit innovations by vendors and technology thought leaders, much credit over these last few years is also due to our adversaries.
Security measures in technology have tended to be a mere afterthought to protocol, network, database, clients, and application designs, and naturally the business drivers that motivate them. It is among these afterthoughts and between these cracks that our elusive hackers, APT, threat actors, hacktivists, nation states, etc. are now reminding us that security needs to be paramount. Now more than ever we must design our networks, systems and business processes with security in mind.
As an avid reader of security news from around the web, I’ll be periodically sharing a few headlines and adding my $.02 worth where I deem appropriate.
This is a very interesting threat: it represents all the major concerns that are on the security community’s mind. It leverages social media as vector for infection andinvolves one of the most worrisome Trojans the planet has ever known, Zeus. Zeus continues to be customized and equipped to evade even the latest “next-generation” techniques, VM analyzers (I like VM analyzers and think they have good value but as anything else, they alone cannot do it all as my colleague Kurt wrote in "Automated Sandboxes not a Panacea."
Each one of the topics in this collection is unique, but they share some commonality. The fight isn’t just about client-side malware infections. This is why we need products that can be both surgical in detection but broad in their capabilities to give us multiple “bites at the apple” and a clear, content-aware view across the network.
I hope you enjoy the posts and whether you agree or disagree with my input, please add some of your own. We want to hear from you!