Threat Geek

1. Advanced Persistent Threats: Not-So-Advanced Methods After All

Article Introduction: “Cybercriminals behind heavily funded hacking operations are not necessarily using highly sophisticated malware to gain access to sensitive data or to spy on employees, according to a study released this week by IBM (NYSE:IBM).”

2. Blocking zero-day application exploits: A new approach for APT prevention

Article Introduction: “Cybercriminals continue to develop new methods to bypass security controls in order to install malware on corporate endpoints. The recently discovered advanced persistent threat (APT) malware, Trojan.APT.BaneChant, uses multiple evasion techniques to bypass some of the newer detection approaches being utilized. First, the malware evades virtual machines by only executing the second stage of the attack after mouse activity is detected.”

3. Advanced vSkimmer botnet targets card payment terminals

Article Introduction: “The next evolution of credit card payment details extraction has hit Russian underground hacking forums in the form of the vSkimmer malware, a botnet that directly targets card payment terminals using Windows.”

4. Data Breach No Longer An IT Issue, It's A Business Issue

Article Introduction: “As enterprise go increasingly mobile and Bring Your Own Device (BYOD) becoming a way of corporate life, CISOs are facing a tough time maintaining a secure IT infrastructure. In conversation with Biztech2.com, John Kendall, Director, National Security Program, Unisys APAC reveals some critical challenges that stand in the CISO’s way and shares pointers on how to deal with them.”

5. Network Security Trumps Server Security in the Enterprise

Article Introduction: “There is a historical conundrum in cybersecurity about where to concentrate security skills, controls, and oversight. Hackers penetrate networks in order to compromise hosts and steal data. Given this obvious workflow, should CISOs focus security resources on networks, hosts, or a balanced combination of both?”

The Threat Geek Top 5 is a weekly post that identifies relevant industry news and stories. Check in to stay up to date with the latest happenings throughout the industry

1. New study finds malware variants skirting AV, mostly delivered via web

Article Introduction: “A recent study finds that a majority of malware variants have been delivered through the web, going completely undetected by anti-virus (AV) solutions.”

2. New malware shows Android has target on its back

Article Introduction: “Recently discovered Android malware used in targeted attacks against Tibetan and Uyghur activists in Europe is a warning to U.S. companies that mobile devices will likely be the mark in future cyberespionage attacks, experts say.”

3. The state of data breaches

Article Introduction: “The implications of data breaches can be severe for companies with potential financial losses and loss of customer trust.”

4. IT Concerns About Targeted Malware Rising

Article Introduction: “When it comes to servers, IT and security professionals' concerns about targeted malware and data breaches are escalating while their confidence in their ability to identify and stop advanced threats is on the decline, according to a new survey by security firm Bit9.”

5. Check Point: 63 Percent of Organizations Infected with Bots

Article Introduction: “Sixty-three percent of organizations were infected with bots, and more than half were infected with new malware at least once a day, according to the 2013 security report from Check Point.”

The ThreatGeek Top 5 is a weekly post that identifies relevant industry news and stories. Check in to stay up to date with the latest happenings throughout the industry