DOCSLIB.ORG

Here Are Certain Aspects of Information Security That, with Time, Have Become Essential

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Here Are Certain Aspects of Information Security That, with Time, Have Become Essential Hot topics and industry buzzwords come and go, but there are certain aspects of information security that, with time, have become essential. Many considered Web 2.0 to be just a wave of weird project names and mostly useless services. However, with time, some small websites became huge and big software players started offering their own web apps. Here we are a decade later, and we can't even imagine using the Internet without accessing many of these services. For today's Internet, web application security is not only important, it's essential, and that's why we decided to cover it in this issue. Mirko Zorz Editor in Chief Visit the magazine website at www.insecuremag.com (IN)SECURE Magazine contacts Feedback and contributions: Mirko Zorz, Editor in Chief - [email protected] News: Zeljka Zorz, Managing Editor - [email protected] Marketing: Berislav Kucan, Director of Operations - [email protected] Distribution (IN)SECURE Magazine can be freely distributed in the form of the original, non-modified PDF document. Distribution of modified versions of (IN)SECURE Magazine content is prohibited without the explicit permission from the editor. Copyright (IN)SECURE Magazine 2013. www.insecuremag.com Exploring attacks against PHP The PHP SuperGlobal parameters are gaining applications popularity within the hacking community because they incorporate multiple security problems into an advanced web threat that can break application logic, compromise servers, and result in fraudulent transactions and data theft. In one month, Imperva’s research team noted an average of 144 attacks per application that contained attack vectors related to SuperGlobal parameters. Furthermore, researchers witnessed attack campaigns lasting more than five months with request burst floods of up to 90 hits per minute on a single application. Imperva released its September Hacker Intelligence Initiative report which presents an Imperva researchers observed that attackers in-depth view of recent attacks against PHP are capable of mounting complex attacks and applications. The report also finds that packaging them into simple-to-use tools. hackers are increasingly capable of However, while an impressive demonstration packaging higher levels of sophistication into of attack strength, the PHP method has simpler scripts, and identifies PHP pitfalls. An application security solution that SuperGlobals as a prime target that yields a can detect and mitigate a single stage of the high return on investment. attack can render the entire attack useless. www.insecuremag.com 5 NSA's quest to subvert encryption, cryptographic keys, but they also, among install backdoors other things: Journalists from the • Secured the collaboration - either voluntary NYT and ProPublica or legally forced - from US and foreign have joined efforts Internet and telecom companies to gain the and have published needed access to the communications they the most explosive wanted to review before they were encrypted. article to date Alternatively, when neither of those two dealing with approaches worked, they would steal the revelations about companies' encryption keys or secretly alter NSA spying efforts. their products to contain a backdoor only known to the NSA. Backed by the documents shared by NSA whistleblower Edward Snowden, they state • Hacked into computers / endpoints before that the US National Security agency has the messages were encrypted. actively and for years now concentrated on thwarting or subverting encryption efforts via a • Influenced the US National Institute of number of ways, and that their endeavors Standards and Technology (NIST) and the have largely been successful. International Organization for Standardization to adopt an encryption standard that has been "The agency has circumvented or cracked made by the NSA to include a weakness much of the encryption, or digital scrambling, known only to them. that guards global commerce and banking systems, protects sensitive data like trade All these things were, of course, done in secrets and medical records, and secrecy. "The full extent of the NSA’s automatically secures the e-mails, Web decoding capabilities is known only to a searches, Internet chats and phone calls of limited group of top analysts from the so- Americans and others around the world, the called Five Eyes: the N.S.A. and its documents show," they claim. counterparts in Britain, Canada, Australia and New Zealand," the reporters shared. "Many users assume — or have been assured by Internet companies — that their "The NSA has turned the fabric of the internet data is safe from prying eyes, including those into a vast surveillance platform, but they are of the government, and the NSA wants to not magical. They're limited by the same keep it that way. The agency treats its recent economic realities as the rest of us, and our successes in deciphering protected best defense is to make surveillance of us as information as among its most closely expensive as possible," Bruce Schneier guarded secrets, restricted to those cleared pointed out. "Trust the math. Encryption is for a highly classified program code-named your friend. Use it well, and do your best to Bullrun." ensure that nothing can compromise it. That's how you can remain secure even in the face They pointed out that after the NSA lost the of the NSA." very public dispute in 1994 about whether it should be allowed to fit a backdoor into all It's interesting to note that both the NYT and encryption, they decided they won't going to ProPublica have been asked by US be stymied by this setback and opted to intelligence officials not to publish this last simply continued their efforts - this time in article, saying that "it might prompt foreign secret. targets to switch to new forms of encryption or communications that would be harder to They did not concentrate on breaking collect or read." encryption as much as making its use irrelevant. They did start using faster and However, both publications have declined to faster supercomputers for breaking comply with that request. www.insecuremag.com 6 New discovery will allow large-scale hacker that "taps" an optical fiber will be quantum cryptography networks detected. At the same time, it could become the first prevailing technology to harness the Researchers from Toshiba peculiar laws of quantum physics. have discovered a method to build quantum However, major obstacles still have to be cryptography overcome in order to make quantum communication networks cryptography viable for widespread use, with a far greater scale than particularly regarding the number of users ever before. It will allow than can be connected to a single network. quantum cryptography to be Up until now, implementing a quantum used beyond its current niche applications, for cryptography network has required an example as part of the Smart Community elaborate photon detector for each additional Networks that will manage and control energy user. generation and consumption in the future. The Toshiba team has discovered a technique Quantum cryptography shows great potential to allow many users to share a single detector to revolutionize the way sensitive data is and thereby greatly reduce the complexity of protected. It can be used to distribute secret the network. The breakthrough means that digital keys with a security that is not with current technology, it would be possible vulnerable to advances in computing, for 64 users to connect to a single detector in mathematics or engineering, and means any a Quantum Access Network. Barracuda WAF now on Windows deploy the same strong protection in the cloud Azure or on premise. The Barracuda Web Application Firewall has blocked over 11 billion real world attacks since 2007. Organizations using the Barracuda Web Application Firewall get a strong security platform that performs deep inspection of all Web traffic, enabling it to provide a wide range of attack prevention capabilities at both the network and application layers. These include SQL injections, XSS attacks, session tampering and buffer overflows as well as volumetric and application-based DDoS protection. An Intel study, “What’s Holding Back the Cloud,” (May 2012), reported that 87 percent As a full proxy, the Barracuda Web Application of the IT professionals surveyed were Firewall blocks or cloaks attacks, while concerned about security and data protection preventing outbound data leaks of information and 28 percent have experienced a public such as credit card or Social Security cloud–related security breach, an increase numbers. In addition, the Barracuda Web over the number of breaches experienced in Application Firewall mitigates broken access their traditional IT security infrastructure. control to applications by preventing cookie tampering and corruption of an application’s With the new cloud edition of the Barracuda access control system. With the most flexible Web Application Firewall range of deployment options that span (www.barracuda.com/WAF) that can be hardware, virtual and cloud, the Barracuda deployed on Microsoft Azure Web Application Firewall provides a complete (www.barracuda.com/WAFonAzure), security solution for all of your applications in organizations now have the flexibility to any environment. www.insecuremag.com 7 61% of IT pros don’t report security culture necessary to security programs risks to executives effective across the organization. Key findings from the survey include: • 61 percent said they don’t communicate security risk with senior executives or only communicate
Load more

Recommended publications
  • Hacks, Leaks and Disruptions | Russian Cyber Strategies
    CHAILLOT PAPER Nº 148 — October 2018 Hacks, leaks and disruptions Russian cyber strategies EDITED BY Nicu Popescu and Stanislav Secrieru WITH CONTRIBUTIONS FROM Siim Alatalu, Irina Borogan, Elena Chernenko, Sven Herpig, Oscar Jonsson, Xymena Kurowska, Jarno Limnell, Patryk Pawlak, Piret Pernik, Thomas Reinhold, Anatoly Reshetnikov, Andrei Soldatov and Jean-Baptiste Jeangène Vilmer Chaillot Papers HACKS, LEAKS AND DISRUPTIONS RUSSIAN CYBER STRATEGIES Edited by Nicu Popescu and Stanislav Secrieru CHAILLOT PAPERS October 2018 148 Disclaimer The views expressed in this Chaillot Paper are solely those of the authors and do not necessarily reflect the views of the Institute or of the European Union. European Union Institute for Security Studies Paris Director: Gustav Lindstrom © EU Institute for Security Studies, 2018. Reproduction is authorised, provided prior permission is sought from the Institute and the source is acknowledged, save where otherwise stated. Contents Executive summary 5 Introduction: Russia’s cyber prowess – where, how and what for? 9 Nicu Popescu and Stanislav Secrieru Russia’s cyber posture Russia’s approach to cyber: the best defence is a good offence 15 1 Andrei Soldatov and Irina Borogan Russia’s trolling complex at home and abroad 25 2 Xymena Kurowska and Anatoly Reshetnikov Spotting the bear: credible attribution and Russian 3 operations in cyberspace 33 Sven Herpig and Thomas Reinhold Russia’s cyber diplomacy 43 4 Elena Chernenko Case studies of Russian cyberattacks The early days of cyberattacks: 5 the cases of Estonia,
    [Show full text]
  • Crowdstrike Global Threat Intel Report
    TWO THOUSAND FOURTEEN CROWDSTRIKE GLOBAL THREAT INTEL REPORT www.crowdstrike.com TWO THOUSAND FOURTEEN CROWDSTRIKE GLOBAL THREAT INTEL REPORT INTRODUCTION .........................................................................4 Table of KEY FINDINGS ............................................................................7 STATE OF THE UNION .............................................................9 Contents: NOTABLE ACTIVITY ............................................................... 13 Criminal ................................................................................ 13 State ...................................................................................... 19 Hacktivist/Nationalist ............................................................. 25 2014 Zero-Day Activity ........................................................... 34 Event-Driven Operations ......................................................... 39 KNOW THE ADVERSARY ....................................................49 Effect of Public Reporting on Adversary Activity ........................ 49 HURRICANE PANDA .................................................................50 GOTHIC PANDA ..........................................................................55 Overview of Russian Threat Actors ........................................... 57 2015 PREDICTIONS.................................................................61 CONCLUSION ........................................................................... 73 2 Introduction Intelligence
    [Show full text]
  • Attributing Cyber Attacks Thomas Rida & Ben Buchanana a Department of War Studies, King’S College London, UK Published Online: 23 Dec 2014
    This article was downloaded by: [Columbia University] On: 08 June 2015, At: 08:43 Publisher: Routledge Informa Ltd Registered in England and Wales Registered Number: 1072954 Registered office: Mortimer House, 37-41 Mortimer Street, London W1T 3JH, UK Journal of Strategic Studies Publication details, including instructions for authors and subscription information: http://www.tandfonline.com/loi/fjss20 Attributing Cyber Attacks Thomas Rida & Ben Buchanana a Department of War Studies, King’s College London, UK Published online: 23 Dec 2014. Click for updates To cite this article: Thomas Rid & Ben Buchanan (2015) Attributing Cyber Attacks, Journal of Strategic Studies, 38:1-2, 4-37, DOI: 10.1080/01402390.2014.977382 To link to this article: http://dx.doi.org/10.1080/01402390.2014.977382 PLEASE SCROLL DOWN FOR ARTICLE Taylor & Francis makes every effort to ensure the accuracy of all the information (the “Content”) contained in the publications on our platform. However, Taylor & Francis, our agents, and our licensors make no representations or warranties whatsoever as to the accuracy, completeness, or suitability for any purpose of the Content. Any opinions and views expressed in this publication are the opinions and views of the authors, and are not the views of or endorsed by Taylor & Francis. The accuracy of the Content should not be relied upon and should be independently verified with primary sources of information. Taylor and Francis shall not be liable for any losses, actions, claims, proceedings, demands, costs, expenses, damages, and other liabilities whatsoever or howsoever caused arising directly or indirectly in connection with, in relation to or arising out of the use of the Content.
    [Show full text]
  • Aladdin's Lamp: the Theft and Re-Weaponization of Malicious Code
    2018 10th International Conference on Cyber Conflict Permission to make digital or hard copies of this publication for internal use within NATO and for personal or educational use when for non-profit or CyCon X: Maximising Effects non-commercial purposes is granted providing that copies bear this notice T. Minárik, R. Jakschis, L. Lindström (Eds.) and a full citation on the first page. Any other reproduction or transmission 2018 © NATO CCD COE Publications, Tallinn requires prior written permission by NATO CCD COE. Aladdin’s Lamp: The Theft and Re-weaponization of Malicious Code Kārlis Podiņš Kenneth Geers CERT Latvia Comodo Group Riga, Latvia Toronto, Canada Abstract: Global superpowers do not have a monopoly on cyber warfare. Software thieves can steal malware written by more advanced coders and hackers, modify it, and reuse it for their own purposes. Smaller nations and even non-state actors can bypass the most technically challenging aspects of a computer network operation – vulnerability discovery and exploit development – to quickly acquire world-class cyber weapons. This paper is in two parts. First, it describes the technical aspects of malware re-weaponization, specifically the replacement of an existing payload and/or command-and-control (C2) architecture. Second, it explores the implications of this phenomenon and its ramifications for a range of strategic concerns including weapons proliferation, attack attribution, the fog of war, false flag operations, international diplomacy, and strategic miscalculation. And as with Aladdin’s magic lamp, many malware thieves discover that obtaining a powerful new weapon carries with it risks as well as rewards. Keywords: malware, cyberwar, re-weaponization, false flag, attribution 1.
    [Show full text]
  • Who's Spying on You? | Cyber-Espionage Whitepaper
    SPECIAL REPORT WHO’S SPYING ON YOU? No business is safe from cyber-espionage With Kaspersky, now you can. kaspersky.com/business Be Ready for What’s Next CONTENTS “Many cyberattacks can be mitigated by relatively Cyber-espionage: simple measures. Why should your business care? 4 Espionage is nothing new 5 Unfortunately, some What do the perpetrators gain? 7 people fail to take Is any business safe? 8 what appear to be basic precautions – such as Methods of spreading cyber-espionage malware 14 using strong passwords, Beyond cyber-espionage 16 applying patches and How can you protect running a security your business? 17 solution. In many cases, How Kaspersky Lab security breaking into a company’s technologies can help 22 network is easier than Appendix: it sounds.” An overview of some COSTIN RAIU significant cyberthreats 28 “High-profile targeted DIRECTOR, GLOBAL RESEARCH & ANALYSIS TEAM A cyber-glossary 30 KASPERSKY LAB attacks on enterprises About Kaspersky 34 are becoming increasingly widespread. Thousands of businesses have already been hacked and had their sensitive data stolen – resulting in multi-billion dollar losses. Cyber-espionage is a tangible and growing global threat today – and fighting it is one of the principal tasks we’ve set ourselves.” EUGENE KASPERSKY CEO, KASPERSKY LAB 2 3 WHY SHOULD YOUR BUSINESS ESPIONAGE IS NOTHING NEW CARE ABOUT CYBER-ESPIONAGE? EXECUTIVE OVERVIEW Espionage, in one form or another, has existed for as long as any Cyber-espionage may sound like some strangely exotic activity from organisation or individual has felt that it could gain an advantage the movies. However, the harsh reality is that almost any business by illicitly accessing someone else’s confidential information.
    [Show full text]
  • Anti-War and the Cyber Triangle Strategic Implications of Cyber Operations and Cyber Security for the State
    Anti-War and the Cyber Triangle Strategic Implications of Cyber Operations and Cyber Security for the State Sven Herpig ACKNOWLEDGEMENT I would like to thank my loving wife – source of inspiration, firmest believer and harshest critic. For without her, this research would have never progressed beyond the first few paragraphs. I am deeply grateful for having an amazing family. Their tireless encouragement and support allowed me to pursue my dreams. During the years of research, I was not able to spend as much time with them as I would have wanted, and only a tiny fraction of what they would have deserved. I would also like to acknowledge Doctor David Lonsdale, brilliant academic and amazing supervisor, without whom this work would have remained a body without soul. Last but not least, I want to give a shout-out to all the infosec people, cyber libertarians, strategists, hackers, academics and practitioners who helped me with their immense knowledge and vast networks over the last couple of years. Sven Herpig, January 2016 ____________________________ PhD Thesis, University of Hull Research: May 2011–March 2015 Approval: August 2015 Editing: January 2016 1 TABLE OF CONTENTS LIST OF ABBREVIATIONS .....................................................................................7 LIST OF FIGURES ................................................................................................... 10 LIST OF TABLES ..................................................................................................... 11 INTRODUCTION ....................................................................................................
    [Show full text]
  • Beware the Invisible Bad Guys: Cyberespionage and Your Business
    SPECIAL REPORT BEWARE THE INVISIBLE BAD GUYS: CYBERESPIONAGE AND YOUR BUSINESS With Kaspersky, now you can. kaspersky.com/business Be Ready for What’s Next CONTENTS “Many cyberattacks can be mitigated by relatively Cyberespionage: simple measures. Why should your business care? 4 Espionage is nothing new 5 Unfortunately, some What do the perpetrators gain? 7 people fail to take Is any business safe? 8 what appear to be basic precautions – such as Methods of spreading cyberespionage malware 14 using strong passwords, Beyond cyberespionage 16 applying patches, and How can you protect running a security your business? 17 solution. In many cases, How Kaspersky Lab security breaking into a company’s technologies can help 22 network is easier than Appendix: it sounds.” An overview of some COSTIN RAIU significant cyberthreats 28 “High-profile targeted DIRECTOR, GLOBAL RESEARCH & ANALYSIS TEAM A cyberglossary 30 KASPERSKY LAB attacks on enterprises About Kaspersky 34 are becoming increasingly widespread. Thousands of businesses have already been hacked and had their sensitive data stolen – resulting in multi-billion dollar losses. Cyberespionage is a tangible and growing global threat today – and fighting it is one of the principal tasks we’ve set ourselves.” EUGENE KASPERSKY CEO, KASPERSKY LAB 2 3 WHY SHOULD YOUR BUSINESS ESPIONAGE IS NOTHING NEW CARE ABOUT CYBERESPIONAGE? EXECUTIVE OVERVIEW Espionage, in one form or another, has existed for as long as any Cyberespionage may sound like some strangely exotic activity from organization or individual has felt that it could gain an advantage the movies. However, the harsh reality is that almost any business by illicitly accessing someone else’s confidential information.
    [Show full text]
  • Metadata: the Most Potent Weapon in This Cyberwar the New Cyber-Kinetic-Meta War July 2017
    Metadata: The Most Potent Weapon in This Cyberwar The New Cyber-Kinetic-Meta War July 2017 Authored by: James Scott, Sr. Fellow, ICIT Except for (1) brief quotations used in media coverage of this publication, (2) links to the www.icitech.org website, and (3) certain other noncommercial uses permitted as fair use under United States copyright law, no part of this publication may be reproduced, distributed, or transmitted in any form or by any means, including photocopying, recording, or other electronic or mechanical methods, without the prior written permission of the publisher. For permission requests, contact the Institute for Critical Infrastructure Technology. Copyright © 2017 Institute for Critical Infrastructure Technology – All Rights Reserved 1 Support ICIT Information should be liberated, not commoditized. This powerful philosophy is the bedrock of The Institute for Critical Infrastructure Technology (ICIT), a nonprofit, nonpartisan 501(c)(3) cybersecurity Think Tank located in Washington D.C. Through objective research, publications and educational initiatives, ICIT is cultivating a global cybersecurity renaissance by arming public and private sector leaders with the raw, unfiltered insights needed to defend our critical infrastructures from Advanced Persistent Threats including Cyber Criminals, Nation States, and Cyber Terrorists. Financial capital from generous individual and corporate donors is the lifeblood of the Institute and a force multiplier to our efforts. With your support, ICIT can continue to empower policy makers, technology executives, and citizens with bleeding-edge research and lift the veil from hyper-evolving adversaries who operate in the dark. Together, we will make quantum leaps in the resiliency of our critical infrastructures, the strength of our National Security and the protection of our personal information.
    [Show full text]
  • THE THREAT LANDSCAPE a Practical Guide from the Kaspersky Lab Experts Written by David Emm Senior Regional Researcher, Global Research & Analysis Team
    THE THREAT LANDSCAPE A practical guide from the Kaspersky Lab experts Written by David Emm Senior Regional Researcher, Global Research & Analysis Team With Kaspersky, now you can. kaspersky.com/business Be Ready for What’s Next ABOUT THE AUTHOR David Emm Senior Regional Researcher Global Research & Analysis Team, also known as the GReAT team David has been with Kaspersky Lab since 2004. In his role as Senior Technology Consultant, David presented information on malware and other IT threats at exhibitions and events, and provided comment to both broadcast and print media. He also provided information on Kaspersky Lab products and technologies. He was promoted to his current position in 2008. David has a particular interest in the malware ecosystem, ID theft, and Kaspersky Lab technologies, and he conceived and developed the company’s Malware Defence Workshop. David has worked in the anti-virus industry since 1990 in a variety of roles. Prior to joining Kaspersky Lab, David worked as Systems Engineer, Product Manager and Product Marketing Manager at McAfee; and before that as Technical Support Manager CONTENTS and Senior Technology Consultant at Dr Solomon’s Software. 1. The evolution of malware 2. Are you in the firing line? A new era of targeted attacks 3. Malware: now on the move as much as you are 4. How malware spreads 5. The human factor in security 6. Anti-malware technologies 7. Top tips for creating security awareness in your organization CHAPTER 1 THE EVOLUTION OF MALWARE CONTEXT INCREASING IN SCALE, INCREASING IN SEVERITY It is more than 25 years since the first PC viruses appeared.
    [Show full text]
  • Cyber War in Perspective: Russian Aggression Against Ukraine
    cyber war in perspective: russian aggression against ukraine Cyber War in Perspective: Russian Aggression against Ukraine Edited by Kenneth Geers This publication may be cited as: Kenneth Geers (Ed.), Cyber War in Perspective: Russian Aggression against Ukraine, NATO CCD COE Publications, Tallinn 2015. © 2015 by NATO Cooperative Cyber Defence Centre of Excellence. All rights reserved. No part of this publication may be reprinted, reproduced, stored in a retrieval system or transmitted in any form or by any means, electronic, mechanical, photocopying, recording or otherwise, without the prior written permission of the NATO Cooperative Cyber Defence Centre of Excellence ([email protected]). This restriction does not apply to making digital or hard copies of this publication for internal use within NATO, and for personal or educational use when for non-profit or non-commercial purposes, providing that copies bear a full citation. NATO CCD COE Publications Filtri tee 12, 10132 Tallinn, Estonia Phone: +372 717 6800 Fax: +372 717 6308 E-mail: [email protected] Web: www.ccdcoe.org LEGAL NOTICE This publication is a product of the NATO Cooperative Cyber Defence Centre of Excellence (the Centre). It does not necessarily reflect the policy or the opinion of the Centre or NATO. The Centre may not be held responsible for any loss or harm arising from the use of information contained in this publication and is not responsible for the content of the external sources, including external websites referenced in this publication. Print: EVG Print Cover design & content layout: Villu Koskaru ISBN 978-9949-9544-4-5 (print) ISBN 978-9949-9544-5-2 (pdf) NATO Cooperative Cyber Defence Centre of Excellence The Tallinn-based NATO Cooperative Cyber Defence Centre of Excel- lence (NATO CCD COE) is a NATO-accredited knowledge hub, think-tank and training facility.
    [Show full text]
  • Unsupervised Detection of APT C&C Channels Using Web Request Graphs
    Unsupervised Detection of APT C&C Channels using Web Request Graphs Pavlos Lamprakis1, Ruggiero Dargenio1, David Gugelmann1, Vincent Lenders2, Markus Happe1, and Laurent Vanbever1 1 ETH Zurich, Zurich, Switzerland 2 Armasuisse, Thun, Switzerland Abstract. HTTP is the main protocol used by attackers to establish a command and control (C&C) channel to infected hosts in a network. Identifying such C&C channels in network traffic is however a challenge because of the large volume and complex structure of benign HTTP requests emerging from regular user browsing activities. A common ap- proach to C&C channel detection has been to use supervised learning techniques which are trained on old malware samples. However, these techniques require large training datasets which are generally not avail- able in the case of advanced persistent threats (APT); APT malware are often custom-built and used against selected targets only, making it difficult to collect malware artifacts for supervised machine learning and thus rendering supervised approaches ineffective at detecting APT traffic. In this paper, we present a novel and highly effective unsupervised ap- proach to detect C&C channels in Web traffic. Our key observation is that APT malware typically follow a specific communication pattern that is different from regular Web browsing. Therefore, by reconstructing the dependencies between Web requests, that is the Web request graphs, and filtering away the nodes pertaining to regular Web browsing, we can identify malware requests without training a malware model. We evaluated our approach on real Web traces and show that it can detect the C&C requests of nine APTs with a true positive rate of 99.5- 100% and a true negative rate of 99.5-99.7%.
    [Show full text]
  • NAVIGATING the THREAT LANDSCAPE a Practical Guide
    NAVIGATING THE THREAT LANDSCAPE A practical guide David Emm, Principal Security Researcher Global Research & Analysis Team, Kaspersky Lab usa.kaspersky.com/business-security Contents Chapter 1 The evolution of malware 3 Chapter 2 How malware spreads 9 Chapter 3 Malware: on the move as much as you are 12 Chapter 4 Are you in the firing line? A new era of targeted attacks 14 Chapter 5 The human factor in security 15 Chapter 6 Anti-malware technologies 16 Chapter 7 10 Top tips for creating security awareness in your organization 19 About the author David Emm, Principal Security Researcher Global Research & Analysis Team (GReAT) David Emm is Principal Security Researcher at Kaspersky Lab, a provider of security and threat management solutions. He has been with Kaspersky Lab since 2004 and is currently part of the company’s Global Research & Analysis Team. He has worked in the anti-malware industry since 1990 in a variety of roles, including Senior Technology Consultant at Dr Solomon’s Software, and Systems Engineer and Product Manager at McAfee. In his current role, David regularly delivers presentations on malware and other IT threats at exhibitions and events, highlighting what organizations and consumers can do to stay safe online. He also provides comment to broadcast and media on the ever-changing cybersecurity and threat landscape. David has a strong interest in malware, ID theft and the security industry in general. He is a knowledgeable advisor on all aspects of online security. 2 Chapter 1: The evolution of malware It’s over 25 years since the first PC viruses appeared.
    [Show full text]