The State of DDoS Protection: Organizations Remain Unprepared for DDoS Attacks
[ Source: Neustar ]
December 2012-
Distributed denial-of-service (DDoS) attacks continue to grow in size, complexity and danger. Witness the recent wave of attacks on major U.S. banks, which knocked websites offline, angered customers and took a grave toll on brand reputations. The lessons of those attacks echo the findings of this report: Previously successful DDoS mitigation solutions no longer work.
UBM Tech conducted research with IT professionals who have suffered DDoS attacks. The drastic changes in attack ...
Close Encounters of the Third Kind
[ Source: IBM ]
December 2012-
This white paper presents the results of a research study on the prevalence of client-side JavaScript vulnerabilities, conducted by the IBM Security (formerly, IBM Rational) application security team. For this study, the researchers used IBM JavaScript Security Analyzer (JSA) technology, which performs static taint analysis on JavaScript code that was collected from web pages extracted by an automated deep web crawl process. This kind of analysis is superior to and more accurate than regular static ...
Cerberus: Malware Triage and Analysis
[ Source: AccessData Group ]
October 2012-
This document reviews new malware analysis technology, Cerberus, which determines the behavior and intent of suspect binaries without the need for signatures, white lists or a sandbox environment. Using this “triage” approach, organizations are able to detect unknown threats that signature-based technologies will miss. In addition, they are able to gain critical information immediately, allowing them to take decisive action prior to engaging a malware team. There are tens of thousands of static executables on ...
Achieving Compliance in Digital Investigations
[ Source: Guidance Software ]
October 2012-
80% of organizations suffering payment card breaches had not achieved compliance with PCI DSS at the time of the breach. – Verizon 2011 Data Breach Investigation Report
As regulation and litigation increase, internal investigators must support an alphabet soup of compliance obligations: SOX, GLBA, FISMA, HIPAA, PCI DSS, regional privacy laws, and more. Although each regulation is different, these laws share common investigation requirements in three areas: policy, control infrastructure, and incident response.
This ...
How Three Cyber Threats Transform the Role of Incident Response
[ Source: Guidance Software ]
October 2012-
“The theft began with an instant message sent to a Google employee in China who was using Microsoft’s Messenger program… Ultimately, the intruders were able to gain control of a software repository used by the development team.” - New York Times - Cyberattack on Google Said to Hit Password System
While we still use many of the same old names - viruses, Trojans, and worms - today’s malware enables potent multistage ...
ACAD/Medre. A - The Story of a Computer Worm and Industrial Espionage
[ Source: ESET ]
October 2012-
Cyber-attacks are now about making money. ACAD/Medre.A is a terrifying worm that stole AutoCAD files. This whitepaper shows how industrial espionage is a new threat.
DDoS for Dummies
[ Source: Corero ]
October 2012-
A Distributed Denial of Service (DDoS) attack against your organization’s network and systems can bring your online business to a grinding halt, costing you hundreds of thousands – even millions – of dollars, ruining your brand, and driving away your customers.
Far too many organizations are ill-prepared to deal with the effects of DDoS attacks and other Internet security threats. They rely on traditional security devices including firewalls, intrusion prevention systems (IPS) and other ...
Evolving Endpoint Malware Detection: Dealing with Advanced and Targeted Attacks
[ Source: Trusteer ]
November 2012-
Advanced malware targeting employee endpoints is a major threat to corporate intellectual property, regulated data and financial assets. Perimeter and traditional endpoint defenses are struggling to meet this emerging threat in the face of a changing IT landscape: desktop virtualization, remote access, BYOD and Cloud migration.
This whitepaper explains how advanced malware challenges traditional defenses to take advantage of the increased exposure of employee endpoints. It review's the evolution of advanced targeted attacks, ...
Protection Against Today's Modern Cyber Threats
[ Source: Bit9 ]
August 2012-
Are your endpoints safe from today's malware, data leaks and unauthorized software? With today's mobile workforce, businesses need to take every precaution to secure their endpoints.
Download this case study to learn how one accounting and consulting giant uses Bit9's advanced threat protection platform to offer employees flexibility without jeopardizing enterprise safety.
Are Your Domain Controllers At Risk?
[ Source: Bit9 ]
August 2012-
Did you know that enterprise servers were the victims of 94% of all data stolen last year. Servers have become strategic targets for cybercriminals intent on stealing business critical data and conducting protracted attacks.
Download this case study and learn how an international communications company locks down their domain controllers with Bit9's trust-based application control solution and are now protected against todays modern cyber threats.