Worried about your company falling prey to NY Times type malware attack? Read this research.

For those of you reading the latest news about “Advanced Persistent Threats” (aka. Advanced Targeted Attacks) you’ll want to read through a few notes that Gartner has published on this topic. See the following and examine what you can do about it today:

– Best Practices for Mitigating Advanced Persistent Threats (Lawrence Pingree, Neil MacDonald)

– Market Trends: Advanced Threat Protection Appliances, Worldwide, 2012 (Lawrence Pingree)

– Competitive Landscape: Network Behavior Analysis Market, Worldwide, 2012 Lawrence Pingree)

– Malware, APTs, and the Challenges of Defense (Dan Blum)

– Information Security Is Becoming a Big Data Analytics Problem (Neil MacDonald)

– Network Security Monitoring Tools for ‘Lean Forward’ Security Programs (John Pescatore, Lawrence Orens)


[ISN] Hacktivist group suspends bank attacks

https://www.computerworld.com/s/article/9236325/Hacktivist_group_suspends_bank_attacks By Jaikumar Vijayan Computerworld January 29, 2013 A group claiming responsibility for a string of cyberattacks against several major U.S. banks over the past four months today said that it has suspended its campaign in response to YouTube’s apparent removal of a controversial anti-Muslim video. The Izz ad-Din al-Qassam Cyber Fighters group launched the attacks last October to protest the posting of a 14-minute trailer of “Innocence of Muslims,” a movie insulting Prophet Muhammed that sparked widespread protests across the Middle East last year. At that time, Google removed the video in some countries but let it remain on YouTube in several other countries because the video did not violate its policies. The al-Qassam group, which claims to be based in Iran, launched a series of dedicated denial of service (DDoS) attacks against Wells Fargo , JPMorgan Chase, Bank of America, CapitalOne, Citibank and more than 20 other banks. The attacks, which have caused considerable service disruptions to the banks, have been ongoing since then. […] ______________________________________________ Visit the InfoSec News Security Bookstore Best Selling Security Books and More! http://www.shopinfosecnews.org


[ISN] Unplug Universal Plug And Play: Security Warning

http://www.informationweek.com/security/vulnerabilities/unplug-universal-plug-and-play-security/240147226 By Mathew J. Schwartz InformationWeek January 29, 2013 More than 23 million Internet-connected devices are vulnerable to being exploited by a single UDP packet, while tens of millions more are at risk of being remotely exploited. That warning was issued Tuesday by vulnerability management and penetration testing firm Rapid7, which said its researchers spent six months studying how many universal plug and play (UPnP) devices are connected to the Internet — and what the resulting security implications might be. The full findings have been documented in a 29-page report, “Security Flaws In Universal Plug and Play.” “The results were shocking, to the say the least,” according to a blog post from report author HD Moore, chief security officer of Rapid7 and the creator of the open source penetration testing toolkit Metasploit. “Over 80 million unique IPs were identified that responded to UPnP discovery requests from the Internet.” UPnP is a set of standardized protocols and procedures that are designed to make network-connected and wireless devices easy to use. Devices that use the protocol — which is aimed more at residential users rather than enterprises — include everything from routers and printers to network-attached storage devices and smart TVs. […] ______________________________________________ Visit the InfoSec News Security Bookstore Best Selling Security Books and More! http://www.shopinfosecnews.org