Exploit kits are automated malware-distribution tools to be used by criminals. These toolkits are designed to exploit client-side vulnerabilities in software in order to infect computers with malware. Typically, exploits target browsers and software running within the browser such as Java Runtime Environment, Adobe Reader and Adobe Flash Player. The kits exploit these vulnerabilities in a drive-by download. This week for example, the NBC website was infected with the RedKit exploit kit, downloading the Citadel malware onto the computers loading the NBC homepage as well as the Jay Leno page. Exploit kits are a core component in Advanced Persistent Threats (APTs), a key cyber threat today.
Continue reading
Monthly Archives: February 2013
Exploit kits – the silent assassin
Defending against Advanced Persistent Threats (APTs)
Advanced Persistent Threats (APTs) are sophisticated attacks, far more difficult to defend against than conventional, widely-targeted attacks. They often involve a number of intrusion methods, and are researched, customised and focussed for the particular target organisation. APT operations can extend over a prolonged period of months. Successful APTs harvest sensitive customer data as well as proprietary information and can have devastating effects on the organisation.
Continue reading
Spy v Spy
This is what I love about IT security – the intellectual battle played out daily between the good guys and the bad guys like an intricate chess game on a global chess board. Every day consists of countless skirmishes, reconnaissance and espionage expeditions, the shoring up of defences, securing data, secret communications, subterfuge, surveillance, encryption, and commando raids, in a shadowy intellectual dual between attacker and defender. Intellectual, because the clever guy wins.
Continue reading
10 dangers lurking within social networking
With about one and a half billion social network users worldwide, those regularly using Facebook, Twitter, LinkedIn, Google +, Pinterest and others, are key targets of cyber criminals. This post examines some of the security threats arising from social networking. Many on the list are interconnected.
Continue reading
Shortcomings of anti-phishing blacklisting
Blacklisting is the most common form of anti-phishing protection. It is used by internet browsers as well as by popular internet security suites to protect against phishing attacks. Blacklisting has serious shortcomings.
Continue reading
Conventional antivirus technology falls short yet again
Details are emerging that the cyber attack against The New York Times easily circumvented conventional anti-virus defences. Out of the 45 pieces of malware deployed to harvest the usernames and passwords of New York Times reporters, 44 evaded anti-virus protection. Only one was identified by the security software. CNN concludes that “your antivirus software probably won’t prevent a cyber attack”.
Continue reading
