Tag: APT

Don’t Call It A Hack Back: Crowdstrike Unveils Falcon Platform

Lots of aspiring technology start-ups dream of getting their product written up in The New York Times or Wall Street Journal when it launches. For Crowdstrike Inc. a two year-old security start-up based in Laguna Niguel, California, media attention from the papers of record hasn’t been an issue. This reporter counted twelve articles mentioning the company in The Times in the last year, and another two reports in The Journal. Much of that ink has been spilled on stories related to Crowdstrike research on sophisticated attacks, or the company’s all-star executive team, including former McAfee executives George Kurtz (CEO) and Dmitri Alperovitch (CTO), as well as former FBI cybersecurity chief Shawn Henry (Crowdstrike’s head of services), who left the Bureau in April, 2012 to join the company. For much of that time, Crowdstrike has been known mostly as a security services and intelligence firm, but the goal was always to […]

Continue Reading

Fraud Analytics: You’re Doing It Wrong!

One of the most vexing problems in computer security today is distinguishing malicious from legitimate behavior on victim networks. Sophisticated cyber criminals and nation-backed hacking groups make a point of moving low and slow on compromised end points and networks, while victim organizations are (rightly) wary of disrupting legitimate business activity for the sake of spotting a breach. In this Security Ledger Podcast, Paul interviews Jason Sloderbeck, Director of Product Management at RSA, EMC’s security division.  Jason talks about RSA’s Silvertail fraud analytics technology, and the organizational and technology issues that keep victims from spotting attacks. One of the big mistakes organizations make when they investigate attacks, Sloderbeck said, is focusing too narrowly on a point in time during a web session that is felt to be a good indicator of compromise – like when a user authenticates to a service or “checks out” on an e-commerce web site. “There’s a whole […]

Continue Reading

Podcast: Project Prism – Has Uncle Sam Gone Rogue?

It was hard to escape the big news this week: revelations from The Guardian and The Washington Post about a program of widespread surveillance of online social networks and mobile phone use. The news, both the result of high-level leaks of classified information, has embroiled the Obama Administration in the most serious questions about domestic spying since the Nixon administration. To discuss the week’s events, Paul sat down with Ron Gula, the CEO of Tenable Network Security (and a former NSA security ninja) and Rick Forno, director of the University of Maryland Baltimore County’s Graduate Cybersecurity Program and a Junior Affiliate Scholar at the Stanford Law School’s Center for Internet and Society (CIS).  While neither guest was surprised to read about the government’s monitoring of cell phone activity or data from social networks, the latest reports lay bare the dimensions of the U.S. government’s domestic spying post 9/11, and raise serious […]

Continue Reading

UN Calls Electronic Surveillance A Threat To Democracy

A new report out from the United Nations’ General Assembly warns that governments’ use of electronic surveillance and monitoring of citizen communications is a violation of human rights and calls for updated laws and guidelines that reflect changes in communications “techniques and technologies.” The growing use and sophistication of digital surveillance has outstripped the ability of societies to legislate their proper use, leading to “ad hoc practices that are beyond the supervision of any independent authority,” and that threaten to stifle free expression, according to the report, issued by the UN General Assembly’s Human Rights Council (PDF). First issued in April, but released to the public this week, the report looks at States’ use of communications surveillance and their impact on what the report calls “human rights to privacy and to freedom of opinion and expression.” It concludes that the growth of online surveillance of electronic communications, including access to stored […]

Continue Reading

Report: Chinese Hackers Pinch Advanced Weapons Designs

A Washington Post story on Sunday cited a confidential report prepared by the Pentagon that claims “Chinese hackers” have compromised systems storing data on the design of more than two dozen major U.S. weapons systems. The report, prepared for the Pentagon’s senior brass by the Defense Science Board, warns that the intrusions have given China’s People’s Liberation Army (PLA) a leg up on the U.S., and a boost in efforts to modernize its own military for use in a possible, future conflict, The Post reported. Many of the breaches that led to theft of sensitive data occurred at private defense contractors, or at firms that acted as subcontractors to them, the report said. No specific incidents or companies are named in the report. However, the main outlines of it echo reports of leaks of classified information on weapons systems going back more than three years. In April, 2009, for example, […]

Continue Reading
1 58 59 60 61 62 67