SC Magazine Autralia summarized Ed Skoudis’s and Joannes Ullrich’s RSA presentation on the six most dangerous IT Security threats of 2011 and what to expect in the year ahead. They are:
DNS as command-and-control
SSL slapped down
Mobile malware as a network infection vector
Hacktivism is back
SCADA at home
Cloud Security
Additional trends:
IPv6
Oldies
Social Networking
Malware
DNSSEC
The reference to the Malware item above is that blacklisting is a losing proposition and organizations need to move to whitelisting. IMHO, this especially true for establishing positive network control at the application level.
Despite efforts to curb file-sharing, it’s booming. New file-sharing apps have been developed that are harder for enterprises to control.
The file-sharing landscape is slowly adjusting in response to the continued push for more anti-piracy tools, the final Pirate Bay verdict, and the raids and arrests in the Megaupload case. Faced with uncertainty and drastic changes at file-sharing sites, many users are searching for secure, private and uncensored file-sharing clients. Despite the image its name suggests, RetroShare is one such future-proof client.
If your Next Generation Firewall uses a Positive Control Model and monitors all 65,535 ports all the time you do not have to worry about these new file-sharing products because they will be blocked as unknown applications. Of course, before you go into production, you must investigate all of the unknown apps to assure that all business-required apps are identified, defined, and allowed by policy.
01. March 2012 · Comments Off on Modern Malware for Dummies · Categories: Slides
Modern malware has transformed into highly sophisticated network applications and has, in the process, changed the world of enterprise security and how networks are attacked. These threats are experts at remaining hidden from traditional security while exhibiting an intelligence, resiliency, and scale that has never before been seen in malware.
“Modern Malware for Dummies,” by Lawrence C. Miller, provides an in-depth examination of real-world attacks and modern malware threats, the shortcomings of legacy security solutions, the capabilities of next-generation firewalls, and security best practices.
If you would like a copy of this book, please fill out the form on the right side of this page.
01. March 2012 · Comments Off on NetFlow Security Monitoring for Dummmies · Categories: Slides
Network flow analysis is a critical Detection Control in a Zero Trust based Defense-in-Depth Architecture. This book takes you through the basics of NetFlow analysis for information security purposes — what NetFlow is, how it works, and how you can enable it to yield actionable security intelligence. It also provides some detail on the specific security risks addressed by NetFlow analysis and provides best practices for conducting NetFlow collection and analysis.
If you would like a copy of this book, please fill out the form on the right side of this page.