Behavioral Based Email Security Systems

By Simon Heron, CISSP Internet Security Analyst

There needs to be a change to email security if we want to stop seeing high profile security breeches such as the ones that hit Hotmail and Google in 2009, and the America law firm Gipson Hoffman & Pancione more recently. The problem is, most email filtering systems will trust the email address and therefore allow it through.

2009 Infosec Threat Analysis Summary

By Simon Heron, CISSP Internet Security Analyst

Three million new threats were identified in 2009, which equates to almost one every 10.8 seconds. 2,905,697 threat signatures were released to protect against new or variant threats, an increase of 6.9 per cent from 2008. Most spam and malware originates from botnets and compromised hosts. There’s been a move away from mass-mailed spam and malware of old, to more targeted vulnerability exploits as cyber-criminals look towards more efficient means of carrying out their attacks. These examples highlight the need for all companies to review security policies for the applications and software that they permit people to access via their corporate networks or work computers.

Technology And The Advent of Cyber War

By Richard Stiennon, Chief Research Analyst, IT-Harvest

Every new form of war drives changes in technology. Conversely the technology causes the change in the methods and outcomes of wars. Effective cyber war is driven by the cyber equivalent of an arms race. The attacker discovers and devises new attack methodologies while the defender shores up his defenses by blocking ports, patching systems and deploying technology. There are eleven areas of development in offensive technology to be brought to bear on the problems of cyber war.

Surviving Cyber War: A Primer on DDoS

By Richard Stiennon, Chief Research Analyst, IT-Harvest

Just as markets do a better job of regulating good and bad business practices in rapidly evolving economies, the self interested protection of the security community may be the best response to the scourge of Internet pestilence. Viruses, worms, spam, spyware, and botnets have all changed the Internet and the way organizations use it for profit.

• Categories

  • Anthony M. Freed (26)
  • Bill Brenner (2)
  • Bob Violino (1)
  • Bozidar Spirovski (23)
  • Breach (540)
  • Britt Womelsdorf (5)
  • By Dr. InfoSec (2)
  • Cara Garretson (7)
  • CCCNews (1)
  • Chorey Taylor & Feil (8)
  • Christophe Veltsos (2)
  • Christopher Burgess (7)
  • CIOZone (26)
  • Class Action Lawsuit (111)
  • Cloud computing (104)
  • Coby Royer (5)
  • CTO Forum (9)
  • D&O Liability (592)
  • Daniel Wallace (5)
  • Danny Lieberman (11)
  • DataLine (10)
  • David Alexander (2)
  • Derek Crawford (1)
  • Doug Pollack (7)
  • due diligence (301)
  • Fame Foundry (1)
  • FEATURE ARTICLE (428)
  • Financial (578)
  • Fred Leland (7)
  • Gene Kim (3)
  • Government (364)
  • Greg George (5)
  • H1N1 (15)
  • hackers (530)
  • healthcare (125)
  • Heather Bourgoin (1)
  • HomeATM (8)
  • identity-theft (526)
  • IDExperts (17)
  • Ike Z. Devji (1)
  • Infosec Island Network (29)
  • Insider Threat (481)
  • Internet Crime Complaint Center (1)
  • Internet Security Alliance (62)
  • ISR News (321)
  • Jacqueline Herships (2)
  • Jenni Hesterman (3)
  • John M. Salomon (2)
  • John Watkins (7)
  • John-Patrick Skaar (2)
  • Kaliber Data Security and Compliance Consultants (3)
  • Kat Sanders (2)
  • Ken Leeser (3)
  • Kevin L. Jackson (10)
  • Kevin M. Nixon (21)
  • Larry Ketchersid (1)
  • Laton McCartney (7)
  • Lauren Taylor (1)
  • Linda McGlasson (1)
  • malware (492)
  • Mark Smail (1)
  • Mark Wright (1)
  • Mel Duvall (3)
  • Michael Eggebrecht (3)
  • Michael Lohr (1)
  • Michael O'Conner (4)
  • MicroSolved (1)
  • Mike Duncan (3)
  • Mike Meikle (4)
  • Mike Spinney (1)
  • Military (202)
  • national security (444)
  • PCI (299)
  • PCI Security Standards Council (32)
  • Physical Security (11)
  • privacy (543)
  • Rachel James (10)
  • reach (2)
  • Rebecca Herold (16)
  • Richard Stiennon (44)
  • Robert Siciliano (34)
  • Sarbanes-Oxley (493)
  • ScamStop (2)
  • Sean Wilkins (2)
  • Semyon Dukach (1)
  • Simon Heron (14)
  • Software Associates (11)
  • Steven Fox (19)
  • SUPERAntiSpyware (3)
  • Sybase (6)
  • Symplified (5)
  • The Jester (8)
  • The Privacy Professor (16)
  • Thomas R. Fox (8)
  • Tom Groenfeldt (2)
  • Tom McLain (2)
  • Trefis (14)
  • Tripwire (18)
  • Uncategorized (621)
  • virtualization (92)
  • Webcast (49)

• ISR Headline Index

  • DoS Attack Reveals Widespread Vulnerabilities
  • Study Shows Employees Put Data at Risk
  • Tracking Google’s Script Kiddie Hackers
  • Newbie Introduction to Digital Forensics Part 2
  • Simple Log Review Checklist Released
  • Press F1 for Help? Microsoft Zero Day Threat!
  • A Newbie’s Introduction to Digital Forensics
  • Security Best Practice: Trust But Verify…
  • Google, Adobe, and Big Oil Under Attack!
  • Building your OWN Malware Lab (Part 2)
  • How Twitter Spam Steals From Google, Yahoo!
  • Tech Stocks Week in Review Featuring iPad
  • DoD Endorses Certification for Hackers
  • Risk Based Enterprise Compliance Programs
  • Data Loss Prevention Has Jumped the Shark

• Recent Comments

  • Ryan Aslett on Data Loss Prevention Has Jumped the Shark
  • Tom on (Lack Of) Encryption and The HITECH Act
  • ADMIN on Patriot Hacker Hits Jihad With DDoS Attacks
  • Robert Siciliano on Data Loss Prevention Has Jumped the Shark
  • Karen J. Cox on Data Loss Prevention Has Jumped the Shark
  • Scot McLeod on Outsourcing Breach Response Lowers Costs
  • John Marke on Gartner Tells CIOs to Embrace Social Media
  • Social Engineering and Enterprise Security | CIO – Blogs and … | Enterprise Engineering Addict on Gartner Tells CIOs to Embrace Social Media
  • From Russia, With Smartphones on Top 8 Social Media Security Threats
  • Judith Hoffman on Scam Alert: Rogue Gmail Account Phishing
• 
  

  Information Security Resources

  Top network security blogs