Security Management Strategies for the CIOAccess "Ranum chat: APT attacks and malware evolution"
This article is part of the January/February 2012 issue of Combat the latest malware threats with effective antimalware planning
Marcus Ranum: Joel, I'm sure you know we can't get through this without talking about advanced persistent threats (APT) and malware. What's your take on that topic? I know you're a real malware maven; are there different levels of the state of the art in malware? Is malware evolution slow, or rapid? What's going on out there? Joel Yonts: Marcus, just the mention of the term advanced persistent threat (APT) has such an impact on practitioners in our field. As you know, these reactions vary from sheer terror to the extreme skeptic that says APT is a term invented by marketers to sell more gear. Since the term is so inflammatory, I will reserve my thoughts on that topic for a moment and focus on the malware problem. Malware comes in many levels of sophistication. On one end of the spectrum, we have malware that can shut down a nuclear facility (Stuxnet) by reprogramming low-level controls. On the other end of the spectrum, I received a malicious spam attachment the other day that had a poorly constructed executable that after hours of trying, I still could not... Access >>>
Access TechTarget
Premium Content for Free.
What's Inside
Features
-
-
New malware threats require new antimalware protection strategy
by Lisa Phifer
Attackers are targeting new vectors such as smartphones, social media and cloud services. Enterprises need to up their game.
-
Tackling SSL vulnerabilities for secure online transactions
by Michael Cobb, Application Security
A rash of CA breaches shows up weaknesses in the SSL infrastructure. Take action to protect your customers and employees.
-
New malware threats require new antimalware protection strategy
by Lisa Phifer
-
-
Mobile device protection: Tackling mobile device security risks
by Marcia Savage, Editor
Managing mobile device risks tops the list of priorities for security pros this year.
-
SOPA and PIPA pirating laws lose support in face of opposition
by Robert Westervelt, News Director
Security experts say there are better alternatives to copyright protection.
-
Mobile device protection: Tackling mobile device security risks
by Marcia Savage, Editor
-
Columns
-
Can a computer security researcher go too far?
by Elizabeth Martin
An examination of three cases illustrates that it’s not always a clear case of good vs. evil.
-
Ranum chat: APT attacks and malware evolution
by Marcus Ranum
Security expert Marcus Ranum talks with Joel Yonts, a seasoned security executive with a passion for information security research.
-
Security leaders help squash SOPA, PIPA pirating laws
by Michael S. Mimoso, Editorial Director
Prominent security and Internet thinkers and leaders have become an effective lobby on Capitol Hill and played a big role in squashing SOPA.
-
Can a computer security researcher go too far?
by Elizabeth Martin
More Premium Content Accessible For Free
Compliance and risk modeling
E-Zine
You can fight compliance or embrace it, but one way or the other, you can’t escape it. Increasingly, smart organizations are not just accepting ...
Essentials: Threat detection
E-Zine
Antivirus and intrusion prevention aren’t the threat detection stalwarts they used to be. With mobile endpoints and new attack dynamics, enterprises ...
Managing identities in hybrid worlds
E-Zine
The world in which successful IAM programs must be implemented is increasingly complex, a mix of legacy on-premise IAM infrastructures, cloud-based ...