Premium Content

Access "The evolution of threat detection and management"

Published: 01 May 2013

Cybercriminals of all persuasions now easily and routinely bypass existing enterprise security defenses by blending into the background noise of an organization’s operations. These advanced attacks now take place over months and years, subverting traditional malware-detection products that only scan for known malware at a given point in time. For example, a newly discovered Trojan called APT.BaneChant uses multiple detection-evasion techniques, including masquerading as a legitimate process, monitoring mouse clicks to avoid sandbox analysis and performing multibyte XOR encryption to evade network-level binary extraction technology. It also uses fileless malicious code loaded directly into memory and escapes automated domain blacklisting by using redirection via URL shortening and dynamic DNS services. Such attacks are testing the limitations of existing security analytics tools, and the recent Mandiant Corp. APT1 report shows just how long-running and sophisticated cyberespionage campaigns have become. According to the 2013 Cyber Threat Readiness survey ... Access >>>

Access TechTarget
Premium Content for Free.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

What's Inside

Features

More Premium Content Accessible For Free

  • Strategies for a successful data protection program
    data_protection_2014.png
    E-Handbook

    Deploying data protection technologies properly requires a lot of time and patience. While most firms can get started by using preconfigured policies...

  • Devices, data and how enterprise mobile management reconciles the two
    ISM_supp_1014.png
    E-Zine

    The bring your own device (BYOD) movement, which has flooded the enterprise with employee-owned smartphones, tablets, phablets and purse-sized ...

  • Putting security on auto-pilot: What works, what doesn't
    security_auto-pilot.png
    E-Handbook

    For so long penetration testing meant hiring an expert to use skill and savvy to try to infiltrate the company system. But, as with most ...