Premium Content

Access "The evolution of threat detection and management"

Published: 01 May 2013
Essentials: Threat detection

This article is part of the Special Edition, May 2013 issue of Essentials: Threat detection

Cybercriminals of all persuasions now easily and routinely bypass existing enterprise security defenses by blending into the background noise of an organization’s operations. These advanced attacks now take place over months and years, subverting traditional malware-detection products that only scan for known malware at a given point in time. For example, a newly discovered Trojan called APT.BaneChant uses multiple detection-evasion techniques, including masquerading as a legitimate process, monitoring mouse clicks to avoid sandbox analysis and performing multibyte XOR encryption to evade network-level binary extraction technology. It also uses fileless malicious code loaded directly into memory and escapes automated domain blacklisting by using redirection via URL shortening and dynamic DNS services. Such attacks are testing the limitations of existing security analytics tools, and the recent Mandiant Corp. APT1 report shows just how long-running and sophisticated cyberespionage campaigns have become. According to the 2013 Cyber Threat Readiness survey ... Access >>>

Access TechTarget
Premium Content for Free.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Already a member? Login to access this content.

What's Inside

Features

More Premium Content Accessible For Free

  • Unlock new pathways to network security architecture
    ISM_august_2013.png
    E-Zine

    Network security architecture is showing its age at many organizations. With new technology, different data types, and use of multi-generations of ...

  • Emerging threat detection techniques and products
    threat_detection_technologies_cover.png
    E-Handbook

    Advanced persistent threat (APT) has been a used and abused term in the security industry, but security experts say targeted attacks are a growing ...

  • The rapid evolution of MDM solutions
    ISM_june_2013_cover.jpg
    E-Zine

    Mobile device management (MDM) continues to grow at a feverish pace, both in terms of adoption and mobile security features. BYOD policies, and the ...

Back to top