Access "Talk of cyberwarfare threats heats up with Flame malware"
This article is part of the July/August 2012 issue of Establishing an effective internal security pen testing methodology
Security experts and researchers generally are unfazed by cyberattacks using malware designed to collect intelligence data because it’s a practice that’s been done for years, but most agree the real threat is attacks aimed at causing destruction. In the hands of the wrong people -- extremists out to cause chaos to make a statement regardless of the fallout -- cyberweapons are too difficult to control, they say. The Flame malware toolkit, which emerged recently, has sparked a renewed discussion of cyberwarfare threats. Researchers conducting analysis of the malware are trying to shed light on how and why it was used. All signs point to nation-state sponsored cyber-intelligence gathering, a practice that has been going on for decades, according to security experts, and it’s likely there is no end in sight. Flame is now also linked to the Stuxnet worm, which returned to the public eye recently after new details emerged connecting the attack -- designed to disrupt Iran’s nuclear program -- to a joint American-Israeli operation dubbed “Olympic Games,” according ... Access >>>
Premium Content for Free.
How to pen test: Why you need an internal security pen testing program
by Dave Shackleford
Learn pen testing best practices and how to build an internal pen testing team.
Securing SharePoint: SharePoint security best practices
by Marcia Savage, Editor
SharePoint has become ubiquitous in the enterprise, but organizations can overlook security. Learn SharePoint security best practices in this article.
Talk of cyberwarfare threats heats up with Flame malware
by Robert Westervelt, News Director
Experts say malware toolkit isn’t unique, but warn of cyberweapons falling into the wrong hands.
- How to pen test: Why you need an internal security pen testing program by Dave Shackleford
Big data security analytics: Harnessing new tools for better security
by Scott Crawford, Contributor
New techniques are emerging to help organizations analyze security data and improve security defenses.
Three steps for securing SharePoint
by Brien Posey
Restricting user permissions, server hardening and dedicated service accounts are critical.
- Big data security analytics: Harnessing new tools for better security by Scott Crawford, Contributor
Gary McGraw on mobile security: It’s all about mobile software security
by Gary McGraw, Contributor
Mobile systems have a lot of moving parts, but securing them is as simple as practicing software security.
Cyberspace protection requires government collaboration with industry
by Riley Repko, Contributor
Government and private sector collaboration is critical to surviving in cybespace.
LinkedIn password leak: Lessons to be learned from LinkedIn breach
by Marcia Savage
Breach at the professional networking site highlights password practices, storage procedures.
- Gary McGraw on mobile security: It’s all about mobile software security by Gary McGraw, Contributor
More Premium Content Accessible For Free
As tablets and smartphones become more integrated into business environments, CISOs are scrambling to put effective countermeasures in place. But too...
This Technical Guide examines the necessary elements of, and how to implement, a sound mobile device management strategy. Devices will be lost...
Despite the enormous concerns around cloud security, many information security professionals remain on the sidelines when it comes to their ...