Security Management Strategies for the CIO
Email Alerts
-
Is your data safe from next-generation attackers?
In this month's issue of Information Security magazine, get everything you need to know about building an endpoint security solution in our step-by-step guide. Get the inside scoop on next-generation attackers, as we expose (and help you foil) their ... E-Zine
-
What are botnets and how can you prepare for them?
What exactly are botnets and why are they the fastest-growing menaces on the Internet? Get the details in this month's issue of Information Security magazine and learn what you need to do to man the battlements. In addition, read stories about databa... E-Zine
-
Enterprise mobile device defense fundamentals
This Security School lesson will examine the realities of the security threat posed by mobile devices such as smartphones and tablets, the methods savvy attackers are using today to take advantage of vulnerable mobile devices, and the technology and ... partOfGuideSeries
-
Developing a strategy for malware defense
In this Security School lesson, expert Lenny Zeltser provides a picture of the state of the malware landscape as it pertains to SMBs, as well as a run down of the most common types of malware. He explains how malware works, what it can do and what ma... partOfGuideSeries
-
Black Hat conference 2010: News, podcasts and videos
Get updates on the latest happenings at the Black Hat 2010 conference with breaking news stories, and exclusive video and podcasts. Conference Coverage
-
Hacker attack techniques and tactics: Understanding hacking strategies
This guide provides you with a plethora of tips, expert advice and Web resources that offer more in-depth information about hacker techniques and various tactics you can employ to protect your network. Learning Guide
-
Virtual Honeypots: From Botnet Tracking to Intrusion Detection
In Chapter 11 of Virtual Honeypots: From Botnet Tracking to Intrusion Detection, authors Niels Provos and Thorsten Holz get inside the botnet and reveal some interesting conclusions. Book Chapter
-
Advanced malware, rootkit and Trojan defense
In a matter of months, the threat landscape has changed dramatically. In this lesson, learn how to thwart sophisticated attacks featuring custom rootkits, Trojans and malware designed to exploit unknown vulnerabilities. partOfGuideSeries
-
Preventing Web server attacks
Web servers need constant hardening, testing and monitoring to prevent Web server attacks. In this lesson, learn tactics, policies and best practices for keeping enterprise Web servers safe and secure. partOfGuideSeries
-
SearchSecurity.com's Guide to Thwarting Hacker Techniques
This guide provides you with a plethora of tips, expert advice and Web resources that offer more in-depth information about hacker techniques and various tactics you can employ to protect your network. Learning Guide
-
Spy vs. Spy
Excerpt from Chapter 6 of Spies Among Us: How to Stop the Spies, Terrorists, Hackers, and Criminals You Don't Even Know You Encounter Every Day. Book Chapter
-
Learning about Security Threats: Profiling
A look at what it means to be a hacker. Reprint
- See more Essential Knowledge on Hacker Tools and Techniques: Underground Sites and Hacking Groups
-
Black Hat 2013 opens with testy keynote, smart device hacks
After a contentious opening keynote by NSA Director Gen. Keith Alexander, day one of Black Hat 2013 showed smart device hacks, severe SCADA issues. News | 01 Aug 2013
-
After lull, PLA 'Comment Crew' hasn't changed cyber-espionage tactics
The Chinese government's alleged cyber-espionage arm remains active after a quiet period, using the same tactics revealed in Mandiant's APT1 report. News | 06 May 2013
-
Symantec 2013 Threat Report highlights rise in SMB attacks
Big Yellow's annual report indicates a threefold rise in targeted attacks against SMBs as attackers search beyond big firms for susceptible targets. News | 18 Apr 2013
-
'Internet underground' fight demands better cybersecurity intelligence
Former U.S. national security advisor Greg Rattray believes better cybersecurity intelligence is needed to combat a growing "Internet underground." News | 22 Mar 2013
-
RSA 2013 crowd awed by live 'sinkholing' in P2P botnet takeover
Tillmann Werner of CrowdStrike wowed onlookers with a live 'sinkholing' demonstration, taking down the Kelihos P2P botnet. News | 04 Mar 2013
-
RSA 2013: China not the only cyber espionage country, says Mandiant
China is not the only country carrying out large-scale cyber espionage, says US cyber security firm Mandiant. News | 28 Feb 2013
-
Spear phishing, manpower drive Chinese APTs, says researcher at RSA 2013
Chinese cyberattacks rely on spear phishing and overwhelming numbers, not sophisticated attack methods, says a researcher at RSA Conference 2013. News | 27 Feb 2013
-
DDoS, SQL injection discussions trending in hacking forums, study finds
Hackers share attack techniques and vulnerability information, shedding light on what threats matter most, according to a new study. News | 30 Oct 2012
-
Aurora attackers target defense firms, use flurry of zero-days
Cybercriminals tied to the 2009 Aurora attacks have used a flurry of zero-day exploits and a new "watering hole" attack technique in targeted campaigns. News | 07 Sep 2012
-
FireEye warns of steady increase in advanced malware
Social engineering tactics often involve email attachments targeting various industry sectors, says the security firm. News | 04 Sep 2012
- See more News on Hacker Tools and Techniques: Underground Sites and Hacking Groups
-
Unintentional benefits: Attackers force search for better Trojan virus protection
Editor Lawrence M. Walsh says creative attackers are unintentionally aiding the search for better security defenses. Opinion
-
Cyberwar myths: Are cyberwarfare and cyberterrorism overblown?
Marcus Ranum explains why the whole notion of cyberwarfare is a scam. Opinion
-
Kevin Mitnick security conference shrouded in secrecy
The famed ex-con hacker's "super-secret" security conference shields executives from public view. Opinion
-
Reality AV: Infosec storylines make for good reality TV ideas
Is a Hacker Dating Game show that far-fetched? A few infosec storylines that would play well as reality TV ideas. Column
-
Exploit kits evolved: How to defend against the latest attack toolkits
Expert Nick Lewis details how automated exploit kits are evolving and offers mitigations for the latest methods employed by these attack toolkits. Tip
-
The Red October malware campaign uncovered: What enterprises can learn
Expert Nick Lewis details the recently uncovered Red October malware campaign, plus the new and existing controls needed to thwart cyberespionage. Tip
-
Cyberwar calls for software and system investment, not hacking back
Hacking back isn't the way to win the cyberwar. Gary McGraw says building software and systems with fewer vulnerabilities is stronger protection. Tip
-
Information security controls for data exfiltration prevention
Enterprises may be amazed to discover how valuable their data is to attackers. Learn five information security controls to prevent data exfiltration. Tip
-
Built-in Windows commands to determine if a system has been hacked
In this tip, contributor Ed Skoudis identifies five of the most useful Windows command-line tools for machine analysis and discusses how they can assist administrators in determining if a machine has been hacked. Tip
-
Exploit research: Keeping tabs on the hacker underground
Protecting an organization against malicious hackers is a constant challenge, especially when attack methods are constantly evolving. But, according to information security threats expert Ed Skoudis, there are effective methods security pros can use ... Tip
-
Enterprise security in 2008: Malware trends suggest new twists on old tricks
This year's malicious hackers are ready to add new twists to their old tricks. Taking hints from last year's range of cyber attacks and malicious code, information security expert Ed Skoudis reveals five key threats that are likely to dominate headli... Tip
-
Investigating logic bomb attacks and their explosive effects
A logic bomb is a dangerous piece of software designed to damage a computer or network and cause massive data destruction. In this tip from SearchSecurity.com's Ask the Expert section, Ed Skoudis explains how an enterprise can prepare for a hacker's ... Tip
-
How to protect your company against cybercrime
Thanks to the Internet's inherent anonymity, widespread reach and disjointed law enforcement status, cybercriminals have a lot to gain -- and enterprises have a lot to lose. In this tip, SearchSecurity expert and malware guru Ed Skoudis describes how... Tip
-
Digital deception: Raising the stakes on hackers
Learn the theory behind digital deception and how to implement digital deception techniques. Tip
- See more Tips on Hacker Tools and Techniques: Underground Sites and Hacking Groups
-
What risk does the Apple UDID security leak pose to iOS users?
Expert Michael Cobb details Apple's Unique Device Identifiers, plus why iOS users should be concerned about the Anonymous UDID security leak. Answer
-
Use cybercrime statistics to combat organized cybercrime
Expert Michael Cobb provides some cybercrime statistics and discusses how organized cybercrime is using free Web analytics tools to plan attacks. Answer
-
Prevent the threat of the Low Orbit Ion Cannon tool, Web-based malware
Recent DDoS attacks by Anonymous show why enterprises must avoid the Low Orbit Ion Cannon tool and other Web-based malware. Expert Nick Lewis explains. AtE
-
Does Morto worm prove inherent flaws in Windows RDP security?
The recent Morto worm had unusual success spreading via Windows Remote Desktop Protocol. Does that mean RDP is security too weak? Nick Lewis explains. Answer
-
Hacker chatter: Can hacker websites help companies anticipate attacks?
Tracking hacker chatter could be useful for discovering attacks, but there may be other, less risky routes to finding the same information. Answer
-
Locate IP address location: How to confirm the origin of a cyberattack
What's the best way to determine the origin of a cyberattack? Expert Nick Lewis weighs in. Answer
-
What can be done to keep students from becoming cybercriminals?
When cybercriminals offer tuition payments to college students in exchange for their services, what can anyone do to intervene? Security management expert Mike Rothman suggests some strategies. Ask the Expert
-
What security measures can be taken to stop crimeware kits?
Enterprises that don't have thoroughly patched browsers, PDF readers, media players and other client-side software are very likely to get compromised by MPack and similar crimeware tools. Ed Skoudis explains. Ask the Expert
-
Has ransomware made a comeback?
Ransomware attacks, though not very common, do occur. Ed Skoudis explains how to "negotiate" with Gpcode and other malware of this type. Ask the Expert
-
Has cross-site scripting evolved?
It's astounding what is being done with browser scripts these days. In this expert Q&A, Ed Skoudis explains how today's cross-site scripting attacks are a far cry from those of a decade ago. Ask the Expert
- See more Expert Advice on Hacker Tools and Techniques: Underground Sites and Hacking Groups
-
cold boot attack
A cold boot attack is a process for obtaining unauthorized access to encryption keys stored in the dynamic random access memory (DRAM) chips of a computer system. Definition
-
device attack
A device attack is an exploit in which the attacker takes advantage of a vulnerable device to gain network access. Definition
-
differential power analysis (DPA)
A differential power analysis (DPA) attack is an exploit based on analysing the correlation between the electricity usage of a chip in a smart card and the encryption key it contains. Definition
-
voluntary botnet
A voluntary botnet is a distributed network of computers whose processing power is harnessed to carry out a political or socially-motivated denial of service (DoS) attack. Definition
-
TDL-4 (TDSS or Alureon)
TDL-4 is sophisticated malware that facilitates the creation and maintenance of a botnet. The program is the fourth generation of the TDL malware, which was itself based on an earlier malicious program known as TDSS or Alureon. Definition
-
differential power analysis (DPA)2
A differential power analysis (DPA) attack is an exploit based on analysing the correlation between the electricity usage of a chip in a smart card and the encryption key it contains. Definition
-
privilege escalation attack
A privilege escalation attack is a type of network intrusion that takes advantage of programming errors or design flaws to grant the attacker elevated access to the network and its associated data and applications. Definition
-
Pwn2Own
Pwn2Own is an annual hacking competition sponsored by security vendor TippingPoint and held at the CanSecWest security conference. Definition
-
alternate data stream (ADS)
An alternate data stream (ADS) is a feature of Windows New Technology File System (NTFS) that contains metadata for locating a specific file by author or title. Definition
-
zero-day exploit
A zero-day exploit is one that takes advantage of a security vulnerability on the same day that the vulnerability becomes generally known...(Continued) Definition
- See more Definitions on Hacker Tools and Techniques: Underground Sites and Hacking Groups
-
Cyberthreat landscape plagued by automated attacks, Gartner says
Gartner VP Richard Hunter reviews the enterprise cyberthreat landscape and explains why automated attacks will only make a bad situation worse. Podcast
-
Bruce Schneier: China cyberwar rhetoric risks dangerous implications
Video: Bruce Schneier explains why ongoing China cyberwar rhetoric evokes the wrong responses and may damage personal privacy, and ultimately freedom. Video
-
Peter Kuper on hacktivism, the evolution of hacking and mobile threats
In-Q-Tel's Peter Kuper discusses hacktivists’ desire for attention, and how the growing use of mobile devices is driving the evolution of hacking. Video
-
Screencast: How to use GHDB to identify security holes, Googledorks
In this screencast, Mike McLaughlin uses the Google Hacking Database (GHDB) to identify Googledorks and other security vulnerabilities. Video
-
Ira Winker: Does recent hacktivism news justify enterprise hacktivism defense?
Information security expert Ira Winkler discusses hacktivism news, in the wake of Anonymous and LulzSec, and justifies why enterprise hacktivism defense isn't needed. Video
-
Antimalware Deployments: Architecting for Effectiveness
In this expert webcast, you’ll learn how to effectively architect antimalware solutions. You’ll learn what your architectural options are for mobile devices, the perimeter and cloud and what the pros and cons are for each layer of your antimalware ar... Mediacast
-
NSA’s Sager on cyberwarfare, likelihood of ‘digital Pearl Harbor’
The NSA’s Tony Sager discusses the likelihood of ‘digital Pearl Harbor’ and how to prepare for cyberattacks by cost-effectively disrupting attackers. Video
-
Cluley on Operation Aurora, information security attacks
In this video, Graham Cluley, a Security Consultant with Sophos Plc., discusses Operation Aurora and whether information security attacks are becoming more sopisticated. Video
-
The future of hacking: Dealing with the underground economy
How is the underground economy evolving, and what can security practitioners do to anticipate and respond to future threats? In this Face-off video, Hugh Thompson and Adam Shostack discuss the best options. Video
-
Paypal account security: CISO on ways to prevent phishing
Paypal has become known as one of the top organizations when it comes to fighting phishing, mostly because its been a target of so many phishing scams. In this interview, Paypal CISO Michael Barrett describes how his organization approaches the phish... Video
- See more Multimedia on Hacker Tools and Techniques: Underground Sites and Hacking Groups
-
cold boot attack
A cold boot attack is a process for obtaining unauthorized access to encryption keys stored in the dynamic random access memory (DRAM) chips of a computer system. Definition
-
Black Hat 2013 opens with testy keynote, smart device hacks
After a contentious opening keynote by NSA Director Gen. Keith Alexander, day one of Black Hat 2013 showed smart device hacks, severe SCADA issues. News
-
Cyberthreat landscape plagued by automated attacks, Gartner says
Gartner VP Richard Hunter reviews the enterprise cyberthreat landscape and explains why automated attacks will only make a bad situation worse. Podcast
-
Exploit kits evolved: How to defend against the latest attack toolkits
Expert Nick Lewis details how automated exploit kits are evolving and offers mitigations for the latest methods employed by these attack toolkits. Tip
-
After lull, PLA 'Comment Crew' hasn't changed cyber-espionage tactics
The Chinese government's alleged cyber-espionage arm remains active after a quiet period, using the same tactics revealed in Mandiant's APT1 report. News
-
The Red October malware campaign uncovered: What enterprises can learn
Expert Nick Lewis details the recently uncovered Red October malware campaign, plus the new and existing controls needed to thwart cyberespionage. Tip
-
Symantec 2013 Threat Report highlights rise in SMB attacks
Big Yellow's annual report indicates a threefold rise in targeted attacks against SMBs as attackers search beyond big firms for susceptible targets. News
-
Bruce Schneier: China cyberwar rhetoric risks dangerous implications
Video: Bruce Schneier explains why ongoing China cyberwar rhetoric evokes the wrong responses and may damage personal privacy, and ultimately freedom. Video
-
'Internet underground' fight demands better cybersecurity intelligence
Former U.S. national security advisor Greg Rattray believes better cybersecurity intelligence is needed to combat a growing "Internet underground." News
-
Cyberwar calls for software and system investment, not hacking back
Hacking back isn't the way to win the cyberwar. Gary McGraw says building software and systems with fewer vulnerabilities is stronger protection. Tip
- See more All on Hacker Tools and Techniques: Underground Sites and Hacking Groups
About Hacker Tools and Techniques: Underground Sites and Hacking Groups
Hackers are constantly working to update their attack tools, techniques and methods to find new ways to break into databases, networks and PCs. Track their progress and the work of cybercrime investigators with hacking groups, hacker sites and the hacker underground.