Security Management Strategies for the CIO
Email Alerts
-
Help! Evaluating AV solutions and tech support
We tested AV solutions from 5 vendors and their tech support. Find out who answered the call. Also in this issue, read features on spyware threats, prosecuting hackers and self-defending networks. E-Zine
-
Weight lifter: Appliances that lighten your security load
"All-in-one" security appliances offering similar features can be surprisingly different under the hood. To better understand the capabilities of these security gateways, Information Security compared six appliances designed for midsized compa... E-Zine
-
Apple security update: Is it ready for the enterprise?
It’s hard to declare Apple security as superior to its competitors, but it’s also hard to fault it as inferior. Feature
-
Botnet takedowns: A dramatic defense
The infections and cyberattacks that botnets are used to launch remain hard-to-detect malware threats that have moved beyond PCs to mobile devices. Feature
-
Antivirus evasion techniques show ease in avoiding antivirus detection
In the wake of the New York Times attack, a look at antivirus evasion techniques show how easy it is to avoid antivirus detection and why new defenses are needed. Feature
-
Developing a defense-in-depth strategy for malware defense
New Security School lesson: Expert Lenny Zeltser outlines today's malware landscape and the key principles of a successful antimalware program. Security School
-
Developing a strategy for malware defense
In this Security School lesson, expert Lenny Zeltser provides a picture of the state of the malware landscape as it pertains to SMBs, as well as a run down of the most common types of malware. He explains how malware works, what it can do and what ma... partOfGuideSeries
-
Information security book excerpts and reviews
Visit the Information Security Bookshelf for book reviews and free chapter downloads. Information Security Book
-
Secure VoIP tutorial: Understanding VoIP security best practices
More organizations are choosing to implement VoIP telephony in the enterprise for its cost savings. However, securing the technology comes with its own price tag. This secure VoIP tutorial is a compilation of resources that review VoIP security best ... Learning Guide
-
Black Hat conference 2010: News, podcasts and videos
Get updates on the latest happenings at the Black Hat 2010 conference with breaking news stories, and exclusive video and podcasts. Conference Coverage
-
Mini guide: How to remove and prevent Trojans, malware and spyware
Organizations need to learn how to implement proper protections and understand best practices for malware defense in order to keep their network environments secure. In this mini guide you will learn how to prevent, remove and stop types of malware i... Learning Guide
-
Black Hat conference coverage 2009: News, podcasts and videos
The SearchSecurity.com team is live at the 2009 Black Hat conference. Look here for the latest headlines, interviews, podcasts and videos from Caesars Palace in Las Vegas. Special News Coverage
- See more Essential Knowledge on Malware, Viruses, Trojans and Spyware
-
FortiGuard Labs sees fast rise of mobile malware in 2013
FortiGuard Labs reports a 30% increase in mobile malware so far in 2013, and cautions ransomware is also making an appearance on mobile devices. News | 07 Aug 2013
-
Black Hat 2013 keynote: Alexander details NSA surveillance programs
In his keynote at Black Hat 2013, Gen. Keith Alexander said NSA surveillance programs have strict oversight, despite many inaccurate media reports. News | 01 Aug 2013
-
RSA warns about 'KINS' banking Trojan
RSA is warning that a new banking Trojan, 'KINS,' with architectural similarities to previous Trojans, may start hitting PCs soon. News | 24 Jul 2013
-
Malwarebytes: Maneuver around 'FBI ransomware' on Macs
Jerome Segura of Malwarebytes explains how to get around 'FBI ransomware' computer locking. News | 22 Jul 2013
-
Damballa: Security vendor partnerships of growing importance
Damballa executives say partnerships among security point product vendors are increasingly important, and will ultimately benefit enterprises. News | 09 Jul 2013
-
Microsoft offers 'fix' for latest Internet Explorer zero day
Microsoft released a temporary fix to mitigate attacks using the most recent Internet Explorer 8 zero day vulnerability. News | 09 May 2013
-
Verizon DBIR 2013: Damage caused by simple attacks, slow detection
Verizon's 2013 breach report shows most breaches are caused by a select few attack types, and the majority of breaches aren't detected for months. News | 22 Apr 2013
-
Malware hits businesses 20 to 60 times an hour, say researchers
Advanced cyber attacks hit businesses 20 times an hour on average, say researchers at security firm FireEye News | 04 Apr 2013
-
RSA 2013 crowd awed by live 'sinkholing' in P2P botnet takeover
Tillmann Werner of CrowdStrike wowed onlookers with a live 'sinkholing' demonstration, taking down the Kelihos P2P botnet. News | 04 Mar 2013
-
Spear phishing, manpower drive Chinese APTs, says researcher at RSA 2013
Chinese cyberattacks rely on spear phishing and overwhelming numbers, not sophisticated attack methods, says a researcher at RSA Conference 2013. News | 27 Feb 2013
- See more News on Malware, Viruses, Trojans and Spyware
-
Understanding logic bomb attacks: Examples and countermeasures
In light of the attacks on South Korean organizations, expert Nick Lewis defines logic bomb attacks and offers other examples and countermeasures. Tip
-
Exploit kits evolved: How to defend against the latest attack toolkits
Expert Nick Lewis details how automated exploit kits are evolving and offers mitigations for the latest methods employed by these attack toolkits. Tip
-
Choosing among antimalware products: Final considerations
Mike Rothman discusses important last-minute considerations when choosing among antimalware products from finalist antimalware vendors. Tip
-
Technical considerations for selecting the best antimalware technology
Mike Rothman discusses the evolution of malware and how today's antimalware products should handle detection and remediation. Tip
-
Antimalware software introduction: Business benefits and drawbacks
Mike Rothman discusses how antimalware software has evolved to develop various business and technology issues, but also still holds many benefits. Tip
-
The Red October malware campaign uncovered: What enterprises can learn
Expert Nick Lewis details the recently uncovered Red October malware campaign, plus the new and existing controls needed to thwart cyberespionage. Tip
-
Improving enterprise email security: Systems and tips
Enterprise email security has become more vital than ever due to increased attacks and threats. This tip details systems that can improve protection. Tip
-
Flame malware analysis: How to defend against fraudulent certificates
Security expert Nick Lewis analyzes Flame malware, plus gives tips for dealing with Flame's most unique function: its use of fraudulent certificates. Tip
-
Surviving cyberwar: Preparing for APTs, Stuxnet malware-style attacks
Surviving cyberwar is now a priority for enterprises, with more Stuxnet malware-style attacks sure to come. Expert Nick Lewis has a defensive primer. Tip
-
Reassessing Mac enterprise security in face of Flashback malware
Expert Nick Lewis discusses how Mac enterprise security must evolve to combat the rising Mac malware tide, spearheaded by the Flashback malware. Tip
- See more Tips on Malware, Viruses, Trojans and Spyware
-
Disable autorun to prevent autorun malware infections
Expert Nick Lewis explains how disabling autorun prevents malware from affecting users. Answer
-
How to protect data from ransomware malware
It can be difficult to recover data that is encrypted by ransomware malware -- unless you have expert Nick Lewis' recommendations in place. Answer
-
How to detect malware with changing file sizes
Malware authors change the size of malware files to avoid detection by antivirus software. Learn how to detect this malware from expert Nick Lewis. Answer
-
Recommended tools for remote access Trojan detection
Expert Brad Casey suggests tools that can detect remote access Trojans, or RATs, like FAKEM. Answer
-
Measuring the risk posed by sophisticated malware evasion techniques
Learn about the evolving nature of malware evasion techniques. Security expert Nick Lewis determines whether anti-malware tools should detect them. Answer
-
Utilize the Blacksheep technique for rootkit detection, cleanup
Is the Blacksheep technique a legitimate enterprise option for rootkit detection and cleanup? Expert Nick Lewis discusses. Answer
-
The Narilam malware: How to protect SQL databases, corporate records
Expert Nick Lewis explains how the Narilam malware infects SQL databases and destroys corporate records, and offers advice on mitigation. Answer
-
The updated Makadocs malware: How to protect users locally
Security expert Nick Lewis details how the updated Makadocs malware uses Google Docs as a command and control server and offers mitigations for users. AtE
-
How to use RAT security flaws to turn the table on attackers
Nick Lewis discusses how to learn from RAT security flaws not only for defense, but also to find out more about attackers via offensive security. Answer
-
MiniFlame malware: Assessing the threat to enterprises
Expert Nick Lewis analyzes miniFlame, the plug-in for the Flame malware, to determine how it operates and whether enterprises should be concerned. Answer
- See more Expert Advice on Malware, Viruses, Trojans and Spyware
-
Shamoon
Shamoon, also called W32.Disttrack, is a computer virus that has been used for cyber espionage, particularly in the energy sector. Definition
-
attack vector
An attack vector is a path or means by which a hacker (or cracker) can gain access to a computer or network server in order to deliver a payload or malicious outcome. Definition
-
Zeus Trojan (Zbot)
Zeus, also known as Zbot, is a malware toolkit that allows a cybercriminal to build his own Trojan Horse. A Trojan Horse is programming that appears to be legitimate but actually hides an attack. Definition
-
memory-scraping malware
Memory-scraping malware is a type of malware that helps hackers to find personal data. It examines memory to search for sensitive data that is not available through other processes. Definition
-
botnet (zombie army)
A zombie army (also known as a botnet) is a number of Internet computers that, although their owners are unaware of it, have been set up to forward spam or viruses to other computers on the Internet... (Continued) Definition
-
Tilded platform
The Tilded platform is a malicious software communicator specifically designed as a vessel for transmitting malware undetected. Definition
-
Duqu (W32.Duqu)
Duqu is a remote access Trojan (RAT) that is designed to steal data from computers it infects. Definition
-
TDL-4 (TDSS or Alureon)
TDL-4 is sophisticated malware that facilitates the creation and maintenance of a botnet. The program is the fourth generation of the TDL malware, which was itself based on an earlier malicious program known as TDSS or Alureon. Definition
-
barnacle
In a computer, a barnacle is unwanted programming, such as adware or spyware, that is downloaded and installed along with a user-requested program. Definition
-
malvertisement (malicious advertisement or malvertising)
A malvertisement (malicious advertisement) is an advertisement on the Internet that delivers a malicious payload. Definition
- See more Definitions on Malware, Viruses, Trojans and Spyware
-
Why advanced malware detection is key to cut through 'network noise'
Video: Wolfgang Kandek, CTO at Qualys, discusses the need for advanced malware detection as true enterprise threats are being lost in "network noise." Video
-
Mobile malware and social malware: Nipping new threats in the bud
Learn mobile and social media malware prevention tactics as contributor Lisa Phifer analyzes the malware risks of social media and mobile devices. Video
-
With Spyeye, Zeus variants, cybercriminals up the ante
They have long plagued the financial industry, but the latest Spyeye/Zeus variants are a serious and complicated threat, says Dell SecureWorks. Video
-
Brian Contos on detecting rootkits with hardware-based security
Hardware-based security tools can help security teams detect rootkits that are used by attackers to hide malware below the operating system. Video
-
Antimalware Deployments: Architecting for Effectiveness
In this expert webcast, you’ll learn how to effectively architect antimalware solutions. You’ll learn what your architectural options are for mobile devices, the perimeter and cloud and what the pros and cons are for each layer of your antimalware ar... Mediacast
-
Black Hat 2011: Malware threats, attack vectors and data sharing
Rodrigo Branco talks about vulnerabilities, malware sophistication and whether the move to cloud-based services will change the way cybercriminals work. Video
-
Web 2.0 tutorial: Security awareness for Web 2.0 attacks
Robert "Rsnake" Hansen discusses Web 2.0 attacks that pose serious security risks to enterprises and their security landscape. Video
-
Data breaches, spear phishing and application defense
Bit9 CTO Harry Sverdlove, the former principal research scientist at McAfee Inc., talks about the latest spate of data breaches and the lessons that can be gleaned from them. Podcast
-
Microsoft's Scott Charney on fighting botnets, rogue antimalware
In the final segment of SearchSecurity.com's exclusive RSA Conference 2011 video interview with Scott Charney, Microsoft's Corporate VP of Trustworthy Computing, he discusses a variety of concerns on the enterprise threat landscape. Video
-
Stuxnet malware analysis video with expert Bruce Schneier
In this RSA Conference 2011 interview, Michael Mimoso, Editorial Director of the Security Media Group at TechTarget interviews Bruce Schneier, Chief Security Technology Officer of BT Group discusses Stuxnet malware analysis. Video
- See more Multimedia on Malware, Viruses, Trojans and Spyware
-
FortiGuard Labs sees fast rise of mobile malware in 2013
FortiGuard Labs reports a 30% increase in mobile malware so far in 2013, and cautions ransomware is also making an appearance on mobile devices. News
-
Black Hat 2013 keynote: Alexander details NSA surveillance programs
In his keynote at Black Hat 2013, Gen. Keith Alexander said NSA surveillance programs have strict oversight, despite many inaccurate media reports. News
-
Disable autorun to prevent autorun malware infections
Expert Nick Lewis explains how disabling autorun prevents malware from affecting users. Answer
-
How to protect data from ransomware malware
It can be difficult to recover data that is encrypted by ransomware malware -- unless you have expert Nick Lewis' recommendations in place. Answer
-
RSA warns about 'KINS' banking Trojan
RSA is warning that a new banking Trojan, 'KINS,' with architectural similarities to previous Trojans, may start hitting PCs soon. News
-
How to detect malware with changing file sizes
Malware authors change the size of malware files to avoid detection by antivirus software. Learn how to detect this malware from expert Nick Lewis. Answer
-
Malwarebytes: Maneuver around 'FBI ransomware' on Macs
Jerome Segura of Malwarebytes explains how to get around 'FBI ransomware' computer locking. News
-
Damballa: Security vendor partnerships of growing importance
Damballa executives say partnerships among security point product vendors are increasingly important, and will ultimately benefit enterprises. News
-
Recommended tools for remote access Trojan detection
Expert Brad Casey suggests tools that can detect remote access Trojans, or RATs, like FAKEM. Answer
-
Understanding logic bomb attacks: Examples and countermeasures
In light of the attacks on South Korean organizations, expert Nick Lewis defines logic bomb attacks and offers other examples and countermeasures. Tip
- See more All on Malware, Viruses, Trojans and Spyware
About Malware, Viruses, Trojans and Spyware
Get tips and tricks on how to remove and detect malware, viruses, worms, Trojan, rootkits, spyware and adware. Experts also offer advice detection and prevention software, including antivirus and antispam.