Information Security

Defending the digital infrastructure

In This Issue

iSTOCK/GETTY IMAGES

Evaluate

Beyond the Page: Cyberthreats

This February 2014 Information Security magazine supplement takes a deeper look into cyberthreats and examines advanced threat techniques including watering hole attacks and sophisticated spear phishing.

Johannes B. Ullrich

This February 2014 Information Security magazine (ISM) supplement goes Beyond the Pages of ISM to take a deeper look into cyberthreats and examines advanced threat techniques including watering hole attacks and sophisticated spear phishing.

Information Security feature: Cyberthreats: Know thy enemy in 2014
“Defending a network has never been harder,” says Johannes B. Ullrich, dean of research at the SANS Technology Institute and the Internet Storm Center. In this feature, Ullrich examines the advanced threat techniques to watch out for this year.

Beyond the Page is a multimedia supplement to Information Security magazine. This concise package of material -- feature article, webcast and practical technical tip from our experts and contributors -- provides security pros and decision makers the in-depth information they need for implementation, management or troubleshooting.

Video: New, sophisticated attacks evade detection
Enterprises must protect themselves from sophisticated attacks that can escape notice by host-based detection systems and steal millions. Ullrich shows you how.

Technical Tip: Improving security with DMARC email authentication
Johannes B. Ullrich demonstrates how domain-based messaging authentication, reporting and conformance, or DMARC, can enhance your email security.

About the Contributor
Johannes B. Ullrich, Ph.D., GIAC, GCIA and GWEB, is the dean of research at the SANS Technology Institute and head researcher at its Internet Storm Center. Follow him on twitter @johullrich.

Article 1 of 8Next Article

This was last published in February 2014

Dig Deeper on Emerging cyberattacks and threats

All
News
Get Started
Evaluate
Manage
Problem Solve

Start the conversation

Send me notifications when other members comment.

Get More Information Security

Access to all of our back issues View All

E-Zine | May 2002

Special report: Cyber menace
E-Zine | Apr 2002

Password pain relief
E-Zine | Mar 2002

Smart cards: Will security help the U.S. get on track with the rest of the world?
E-Zine | Feb 2002

Network forensics analysis: The future of real-time monitoring?

E-Zine | Dec 2003

Celebrating the best information security processes, people, policy and products
E-Zine | Nov 2003

Comeback kid: Sanjay Kumar on Computer Associates' security strategy
E-Zine | Oct 2003

Chain of command: Inside Prudential's security management program
E-Zine | Sep 2003

Women of vision: How 25 leaders are shaping the industry's future

E-Zine | Dec 2004

Products of the year 2004: Only the best win
E-Zine | Nov 2004

Delivering SSO: Postal Service simplifies passwords
E-Zine | Oct 2004

Help! Evaluating AV solutions and tech support
E-Zine | Sep 2004

Mission critical: Securing the critical national infrastructure

E-Zine | Dec 2005

Top forensics tools for tracking down cybercriminals
E-Zine | Nov 2005

Comparing five of the top network-based inline IPS appliances
E-Zine | Oct 2005

Security 7 Award winners unmasked
E-Zine | Sep 2005

What's the best IT security advice you've ever received?

E-Zine | Dec 2006

What's your biggest information security concern?
E-Zine | Nov 2006

Symantec 2.0: Evaluating their recent acquisitions
E-Zine | Oct 2006

Security 7 Award winners: Simply the best
E-Zine | Sep 2006

The power of SIMs for visibility and compliance

E-Zine | Jan 2008

Reflections on the impact of Sarbanes-Oxley
E-Zine | Nov 2007

Comparing seven top integrated endpoint security suites
E-Zine | Oct 2007

Tips from the 2007 Security 7 Awards
E-Zine | Sep 2007

How to dig out rootkits

E-Zine | Nov 2008

Security researchers on biometrics, insider threats, encryption and virtualization
E-Zine | Oct 2008

Security 7 Award winners sound off on key information security issues
E-Zine | Sep 2008

Lessons learned from good and bad NAC implementations
E-Zine | Aug 2008

Everything you need to know about today's information security trends

E-Zine | Dec 2009

Step-by-step guide to avoiding basic database security risks
E-Zine | Nov 2009

How to implement a change management that works and reduces security risks
E-Zine | Oct 2009

Winners of Information Security magazine's Security 7 Award
E-Zine | Sep 2009

2009 Security Readers' Choice Awards

E-Zine | Dec 2010

Inside the Data Accountability and Trust Act and what it means for security
E-Zine | Nov 2010

Meeting cloud computing compliance mandates
E-Zine | Oct 2010

Security 7 Award winners and the latest on effective security awareness
E-Zine | Sep 2010

2010 Security Readers' Choice Awards

E-Zine | Dec 2011

An insider look at the Windows Vista security review
E-Zine | Nov 2011

Effectively navigating the security risk assessment process
E-Zine | Oct 2011

Spotlight on top security trends of 2011 and Security 7 award winners
E-Zine | Sep 2011

The top 2011 security products: Information Security Readers' Choice Awards

E-Zine | Nov 2012

Market for vulnerability information grows
E-Zine | Oct 2012

Seven Outstanding Security Pros in 2012
E-Zine | Oct 2012

Security Readers' Choice Awards 2012: Your picks for the best security products
E-Zine | Sep 2012

Setting up for BYOD success with enterprise mobile management and mobile application security

E-Zine | Dec 2013

2013 Security 7 award winners revealed
E-Zine | Nov 2013

Virtualization security dynamics get old, changes ahead
E-Zine | Oct 2013

Insider edition: Layering mobile security for greater control
E-Zine | Oct 2013

Security Readers' Choice Awards 2013

E-Zine | Dec 2014

2014 Security 7 Award Winners
E-Zine | Nov 2014

Security Readers' Choice Awards 2014
E-Zine | Oct 2014

Devices, data and how enterprise mobile management reconciles the two
E-Zine | Oct 2014

Continuous monitoring program demystified

E-Zine | Oct 2015

Emerging security threats from every which way
E-Zine | Sep 2015

Five ways CIOs build hybrid cloud security
E-Zine | Aug 2015

Is third-party vendor management the next IAM frontier?
E-Zine | Jul 2015

Insider Edition: Advanced security monitoring scrubs networks clean

E-Zine | Dec 2016

Dedicated CISO job still open to debate
E-Zine | Nov 2016

Insider Edition: Improved threat detection and incident response
E-Zine | Oct 2016

Identity of things moves beyond manufacturing
E-Zine | Sep 2016

Cloud governance model still behind services

E-Zine | Dec 2017

Will it last? The marriage between UBA tools and SIEM
E-Zine | Nov 2017

Next-gen SOC: What's on your automation roadmap?
E-Zine | Oct 2017

What does a CISO do now? It's a changing, increasingly vital role
E-Zine | Oct 2017

Growing data protection risks and how to manage them

E-Zine | Dec 2018

Allure of the threat hunter draws companies large and small
E-Zine | Oct 2018

User behavior analytics tackles cloud, hybrid environments
E-Zine | Aug 2018

Security data scientists on how to make your data useful
E-Zine | Jun 2018

CISOs face the IoT security risks of stranger things

E-Zine | May 2019

Conquering cloud security threats with awareness and tools
E-Zine | Feb 2019

CISOs build cybersecurity business case amid attack onslaught

-ADS BY GOOGLE

SearchCloudSecurity

Top 4 strategies for cloud security automation

Automating security in the cloud can be invaluable for threat detection and mitigation. These are the key focal areas where ...
Another Amazon S3 leak exposes Attunity data, credentials

UpGuard security researchers found publicly exposed Amazon S3 buckets from data management firm Attunity, which included company ...
AWS, customers tackle cloud misconfigurations and data exposures

AWS re:Inforce, the cloud provider's inaugural security conference, addressed the problems of misconfigurations and data ...

SearchNetworking

BGP tutorial: How the routing protocol works

Border Gateway Protocol is the complex routing protocol that literally makes the internet work. This tutorial walks you through ...
Cisco's acquisition of Acacia bolsters service provider offerings

Cisco plans to buy Acacia for $2.6 billion. Cisco's acquisition will make it a direct supplier of optical interconnects for the ...
How cloud network services affect transformation and security

In this roundup of networking blogs, experts dive into three facets of networking that cloud can affect: network transformation, ...

SearchCIO

Facebook's Libra project -- why enterprises should prepare

Facebook's foray into cryptocurrency is setting off alarm bells in government and finance circles. The question is how could the ...
Ransomware attacks: How to get the upper hand

Ransomware attacks are on the rise. Can organizations play like Radiohead and refuse to pay? The answer from security experts is ...
Amid pivot to the cloud, a change management plan builds support

A comprehensive change management plan was critical to the success of SoulCycle's big shift to the cloud. Read how IT coached ...

SearchEnterpriseDesktop

Despite Windows 10 issues, customers remain confident in OS

The issues surrounding the latest Windows 10 OS update have affected some users to the point of annoyance, while others remain ...
How to take advantage of 3 features in Windows 1903 update

Windows Autopilot, reserved storage and SetupDiag are three new features in Windows 10. Here's how IT admins can use them for ...
5 Windows 10 shortcuts for desktop administrators

Admins who manage Windows 10 desktops are often overwhelmed with tedium. Here are five keyboard shortcuts for Windows 10 that can...

SearchCloudComputing

Why the PaaS market failed to live up to the hype

PaaS' days as a stand-alone tech may be numbered as the cloud layer gets absorbed by IaaS platforms from AWS and others. See what...
Linode GPU instances offer accelerated computing power

Linode's GPU instances are built on Nvidia's Quadro RTX 6000 GPU cards, designed to power high-performance applications and use ...
7 key characteristics of cloud computing

Companies rely on the cloud for modern app development. Learn the key features that differentiate cloud computing from ...

ComputerWeekly.com

NCSC calls out Microsoft over Dmarc reports

The UK’s cyber security agency has called out Microsoft for seriously undermining global email security by failing to provide ...
Cambridge Cognition CTO on applying server monitoring principles to suicide prevention

Cambridge Cognition CTO, Ricky Dolphin, discusses why it pays to think outside the box when trying to find technological answers ...
Digital safety skills initiative launched against cyber crime

Security industry partners have launched an initiative aimed at raising individuals’ digital safety skills to enable them to ...

Close