Information Security

Defending the digital infrastructure

In This Issue

iSTOCK/GETTY IMAGES

Evaluate

Beyond the Page: Cyberthreats

This February 2014 Information Security magazine supplement takes a deeper look into cyberthreats and examines advanced threat techniques including watering hole attacks and sophisticated spear phishing.

By

Johannes B. Ullrich

This February 2014 Information Security magazine (ISM) supplement goes Beyond the Pages of ISM to take a deeper look into cyberthreats and examines advanced threat techniques including watering hole attacks and sophisticated spear phishing.

Information Security feature: Cyberthreats: Know thy enemy in 2014
“Defending a network has never been harder,” says Johannes B. Ullrich, dean of research at the SANS Technology Institute and the Internet Storm Center. In this feature, Ullrich examines the advanced threat techniques to watch out for this year.

Beyond the Page is a multimedia supplement to Information Security magazine. This concise package of material -- feature article, webcast and practical technical tip from our experts and contributors -- provides security pros and decision makers the in-depth information they need for implementation, management or troubleshooting.

Video: New, sophisticated attacks evade detection
Enterprises must protect themselves from sophisticated attacks that can escape notice by host-based detection systems and steal millions. Ullrich shows you how.

Technical Tip: Improving security with DMARC email authentication
Johannes B. Ullrich demonstrates how domain-based messaging authentication, reporting and conformance, or DMARC, can enhance your email security.

About the Contributor
Johannes B. Ullrich, Ph.D., GIAC, GCIA and GWEB, is the dean of research at the SANS Technology Institute and head researcher at its Internet Storm Center. Follow him on twitter @johullrich.

Article 1 of 8Next Article

This was last published in February 2014

Dig Deeper on Emerging cyberattacks and threats

Start the conversation

Send me notifications when other members comment.

Get More Information Security

Access to all of our back issues View All

E-Zine | May 2002

Special report: Cyber menace
E-Zine | Apr 2002

Password pain relief
E-Zine | Mar 2002

Smart cards: Will security help the U.S. get on track with the rest of the world?
E-Zine | Feb 2002

Network forensics analysis: The future of real-time monitoring?

E-Zine | Dec 2003

Celebrating the best information security processes, people, policy and products
E-Zine | Nov 2003

Comeback kid: Sanjay Kumar on Computer Associates' security strategy
E-Zine | Oct 2003

Chain of command: Inside Prudential's security management program
E-Zine | Sep 2003

Women of vision: How 25 leaders are shaping the industry's future

E-Zine | Dec 2004

Products of the year 2004: Only the best win
E-Zine | Nov 2004

Delivering SSO: Postal Service simplifies passwords
E-Zine | Oct 2004

Help! Evaluating AV solutions and tech support
E-Zine | Sep 2004

Mission critical: Securing the critical national infrastructure

E-Zine | Dec 2005

Top forensics tools for tracking down cybercriminals
E-Zine | Nov 2005

Comparing five of the top network-based inline IPS appliances
E-Zine | Oct 2005

Security 7 Award winners unmasked
E-Zine | Sep 2005

What's the best IT security advice you've ever received?

E-Zine | Dec 2006

What's your biggest information security concern?
E-Zine | Nov 2006

Symantec 2.0: Evaluating their recent acquisitions
E-Zine | Oct 2006

Security 7 Award winners: Simply the best
E-Zine | Sep 2006

The power of SIMs for visibility and compliance

E-Zine | Jan 2008

Reflections on the impact of Sarbanes-Oxley
E-Zine | Nov 2007

Comparing seven top integrated endpoint security suites
E-Zine | Oct 2007

Tips from the 2007 Security 7 Awards
E-Zine | Sep 2007

How to dig out rootkits

E-Zine | Nov 2008

Security researchers on biometrics, insider threats, encryption and virtualization
E-Zine | Oct 2008

Security 7 Award winners sound off on key information security issues
E-Zine | Sep 2008

Lessons learned from good and bad NAC implementations
E-Zine | Aug 2008

Everything you need to know about today's information security trends

E-Zine | Dec 2009

Step-by-step guide to avoiding basic database security risks
E-Zine | Nov 2009

How to implement a change management that works and reduces security risks
E-Zine | Oct 2009

Winners of Information Security magazine's Security 7 Award
E-Zine | Sep 2009

2009 Security Readers' Choice Awards

E-Zine | Dec 2010

Inside the Data Accountability and Trust Act and what it means for security
E-Zine | Nov 2010

Meeting cloud computing compliance mandates
E-Zine | Oct 2010

Security 7 Award winners and the latest on effective security awareness
E-Zine | Sep 2010

2010 Security Readers' Choice Awards

E-Zine | Dec 2011

An insider look at the Windows Vista security review
E-Zine | Nov 2011

Effectively navigating the security risk assessment process
E-Zine | Oct 2011

Spotlight on top security trends of 2011 and Security 7 award winners
E-Zine | Sep 2011

The top 2011 security products: Information Security Readers' Choice Awards

E-Zine | Nov 2012

Market for vulnerability information grows
E-Zine | Oct 2012

Seven Outstanding Security Pros in 2012
E-Zine | Oct 2012

Security Readers' Choice Awards 2012: Your picks for the best security products
E-Zine | Sep 2012

Setting up for BYOD success with enterprise mobile management and mobile application security

E-Zine | Dec 2013

2013 Security 7 award winners revealed
E-Zine | Nov 2013

Virtualization security dynamics get old, changes ahead
E-Zine | Oct 2013

Insider edition: Layering mobile security for greater control
E-Zine | Oct 2013

Security Readers' Choice Awards 2013

E-Zine | Dec 2014

2014 Security 7 Award Winners
E-Zine | Nov 2014

Security Readers' Choice Awards 2014
E-Zine | Oct 2014

Devices, data and how enterprise mobile management reconciles the two
E-Zine | Oct 2014

Continuous monitoring program demystified

E-Zine | Oct 2015

Emerging security threats from every which way
E-Zine | Sep 2015

Five ways CIOs build hybrid cloud security
E-Zine | Aug 2015

Is third-party vendor management the next IAM frontier?
E-Zine | Jul 2015

Insider Edition: Advanced security monitoring scrubs networks clean

E-Zine | Dec 2016

Dedicated CISO job still open to debate
E-Zine | Nov 2016

Insider Edition: Improved threat detection and incident response
E-Zine | Oct 2016

Identity of things moves beyond manufacturing
E-Zine | Sep 2016

Cloud governance model still behind services

E-Zine | Dec 2017

Will it last? The marriage between UBA tools and SIEM
E-Zine | Nov 2017

Next-gen SOC: What's on your automation roadmap?
E-Zine | Oct 2017

What does a CISO do now? It's a changing, increasingly vital role
E-Zine | Oct 2017

Growing data protection risks and how to manage them

E-Zine | Dec 2018

Allure of the threat hunter draws companies large and small
E-Zine | Oct 2018

User behavior analytics tackles cloud, hybrid environments
E-Zine | Aug 2018

Security data scientists on how to make your data useful
E-Zine | Jun 2018

CISOs face the IoT security risks of stranger things

E-Zine | Nov 2019

AI threats, understaffed defenses and other cyber nightmares
E-Zine | Aug 2019

Managing identity and access well unlocks strong security
E-Zine | May 2019

Conquering cloud security threats with awareness and tools
E-Zine | Feb 2019

CISOs build cybersecurity business case amid attack onslaught

E-Zine | Feb 2020

Getting the most from cyberthreat intelligence services

-ADS BY GOOGLE

SearchCloudSecurity

Defining and evaluating SOC as a service

As cloud use increases, many enterprises outsource some security operations center functions. Evaluate if SOCaaS is the best ...
Get to know the elements of Secure Access Service Edge

Cloud services use cases continue to expand, but implementation challenges remain. Discover Secure Access Service Edge, or SASE, ...
Boost security with a multi-cloud workload placement process

IT must incorporate a multi-cloud workload placement process into its multi-cloud strategy in order to maintain or improve cloud ...

SearchNetworking

A deep dive into the differences between 5G and Wi-Fi 6

While the latest cellular and Wi-Fi technology generations -- 5G and Wi-Fi 6, respectively -- have been pitted against one ...
Maintaining network infrastructure in a pandemic and beyond

Network infrastructure that supports remote workers is essential today and will be far into the future. That includes VPN ...
DriveNets' disaggregated router tech wins innovation award

Networking startup DriveNets is bringing cloud principles to carrier networks with disaggregated router technology that could ...

SearchCIO

How IT can build an agile business partnership

Gene Kim, award-winning researcher, author and founder of IT Revolution, discusses why IT leaders need to involve their ...
Former Cisco CEO offers C-suite leadership tips in time of crisis

COVID-19 is forcing enterprises to make tough decisions. There is no one-size-fits-all roadmap, but those who've survived earlier...
COVID-19 radically refocuses CIO agendas in 4 key areas

As a result of the COVID-19 virus, CIOs must shift their priorities and now focus on the impact the pandemic has on the economy, ...

SearchEnterpriseDesktop

How to enable and troubleshoot fast startup in Windows 10

The fast startup feature on Windows desktops can add value, but IT must understand when it should and shouldn't enable this ...
4 negotiation tactics for success in a Microsoft software agreement

A Microsoft software agreement requires skill and knowledge. Use these four Microsoft negotiation tactics to get the best ...
3 Mac remote management software options for enterprise use

IT pros may be forced to manage remote macOS desktops, so they should understand the options they have for remote desktop ...

SearchCloudComputing

Explore the pros and cons of cloud computing

Familiarize yourself with the basics of computing in the cloud, how the market has changed over the years, and the advantages and...
How to protect and manage Azure Pipelines secrets with Key Vault

Follow along with this Azure Key Vault tutorial to securely manage passwords and other sensitive information in an Azure DevOps ...
7 Google Cloud database options to free up your IT team

Moving data to a cloud database is an effective way to optimize cost and performance for applications. Review seven of Google's ...

ComputerWeekly.com

Nigerian email attacks evolving into credible, dangerous threat

Palo Alto’s Unit 42 reports on Nigeria’s SilverTerrier cyber crime group, which is becoming a highly dangerous threat to ...
Nokia launches AI-based operations to help telcos enter the 5G era

Cognitive operations designed to help comms service providers transform their network, service and business operations through ...
Netherlands schools harness Apple technology

Most Dutch schools use Windows computers, interactive whiteboards and Chromebooks, but there are a number of pioneers who choose ...

Close