Posts Tagged ‘attack detection’

Black Hat USA 2016: Intrusion Happens. Be Prepared.: Last year, cybersecurity experts at Black Hat USA revealed how to hack cars, rifles, and nuclear plants. What hacks will be announced at Black Hat 2016 next week? Attend the conference to find out and visit LightCyber booth #1559 while you’re there. Here’s a preview of what we’re planning for the show. Lock Down Your…
2016 Cyber Weapons Report: Looking for Attackers in All the Wrong Places: What tools do attackers use? The 2016 Cyber Weapons Report seeks to address this question by analyzing real-world attacks and other anomalous activity in organizations’ networks. This report focuses on the actions that occur after an initial intrusion, including command and control, reconnaissance, lateral movement, and data exfiltration. The Cyber Weapons Report reveals that organizations…
Behaviors For Enterprise Security Visibility: Consumers are easy victims when it comes to free utilities to enhance the performance of their computers. Maybe it’s because Windows PCs become sluggish after months of use, or maybe it’s because consumers want the best performance. No matter what the reason, PC cleaners or PC optimization tools should only be installed from reputable sources. In an enterprise environment, however, only IT approved tools should be installed.
Behavioral Attack Detection Beats Traditional Anti-Virus Solutions: In 2015, a security analyst at a manufacturing company noticed that the anti-virus engines on many of the company’s laptops were out of date even though software had been configured to update automatically. Once the anti-virus software downloaded new virus definition files, the software detected malware on seven laptops. The security analyst, with the assistance of the company’s IT team, quickly reimaged the infected laptops. The security analyst was not surprised that the anti-virus software had found malware, since zero-day and custom malware can easily evade end point protection tools with out-of-date virus definition files. Since anti-virus depends on current signatures, the laptops were easy targets for malware when the virus definition files failed to update.
Automated Endpoint Data Investigation: Web browsers and toolbars can be important tools to increase employee productivity. They are commonly downloaded from various sites without much thought about any security implications. Recently, LightCyber Magna detected a change in behavior of one workstation, having already established a profile of normal activity for this device and its peers. More specifically, using automated endpoint data investigation, Magna detected a large number of failed DNS requests along with what appeared as seemingly random DNS requests from the workstation. Here’s what happened next…