attackers

Results 151 - 175 of 188Sort Results By: Published Date | Title | Company Name
By: Preempt     Published Date: Nov 02, 2018
Attackers and malware are increasingly relying on a common set of tools to compromise identities and spread within a network. Tools like Mimikatz accompanied with common administrator tools like PsExec and WMI have become a standard part of an attacker’s arsenal to turn a single machine compromise into a full network breach. In this webinar we will take a look at why some of these tools are traditionally difficult to control, and introduce new countermeasures that let you fight back. In this webinar we will cover: - An analysis of recent malware and attacks and the tools they used to spread through the network. - A closer look at the underlying protocols supporting these tools, and the traditional challenges to controlling them. - Introduce new controls that allow organizations to control NTLM in real-time, block pass-the-hash techniques, and adaptively control the use of NTLM in the network. - How to gain visibility into PsExec, WMI, and RPC in general and how to create controls t
Tags : 
     Preempt
By: Proofpoint     Published Date: Jun 22, 2017
Human targeted attacks continued to lead the pack in 2016. Attackers’ used automation and personalisation to increase the volume and click-through rates of their campaigns. Taking a page from the B2B e-marketer’s playbook, cyber criminals are adopting marketing best practices and sending their campaigns on Tuesdays and Thursdays when click-through rates are higher. Meanwhile, BEC and credential phishing attacks targeted the human factor directly--no technical exploits needed. Instead, they used social engineering to persuade victims into sending money, sensitive information and account credentials. Timing is everything—attackers know that hitting your employees with a well-crafted email at the just the right time produces the best results. Of course, this varies by region. So if you are responsible for worldwide SecOps, you need visibility into not only attack patterns but also when and which employees tend to click.
Tags : security solutions, ransomware, security technologies, protection technologies, malicious email, it security, server protection
     Proofpoint
By: Qualys     Published Date: Jul 20, 2012
Welcome to Web Application Security For Dummies! Web applications have become the Achilles heel of IT security. Web application vulnerabilities are now the most prevalent at more than 55 per cent of all server vulnerability disclosures. This figure doesn't include vulnerabilities in custom-developed web applications, so it may be just the tip of the iceberg. This book is all about understanding how to quickly find and fix vulnerabilities in web applications. The goal is to prevent attackers from gaining control over the application and obtaining easy access to the server, database, and other back-end IT resources.
Tags : technology, security, vulnerabilities, internet, virus, solutions, vulnerability management, web application
     Qualys
By: Qualys     Published Date: Jan 11, 2017
With attackers using increasingly-sophisticated ways to break into systems, manual methods of locating and inspecting devices on your network are no longer enough. The right Vulnerability Management (VM) solution can monitor your environment, enabling you to: discover devices running in your network, determine whether they are vulnerable to attack, find fixes to the underlying problems, and protect yourself while those fixes are being implemented
Tags : information security, it compliance, it audit, it security, network security, web application security, application security
     Qualys
By: Qualys     Published Date: Jan 11, 2017
With attackers getting more sophisticated every day, manual methods of locating and testing web-based apps are no longer enough. The right Web Application Scanning (WAS) solution can help you systematically: discover web apps running in your network, determine whether or not they are vulnerable to attack, understand how to fix them, and protect your business while fixes are being implemented
Tags : information security, it compliance, it audit, it security, network security, web application security, application security
     Qualys
By: SAS     Published Date: Aug 03, 2016
A paradigm shift is underway in the cybersecurity industry. Cybersecurity professionals are moving from a focus on attacker prevention to attacker detection. Preventing the “bad guys” from getting in is still important, but cyber adversaries are increasingly able to bypass even the most sophisticated network defenses. Once inside, it is more important than ever to find these attackers fast, before their activities get buried in the daily volume and pulse of network communications. This is where security analytics holds promise. Security analytics provides the necessary and timely visibility into normal and abnormal network behavior. This visibility enables devices and entities acting suspiciously to be quickly identified and investigated.
Tags : cyber security, security, best practices, attacker prevention, paradigm shift, security analytics, technology
     SAS
By: Schneider Electric     Published Date: Oct 17, 2016
This paper describes key security aspects of developing and operating digital, cloud-based remote monitoring platforms that keep data private and infrastructure systems secure from attackers.
Tags : 
     Schneider Electric
By: Schneider Electric     Published Date: Feb 17, 2017
This paper describes key security aspects of developing and operating digital, cloud-based remote monitoring platforms that keep data private and infrastructure systems secure from attackers. This knowledge of how these platforms should be developed and deployed is helpful when evaluating the merits of remote monitoring vendors and their solutions.
Tags : cyber security, energy efficiency, power and cooling systems, mean time to recovery, mttr, data privacy, cloud-based platforms, digital remote monitoring
     Schneider Electric
By: Shape Security     Published Date: Sep 12, 2019
A Big 5 Canadian bank had been suffering from automated attacks on its web and mobile login applications for months. Bad actors were performing credential stuffing attacks on all possible channels. Not only were the attacks leading to account takeover fraud losses, but the sheer volume of attacks also put significant strain on the bank’s infrastructure. After months of playing cat-and-mouse with the attackers, the bank decided to seek out a sophisticated solution and approached Shape. In this case study, learn how Shape’s Enterprise Defense service and Threat Intelligence team were able to successfully defend against these attacks.
Tags : 
     Shape Security
By: Shape Security     Published Date: Sep 12, 2019
A Top 3 US Telecom Provider needed to secure its mobile accounts from credential stuffing attackers targeting them to commit various fraud schemes, including: Upgrade theft Two-factor authentication bypass Virtual calling When account takeovers became so common that the telecom provider received negative press about the situation, the company knew it needed to find a solution immediately. Download this case study to learn how the company was able to stop credential stuffing with Shape Enterprise Defense.
Tags : 
     Shape Security
By: Sophos     Published Date: Mar 30, 2017
Many papers on the topic of advanced persistent threats (APTs) begin with ominous references to the changing threat landscape and stories of how highly sophisticated cyber attacks are becoming more prevalent. That can be misleading. The majority of attacks today still use many techniques that have been around for years—social engineering, phishing emails, backdoor exploits and drive-by downloads, to name the biggest ones. Such attacks are neither advanced nor particularly sophisticated when broken down into their individual components and often rely on the weakest link in any organization—the user. However, the way in which hackers use combinations of techniques and the persistent behavior of the attackers is something that does set APTs apart from other attempts to compromise security. This paper is designed to give you an overview of the common characteristics of APTs, how they typically work, and what kind of protection is available to help reduce the risk of an attack.
Tags : network security, firewall, data security, antivirus protection, email protection, virtual security, web protection, wireless protection
     Sophos
By: Symantec     Published Date: Jan 04, 2012
This paper highlights how attackers distribute malwale and how cybercriminals have developed attack techniques.
Tags : ssl, ssl certificates, internet infrastructure services, trust services, extended validation, two-factor authentication, identity protection, ddos mitigation
     Symantec
By: Symantec     Published Date: Apr 09, 2012
New attacks are threatening to expand the potential for attackers to compromise enterprise servers and the critical data on them. These problems are solved by proper use of Extended Validation (EV) SSL certificates for authentication.
Tags : ssl, ssl certificates, internet infrastructure services, trust services, extended validation, two-factor authentication, identity protection, ddos mitigation
     Symantec
By: Symantec     Published Date: Jan 10, 2013
The recent release of the Firesheep Wi-Fi attack tool has increased awareness among both users and attackers of the inherent insecurity of unprotected HTTP connections. This white paper is about protecting users from Firesheep and other attacks.
Tags : firesheep, sidejacking attacks, ssl, unprotected networks, symantec, http connections, security, data management
     Symantec
By: Symantec     Published Date: Oct 07, 2014
The rising intensity and sophisticated nature of cyber-attacks has created a precarious environment for businesses charged with protecting their customers’ personal data. In 2012, credit card and debit card fraud resulted in losses amounting to $11.27 billion. In January 2014 alone, a single cyber-attack exposed more than 105 million identities. To steal this data, one option is to target the point at which a retailer first acquires that card data – the Point-of-Sale (PoS) system. PoS systems are increasingly being targeted by these attackers, which is why it's more important than ever to protect these devices and the systems they are connected to. Read more into the research on these attacks in this Symantec Security Response special report.
Tags : point of sale systems, cyber-attacks, precarious environment, fraud, personal data, pos, security response, security
     Symantec
By: Symantec     Published Date: Oct 07, 2014
An ongoing cyberespionage campaign against a range of targets, mainly in the energy sector, gave attackers the ability to mount sabotage operations against their victims. The attackers, known to Symantec as Dragonfly, managed to compromise a number of strategically important organizations for spying purposes and, if they had used the sabotage capabilities open to them, could have caused damage or disruption to energy supplies in affected countries. Read more into the research on these attacks in this Symantec Security Response special report.
Tags : cyberespionage attacks, range of targets, security, spying, damage or disruption
     Symantec
By: Symantec     Published Date: Dec 04, 2014
The recent release of the Firesheep Wi-Fi attack tool has increased awareness among both users and attackers of the inherent insecurity of unprotected HTTP connections.
Tags : ssl, http, firesheep, side-jacking, wi-fi attacks, tls, user protection, security
     Symantec
By: Symantec     Published Date: Sep 14, 2015
In the running battle with cyberthreats, your first line of defense is your IT staff: the system and network administrators, SOC and NOC operators, incident response and forensics analysts, and application development and QA teams. Are these IT professionals ready to take on an ever-growing army of innovative, persistent cybercriminals and hackers? Probably not, if you expect them to acquire the knowledge and skills they need through self-directed study and on-the-job training. There is too much to learn, and few members of the IT staff have the time to research every new threat. And you can’t afford to suffer through APTs, breaches and data leakages just to provide “teachable moments” for IT personnel. There is another solution. Security simulation immerses IT professionals in a realistic online environment and challenges them to fill the roles of cyberattackers and cyberdefenders. It borrows from education theory and online gaming to present knowledge in ways that motivate learning a
Tags : on-the-job training, it professionals, cyber security services, security programs, security
     Symantec
By: Symantec     Published Date: Dec 13, 2017
By 2021, cyber attacks are expected to cause $6 trillion in damages worldwide. To combat, spending is predicted to hit $1 trillion between 2017 and 2021. Attackers benefit from an infinite amount of time and tactics at their disposal, as they work to get around the typical static network and endpoint defenses organizations put in place. Deception can complement endpoint and network defenses, adding dynamic security mechanisms that can be customized for every environment to take the attacker’s advantage away. While endpoint and network security protects you from being compromised, deception mitigates the effects of a compromise by detecting it early and identifying the attacker intent which helps coordinate a faster and better response. Read this white paper to find out more.
Tags : deception, endpoint, network, security, protection, breach, attack, symantec
     Symantec
By: Symantec     Published Date: Dec 13, 2017
Security teams face sophisticated attacks that ‘hide in plain sight’ and often dwell in customer environments as long as 190 days1. And attackers increasingly employ stealthy techniques to move freely within a customer environment like using stolen credentials to masquerade as legitimate users. There has been a marginal decline in zero-day discoveries and an increase in ‘living off the land’ tactics that don’t rely on the traditional combination of vulnerabilities followed by malware. These tactics are more difficult to detect since they make use of legitimate tools.
Tags : security, software, detection, network
     Symantec
By: Symantec Corporation     Published Date: Oct 03, 2013
The recent release of the Firesheep Wi-Fi attack tool has increased awareness among both users and attackers of the inherent insecurity of unprotected HTTP connections. Users on unprotected networks who connect to websites through plain HTTP connections expose their connections to those sites to open surveillance and full compromise.
Tags : symantec, security, threat, report, key findings, best practice, strategy, technology
     Symantec Corporation
By: Symantec Corporation     Published Date: Oct 03, 2013
Advances in attacks on network security over the last few years have led to many high-profile compromises of enterprise networks and breaches of data security. A new attack is threatening to expand the potential for attackers to compromise enterprise servers and the critical data on them. Solutions are available, and they will require action by company officers and administrators. “SSLStrip” and related attacks were among the highlights of the July 2009 Black Hat show in Las Vegas. Researcher Moxie Marlinspike combined a number of discrete problems, not all related to SSL, to create a credible scenario in which users attempting to work with secure websites were instead sent to malicious fake sites.
Tags : symantec, security, threat, report, key findings, best practice, strategy, technology
     Symantec Corporation
By: Tenable     Published Date: Feb 05, 2018
"This IDC Technology Spotlight examines the evolution of vulnerability management. By leveraging the cloud and new technologies that deliver greater visibility, organizations can gain an accurate picture of their assets and overall risk posture. This is a critical step toward addressing the current landscape where attackers are using a wide variety of vectors such as mobile, social, and cloud-based attacks to infiltrate organizations and steal data. By reading this report you will get an overview of: - Benefits of cloud-based security and vulnerability management - Challenges of adopting cloud-based vulnerability management - IDC assessment of Tenable.io cloud vulnerability management"
Tags : vulnerability management, analyst report, idc
     Tenable
By: Tenable     Published Date: Feb 07, 2018
"This IDC Technology Spotlight examines the evolution of vulnerability management. By leveraging the cloud and new technologies that deliver greater visibility, organizations can gain an accurate picture of their assets and overall risk posture. This is a critical step toward addressing the current landscape where attackers are using a wide variety of vectors such as mobile, social, and cloud-based attacks to infiltrate organizations and steal data. By reading this report you will get an overview of: - Benefits of cloud-based security and vulnerability management - Challenges of adopting cloud-based vulnerability management - IDC assessment of Tenable.io cloud vulnerability management"
Tags : 
     Tenable
By: Third Brigade     Published Date: Aug 21, 2009
Healthcare organizations are being targeted by financially motivated attackers that steal and sell valuable data, including identities and computing resources. This white paper defines the new threat, and outlines three important steps that providers can take to protect their critical systems.
Tags : hipaa, hipaa compliance, network security, network security appliance, security management, intrusion prevention, intrusion detection, hacker detection
     Third Brigade
Start   Previous    1 2 3 4 5 6 7 8    Next    End
Search White Papers      

Add White Papers

Get your white papers featured in the insideHPC White Paper Library contact: Kevin@insideHPC.com