Tom Cross Tom Cross RSS Feed

Director of Security Research

Tom is a recognized expert on Internet Security, having been a leader at IBM X-Force Research for many years, technical editor of the X-Force Trend Report, and speaker at numerous security conferences around the world including Blackhat Briefings and FIRST.

Insider Threats Part 1 – Who Is Attacking Your Network?

In a recent survey conducted by Lancope, the insider threat was a major concern for respondents, with 40 percent citing it as a top risk to their organization. But what do people really mean when they say 'insider threat'? Who are the insiders attacking your network? READ MORE

Identifying Past Heartbleed Attacks with the StealthWatch System

One of the concerns that has been raised about the Heartbleed vulnerability is that it was introduced into the OpenSSL code base several years ago, and it’s possible that some attackers were aware of it and launching attacks before it was publicly disclosed this week. This post explains how to use the Lancope StealthWatch System to identify flows associated with Heartbleed attacks. READ MORE

OpenSSL Vulnerability: Whose Hearts Should Be Bleeding?

Monday night marked the disclosure of the biggest software vulnerability so far this year, known as the “Heartbleed” bug, which affects the OpenSSL cryptographic software library. So who should be concerned about this vulnerability? In short, everyone. READ MORE

Was your network targeted by the Snake?

Information is coming out about Uroburos and we can expect its operators to scale back its use and abandon command and control points that they have been using to operate it. However, if you’ve been collecting netflow on your network, you can cross reference the IOCs from the BAE Systems report against your environment to see if you were communicating with these command and control points in the past. If you were, we suggest handling the matter with a high degree of care. READ MORE

Closing the Cyber Security Threat Intelligence Gap

American corporations want to compete with each other based on the value of the products and services they are offering. When it comes to cyber security – we should be working together. READ MORE