StealthWatch Labs Blog
POSTED BY Tom Cross on 09.05.2014
In the last several installments of this blog post series, we spent some time talking about 1) the different types of insider threats, 2) how to combat each one, and 3) how network logs can play a vital role in thwarting all of the various insider threat actors. Below is a Top 10 List recapping...
CATEGORIES: 
POSTED BY Tom Cross on 08.21.2014
In Part 2 of this blog series, we discussed various security tools that can be used to detect and subvert the different classes of insider threats. While each type of insider threat requires different security measures, one technique that can help tremendously across the board is the monitoring of...
POSTED BY Tom Cross on 08.05.2014
Last year Edward Snowden revealed that the NSA is collecting the telephony metadata of millions of Americans. This revelation has sparked a debate about the power of metadata. Supporters of the program have attempted to reassure the public that their privacy is not being violated because the...
POSTED BY Tom Cross on 08.04.2014
Part 1 of this blog post series explained the various types of insider threats lurking on enterprise networks. Due to their variant characteristics, each type requires a separate set of security controls. In this post we outline the different defensive measures that can be put into place to address...
POSTED BY Tom Cross on 07.28.2014
In a recent survey conducted by Lancope , the insider threat was a major concern for respondents, with 40 percent citing it as a top risk to their organization. Recent news events such as the WikiLeaks disclosures have also brought the insider threat into focus. But what do people really mean when...
POSTED BY on 06.12.2014
Earlier this month, the U.S. Department of Justice issued a press release announcing a criminal complaint against “a leader of a tightly knit gang of cyber criminals based in Russia and Ukraine that is responsible for the development and operation of both the Gameover Zeus and CryptoLocker schemes...
POSTED BY John Pierce on 01.11.2013
Trouble At The Watering Hole For the last few years, the web browser has been the attack vector of choice. There are two main reasons for this. The first, is that the browser is our primary method for interacting with the virtual world. Banking, shopping, research, social media, business...
POSTED BY John Pierce on 01.04.2013
Dark Reading posted an interesting article yesterday about a new tool called Dementia created by Luka Milkovic. Dementia demonstrates an approach that could be used by malware to circumvent memory forensics tools. These forensic tools allow a malware analyst to export the contents of an infected...
CATEGORIES: 
POSTED BY Tom Cross on 12.19.2012
Today we’re launching two new Threat Scope maps at the StealthWatch Labs Intelligence Center ! One of the maps shows you where we’ve seen devices that are scanning the Internet. The other map shows sources of denial of service backscatter. Both of these maps are created using data from the...
POSTED BY Charles Herring on 11.19.2012
What is SQL Injection? South Carolina recently made the news as more than 3.6 million social security numbers were stolen from a public facing website. While it hasn’t been verified by SC officials, most information security experts believe the most likely method of data exfiltration in this case...

Pages