Ex-NSA contractor hoarded two decades’ worth of secrets

The former National Security Agency contractor suspected of stealing U.S. hacking tools allegedly was found hoarding two decades’ worth of classified materials. In a Thursday court filing, federal investigators provided new details on their case against 51-year-old Harold Martin, who was arrested in late August. Investigators have seized 50 terabytes of information from Martin, in…

RASP rings in a new Java application security paradigm

Runtime Application Self Protection (RASP) is a next-generation cyber security technology designed to redress some of the weak points of application security. Unlike firewalls or code analysis, runtime-based technologies contain application data and contextual awareness, enabling them to be both precise and preemptive. In this article I introduce RASP. I’ll briefly compare RASP to other…

From Chasing Alerts to Hunting Threats: What Makes an Effective SOC is Evolving

Whether you call it a SOC, a CSOC, a Cyber Defense Center, or something else, security operation centers have the same fundamental mission – to help organizations detect, analyze, respond to, report on, and prevent cyber security incidents. But what it takes to do that effectively has changed in this ever-evolving threat landscape, putting an…

Sarvdap Spambot Checks IP Blacklists

The Sarvdap spambot was recently observed checking the IP addresses of infected hosts against common blacklists, in an attempt to ensure that its spam email is successfully delivered, Palo Alto Networks security researchers reveal. While other spambots typically start sending spam emails as soon as a host has been infected, Sarvdap first checks to see…

“Dirty COW” Linux Kernel Exploit Seen in the Wild

A new Linux kernel vulnerability disclosed on Wednesday allows an unprivileged local attacker to escalate their privileges on a targeted system. Red Hat said it was aware of an exploit in the wild. The vulnerability, discovered by Phil Oester, was sarcastically dubbed by some people “Dirty COW” due to the fact that it’s caused by…

Why Poor Cyber Hygiene Invites Risk

Organizations around the world are implementing mobility, cloud computing, the Internet of Things (IoT), business intelligence, and social media technologies at breakneck speeds in order to remain competitive and relevant in today’s digital economy. However, with the rapid implementation of these technologies, new weak spots are emerging for attackers to exploit. And those adversaries are…