Sponsored Content – Page 7 – WindowsTechs.com

Cybersecurity researchers identify new variants of APT34 malware

Posted on April 23, 2018 by CyberScoop Staff

Booz Allen’s Dark Labs Advanced Threat Hunt team has developed an advanced technique to discover and block new variants of malware that poses a threat to organizations worldwide. Using an open source indicator of compromise (IOC), the research team was able to identify three additional variants of malware associated with APT34, a group thought to be involved in nation-state cyber-espionage, according to a technical brief from Booz Allen. The report describes how the team used a combination of open-source reporting and “acquired sources of threat intelligence,” then combined this information with its own tools to perform deep analysis on known APT34 behaviors. “The life cycle of an openly reported IOC does not end when an operator deploys the indicator to a sensor, or a threat hunter checks their security information and event manager (SIEM),” said the report’s authors, Chad Gray and Will Farrell. “Merging the IOC with internal or external […]

The post Cybersecurity researchers identify new variants of APT34 malware appeared first on Cyberscoop.

Continue reading Cybersecurity researchers identify new variants of APT34 malware→

How to find and remove advanced persistent adware in your network

Posted on April 9, 2018 by CyberScoop Staff

A unique form of advanced persistent adware (APA) recently found by the Booz Allen Dark Labs’ Advanced Threat Hunt team is lurking on enterprise networks and can evade traditional forms of cyberdefenses. But a new report, published by the same team, offers methods to hunt and remove the adware in networks. The APA has been classified as an Advanced JavaScript-Based In-Memory Stage 1 Downloader because it is built on JavaScript, runs strictly in memory and functions as the downloader for the second stage of the APA’s attack. The adware is a previously known threat commonly used to inject advertisements into a user’s browser and covertly collect information about the user’s browsing activity. The first-stage loader could then be used to execute an arbitrary code easily repurposed for additional targeted attacks. The APA is unique because it leverages advanced techniques typically only seen in attacks attributed to nation-state advanced persistent threats. […]

The post How to find and remove advanced persistent adware in your network appeared first on Cyberscoop.

Continue reading How to find and remove advanced persistent adware in your network→

ADVANCED PERSISTENT ADWARE: ANALYSIS OF NATION-STATE LEVEL TACTICS

Posted on March 26, 2018 by cyber_admin

Abstract The Booz Allen Dark Labs’ Advanced Threat Hunt team discovered a unique form of adware lurking on networks that evades all traditional forms of cyber defense. The adware is a previously known threat that is commonly used to inject advertisements into a user’s browser and covertly collect information about the user’s browsing activity. This adware employs advanced techniques commonly seen in Nation-State-level APTs to evade detection, maintain persistence, and connect to Command and Control (C2) servers to initiate a stage 2 attack. Dark Labs Advance Hunt team identifies adware with Nation State APT behavior – evasion, persistence and C2 connection points The Booz Allen Dark Labs’ Advanced Threat Hunt team recently discovered a unique form of adware lurking on networks that evades all traditional forms of cyber defenses. The adware is a previously known threat that is commonly used to inject advertisements into a user’s browser and covertly collect information about […]

The post ADVANCED PERSISTENT ADWARE: ANALYSIS OF NATION-STATE LEVEL TACTICS appeared first on Cyberscoop.

Continue reading ADVANCED PERSISTENT ADWARE: ANALYSIS OF NATION-STATE LEVEL TACTICS→

Tech Brief: Put your mobile strategy to work for agency transformation

Posted on March 12, 2018 by CyberScoop Staff

There are more mobile devices than people in the world. Most likely, you and other federal employees are completely comfortable navigating life around a personal smartphone. More than three quarters of Americans do — using it for everything from reading to connecting with friends to tracking your health. So why are so many federal agencies still stuck in the PC era, and what’s keeping them from capitalizing on the inherent productivity gains that a mobile strategy can provide? What may be surprising: Your agency may already have the available mobility tools needed to boost workforce productivity, enhance mission outcomes and improve security, according to a new tech brief on mobile strategies in government. Mobile Myopia Too often in the federal workforce, “mobile” means remote access to work email and calendars — and stops there. Employees find themselves chained to their desks to perform tasks that they could do faster, more […]

The post Tech Brief: Put your mobile strategy to work for agency transformation appeared first on Cyberscoop.

Continue reading Tech Brief: Put your mobile strategy to work for agency transformation→

Tech Brief: Is your SOC ready for the next-generation threat?

Posted on March 9, 2018 by CyberScoop Staff

Just as hackers develop new offensive tools, tactics and procedures, agencies must constantly change their techniques to match today’s sophisticated threats. A “next-generation” Security Operations Center (SOC) lets defenders find these new threats while making networks harder to exploit and data more secure. While most organizations already have the tools for a next-generation SOC, a full transition will allow analysts to hone their skills so they become more effective and efficient, stopping threats faster than ever before. The hunt is on The primary goal of a next-generation SOC is to identify and respond to cyberthreats in rapid fashion – even the so-called “unknown-unknowns” that do not meet any predefined rules. Tools alone will not stop malicious actors, as they’ve continually learned to evade and adapt to the latest tech. With a transition to a next-generation SOC, these threats can be quickly discovered, allowing security analysts to find the unfindable, such […]

The post Tech Brief: Is your SOC ready for the next-generation threat? appeared first on Cyberscoop.

Continue reading Tech Brief: Is your SOC ready for the next-generation threat?→

Closing the gaps in federal endpoint security

Posted on February 27, 2018 by CyberScoop Staff

A new CyberScoop study shows government agencies are making varying progress implementing methods to secure mobile smartphones, tablets, sensors, wearables and other endpoint devices accessing their networks. However, the growing proliferation of devices accessing agency networks -including employees’ personal devices – is also increasing attack surface area for cyber threats. More than half of agency IT officials are concerned about network attacks from endpoint devices. And while 6 in 10 say securing government-issued mobile devices is a top concern over the next 12 to 18 months, many may be overlooking technologies they already have or own to address security concerns. This online survey, conducted by CyberScoop and underwritten by Samsung, provides a new snapshot of what matters most to federal IT and security leaders in securing endpoint devices accessing their networks — and where key gaps remain. The study surveyed qualified federal government information technology and cybersecurity officials who have […]

The post Closing the gaps in federal endpoint security appeared first on Cyberscoop.

Continue reading Closing the gaps in federal endpoint security→

How identity can control shadow IT

Posted on February 26, 2018 by CyberScoop Staff

Cloud has fundamentally changed the way that IT departments have to think. While enterprises use to look for monolithic software packages that threw usability to the wayside, employees now want consumer-focused solutions that solve specific business needs. Each of these applications come with their own identity and data management problems, which can lead to frustration among IT and security teams. It doesn’t have to be this way. By focusing on identity management, IT departments are able to solve for many of those concerns and actually simplify access to cloud applications, which makes them more secure. In the latest CyberScoop Radio podcast, Chris Niggel, Okta’s director of security and compliance talks about how identity management can be the catalyst to turn shadow IT into distributed IT. By implementing a strong tool, users can get their work done at any time from any place, while security teams can be confident their enterprise’s […]

The post How identity can control shadow IT appeared first on Cyberscoop.

Continue reading How identity can control shadow IT→

Information security in the DevOps age: Aligning conflicting imperatives

Posted on February 6, 2018 by CyberScoop Staff

DevOps is quickly becoming the default development methodology for government agencies. Forty-two percent of states are now adopting DevOps and another 37 percent of states have DevOps pilots underway, according to the latest survey of state CIOs from the National Association of State Chief Information Officers. The benefits of DevOps are undeniable, but the current model may be creating security blind spots in applications that could have ramifications for the entire enterprise. A new CyberScoop tech brief, sponsored by Tenable, explores how organizations can narrow the collaboration gaps between developers and information security professionals that can lead to costly enterprise security vulnerabilities. It also explains how a new generation of automated tests can quickly identify coding vulnerabilities in ways that jointly support the needs of DevOps and information security teams. The report delves into the increasing importance of software containers for DevOps team. Containers speed application development and deployment by providing […]

The post Information security in the DevOps age: Aligning conflicting imperatives appeared first on Cyberscoop.

Continue reading Information security in the DevOps age: Aligning conflicting imperatives→

Tech Brief: Leveraging your network to fortify cybersecurity

Posted on January 26, 2018 by CyberScoop Staff

Enterprise CIOs and CISOs face a constant barrage of challenges, often leaving them little choice but to rely on best-of-breed products to shore up their organization’s cybersecurity posture. In today’s fast-changing threat landscape, however, that can be a dangerous gamble. Whether you’re trying to modernize your IT, lower your operating costs or improve cybersecurity, how you build your network is often the determining factor in whether you succeed or fail. A new CyberScoop Tech Brief, sponsored by Cisco, explores how taking advantage of modern, sensor-aware servers, switches, routers and security devices not only enables a holistic cybersecurity strategy, but also lowers operating costs and improves performance. Realizing the potential modernization and cybersecurity improvements promised by the passage of the Modernizing Government Technology (MGT) Act calls for agencies and commercial enterprises alike to recognize that the key place to start is with the network. Strategically enabling the security features of existing […]

The post Tech Brief: Leveraging your network to fortify cybersecurity appeared first on Cyberscoop.

Continue reading Tech Brief: Leveraging your network to fortify cybersecurity→

Podcast: The case for zero-trust networks

Posted on January 26, 2018 by CyberScoop Staff

In the aftermath of the massive U.S. Office of Personnel Management data breach in 2015, then-Rep. Jason Chaffetz came out with recommendations that all government agencies adopt a “zero-trust” approach to cybersecurity. That concept was based on a model created by John Kindervag, a vice president and principal analyst at the time with Forrester Research, and now field chief technology officer at Palo Alto Networks. In a new CyberScoop podcast on next-generation security platforms, Kindervag explains what distinguishes zero-trust network security from other holistic security models and what enterprises and agencies can do to embrace it more fully to their networks. “The thing that distinguishes zero trust is we focus on the fundamental problem we have in cybersecurity today,” says Kindervag. The problem? The traditional trust model networks have relied upon is broken. “The trust model we have – that all users external to the network are untrusted and bad, […]

The post Podcast: The case for zero-trust networks appeared first on Cyberscoop.

Continue reading Podcast: The case for zero-trust networks→