Antivirus

Security community tools help intruders

To many ordinary home users and businesses, security software is nothing more than having antivirus protection and or endpoint security software. However, for enterprises the situation is more complex.I expect adversaries will continue to leverage publicly released tools, often developed by penetration testers and security researchers, to compromise and control targets worldwide. This trend, publicized most…


To many ordinary home users and businesses, security software is nothing more than having antivirus protection and or endpoint security software. However, for enterprises the situation is more complex.

I expect adversaries will continue to leverage publicly released tools, often developed by penetration testers and security researchers, to compromise and control targets worldwide. 

This trend, publicized most effectively by Mandiant’s Andrew Thompson, turns standard defensive thinking upside down. Unfortunately, it is difficult for those who work on the offensive side of the security team to recognize that this is the case.

The mantra for the past decade has been to “make intrusions more costly for the adversary.” One of the costs an intruder used to have to consider was the development of tools and techniques to compromise and control targets. 

However, today the majority of intruders operate publicly released tools to accomplish their goals. This means that intruders can radically decrease their research and development costs, as that burden has already been borne by penetration testers and security researchers.

About the author

Richard Bejtlich is principal security strategist at Corelight.

Public offensive tool releases

The argument in support of public offensive tool release usually offered by penetration testers and security researchers is that they are simply recreating capabilities already known and perhaps utilized by top tier intrusion groups. 

By releasing new capabilities, the argument goes, defenders learn what is possible and can develop mitigations that work against penetration testers and actual adversaries. 

Their scenario plays out in the following manner:

  • An enterprise deploys assets in

Read More

Be the first to write a comment.

Leave a Reply

Antivirus

Malware turns Discord client into password stealer

Hackers have updated the AnarchyGrabber trojan to a new version which is capable of stealing passwords and user tokens, disabling 2FA and spreading malware to a victim’s friends as well.This is the second update the trojan has received this year as it was also updated back in April to modify Discord client files in order…

Hackers have updated the AnarchyGrabber trojan to a new version which is capable of stealing passwords and user tokens, disabling 2FA and spreading malware to a victim’s friends as well.

This is the second update the trojan has received this year as it was also updated back in April to modify Discord client files in order to evade detection by antivirus software and steal user accounts every time someone logs into the popular chat service. 

Discord who claim it is a game cheat, hacking tool or copyrighted software. Instead it modifies the Discord client’s JavaScript files to turn it into malware that can steal a victim’s Discord user token which is then used by an attacker to log into the popular chat service as the victim.

  • Fake Discord software could steal your account, infe

Read More

Continue Reading
Antivirus

Windows 10 May 2020 Update’s best new feature will help keep your PC secure

Windows 10 May 2020 Update is imminent, and it’s shaping up to be a fantastic upgrade that brings numerous new features to Windows 10, but perhaps its best addition is a new security tool that will help prevent unwanted or malicious apps installing themselves on your PC.The Windows 10 May 2020 Update adds the new…

Windows 10 May 2020 Update is imminent, and it’s shaping up to be a fantastic upgrade that brings numerous new features to Windows 10, but perhaps its best addition is a new security tool that will help prevent unwanted or malicious apps installing themselves on your PC.

The Windows 10 May 2020 Update adds the new tool to Windows Defender, the built-in security app in Windows 10. It’s called Reputation-based Protection, and it will allow users to block unwanted applications that are bundled in with genuine app installers from installing.

  • Windows 10 May 2020 Update release date accidentally revealed by Microsoft
  • How to work smarter from home with Windows 10
  • We solve 100 common Windows 10 problems

antivirus software.

Hopefully the Windows 10 May 2020 Update will be made available to Windows 10 users soon, as May is quickly drawing to a close.

95 Amazon customer reviews

Microsoft Windows 10 Pro…
Newegg
Windows 10 Home – Spanish -…
Best Buy
Recommended Retailer
Microsoft Windows 10 Home…
HP (US)
Microsoft Windows 10 Home,…
Adorama
Show More Deals
  • These are the best laptops of 2020

Via Techdows

Read More

Continue Reading
Antivirus

Cybersecurity: What is it? – TechRadar

The rise of the Internet-connected world over the past few decades has brought numerous benefits. But that connectedness can also pose a threat. Hackers routinely take advantage of connected devices to wreak havoc, steal valuable information, or even hold entire companies and governments hostage for a ransom.Keeping the digital world safe as the number of…

The rise of the Internet-connected world over the past few decades has brought numerous benefits. But that connectedness can also pose a threat. Hackers routinely take advantage of connected devices to wreak havoc, steal valuable information, or even hold entire companies and governments hostage for a ransom.

Keeping the digital world safe as the number of devices continues to grow means countering these digital threats through cybersecurity. In this guide, we’ll explain what cybersecurity is and why it’s important, as well as highlight the different types of cybersecurity and cyberthreats.

What is cybersecurity? 

Broadly defined, cybersecurity is the set of practices and tools that individuals, IT staff, and governments use to keep information and devices safe from attackers. Ultimately, the goal of cybersecurity is to ensure the integrity, confidentiality, and availability of digital information. Files must be accessible to authorized users on demand, but must remain inaccessible to anyone else.

There is no single practice or piece of software that makes up a cybersecurity strategy. Rather, cybersecurity involves a multi-layered deployment of passive and active digital security tools along with constant monitoring for new online threats. For example, a business’s computer network may be simultaneously protected by antivirus software, an authentication system for limiting access, and a team of IT professionals that constantly monitor the network. Having strong cybersecurity means being able to not only stop known malware and other online attacks but also detect novel viruses and hacking efforts and prevent them from succeeding. 

In addition, protecting devices and networks from malicious actors requ

Read More

Continue Reading
Antivirus

IT Security: What is it?

The first self-propagating computer worm was created in 1989, computer viruses appeared in the 1990s, and by the late 2000s, cybercriminals were targeting credit cards. For decades, security teams have been battling to keep computer networks and end-users safe from cyber threats, but for many, the term IT security can still be a little confusing. IT…

The first self-propagating computer worm was created in 1989, computer viruses appeared in the 1990s, and by the late 2000s, cybercriminals were targeting credit cards. For decades, security teams have been battling to keep computer networks and end-users safe from cyber threats, but for many, the term IT security can still be a little confusing. 

IT security defined 

In our hyper-connected, online world, the phrase IT security is often used interchangeably with cybersecurity and information security (infosec).

While there are similarities and occasions where one term can be used in place of the other, there are also marked differences between them. The first step to understanding what IT security is and why it’s important is to recognize these differences.

Cybersecurity measures protect digital data from third-party attacks by cybercriminals via the internet.

Infosec, at a base level, is the protection of both physical and electronic data, but the term is often expanded to cover other security concerns too. For example, infosec can also be used to describe the measures a company might take to protect its legal and financial interests by ensuring compliance with data protection laws, such as the EU’s General Data Protection Regulation (GDPR). 

IT security incorporates both cybersecurity and infosec but refers specifically to the protection of digital data and the security maintenance of the computer systems and networks that store it. 

The term IT security covers internal and external threats and is commonly used to describe the strategies deployed to safeguard digital data from attack at every point of an organization’s IT infrastructure, from company databases to end-user email accounts

Read More

Continue Reading