Cyber tools sniffs malware on network traffic

New cyber tool learns network behavior to sniff out malware

Researchers from Georgia Tech demonstrate a prototype tool, ExecScent, that learns a network's normal traffic patterns to spot the command and control traffic from infected hosts. In live tests it identified dozens of new C&C domains and discovered hundreds of infected computers.

Email leaking out of briefcase

Secure email services went dark because email is 'broken'

Silent Circle's decision to shut down its encrypted email service is the latest in a number of responses to the NSA's surveillance of sensitive communications.

IPv6 router in the crosshairs

Easy-to-use attack exploits IPv6 traffic on IPv4 networks

Setting up a rogue IPv6 router on an IPv4 network gives attackers access to the host's Internet traffic, one more reason to enable IPv6 rather than waiting for an attacker to do it for you.

privguard

Privilege Guard watches those who watch over the network

The product extends privilege management to admins, giving them enough control to do their jobs but restricting them to authorized tasks.

cracked phone

Phun with Phones: 3 ways to phreak Android, iOS

The convergence of computing and mobile telephony has made smartphones the new frontier of cybersecurity, with a host of new vulnerability research presented at this year’s Black Hat Briefings.

comfoo

Reverse engineering reveals inner workings of Comfoo Trojan

Researchers at Dell SecureWorks were able to monitor the command and control system of the persistent RAT, which was used in the 2010 RSA breach that also compromised DOD contractors and is still in wide use.

Ants on a jar of honey

Industrial control 'honeypots' show systems are under attack

Recent research by Trend Micro shows ICS networks are frequently attacked -- and not by accident.

Savannah

Energy lab's wireless system secure enough for classified data

The Savannah River National Lab’s prototype hardware, designed in collaboration with NSA, uses Suite B cryptography for a system that could be adapted for other uses.

Gen. Keith Alexander

NSA's Alexander to Black Hats: Trust us, we need you

Gen. Keith Alexander traveled to the "technical center of gravity" instead of appearing before Congress to plead his case that surveillance programs are targeted, limited and under control.

QRadar

IBM adds vulnerability tool to security arsenal

IBM says its QRadar Vulnerability Manager (QVM) provides security managers a single view of vulnerability data aggregated from network, endpoint, database and application scanners.

encryption

After XKeyscore, is encryption the next big thing?

The latest reports on the NSA's surveillance could raise awareness on a practice that is regularly recommended but frequently ignored.

GPS spoofing

Yacht hijacking shows the potential power of GPS spoofing

Last year, a University of Texas professor's team took control of a drone in flight. This year, it was a super yacht on the Ionian Sea. But they’re also evaluating ways to prevent spoofing.

Topic Resources

  • Update on Assessment & Authorization (A&A) Processes for Cross Domain Solutions

    As introduced in our latest certification and accreditation (C&A) basics webcast (“Navigating Certification & Accreditation – A Primer) C&A terminology is transitioning to assessment and authorization (A&A). See the associated white paper “From C&A to A&A – The RMF Shoe Has Dropped.” Continuing the transition discussion, Raytheon Cyber Products and Steve Welke are pleased to present a webcast updating the latest information on A&A processes for cross domain, multilevel security solutions. Join Steve Welke, an A&A industry expert, as he discusses the A&A principles, requirements and processes.

  • Increase Data Security through Your Print Solution

    You’ve consolidated your desktops with virtualization and moved your data to the cloud. What else can you do to obtain additional costs savings and increase security while keeping your network flexible? Connect print and digital information from across your organization with the people who need it, exactly when they need it. Join this webcast to learn how security software and printing solutions work together to eliminate extraneous printers at multiple sensitivity levels, allowing organizations to recognize significant savings from reduced hardware, space, power, support and supplies.

  • IBM i2 National Security and Defense Intelligence Demo

    In this video IBM Product Manager James Vincent presents an overview and demo of IBM® i2® National Security and Defense Intelligence—a cost effective information exploitation solution that provides data acquisition, multi-faceted intelligence analysis and multi-agency and partner collaboration features.

  • All About Self-Encrypting Drives

    With data security risks on the rise, an influx of government mandates and regulations for securing data have been implemented and are becoming the norm. Eliminating exposure of private data is now simply viewed as a mandatory and sound business practice. To avoid the high costs associated with these types of data compromises, organizations must put in place a comprehensive security strategy. Read this whitepaper to learn how self-encryption is achieving this initiative.

  • The Rising Threat of Enterprise Cybercrime

    Cybercriminals are leveraging vulnerabilities of the Internet, browsers, operating systems, and applications to secretly and proficiently gain access to information assets. Compromising employee endpoints with malware has become the preferred method; a far simpler path into the network than a direct network attack. Agencies need to recognize and address this growing danger.