1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Damballa warns that the enemy may already be in your network

Discussion in 'CSO' started by RSS, Nov 23, 2015.

  1. RSS

    RSS New Member Member

    There is an ongoing struggle in computer and network security. Every day security professionals diligently scan for vulnerabilities, deploy patches and updates, make sure antimalware defenses are up to date, and monitor firewall logs to keep a vigilant eye out for malicious or suspicious activity. It’s a noble fight to defend network resources and sensitive data from would-be attackers “out there”. Unfortunately, there’s a fair chance that the enemy is already in your network and most organizations are not equipped to detect or defend against those threats effectively.

    Researchers at Damballa have scrutinized the Destover malware used to wipe target machines in the Sony attack, as well as the related Shamoon malware used to destroy data in the 2012 Saudi Aramco attack. In both cases the goal of the malware was purely destructive, and in both cases the malware exploit seems to have been inside the network for an extended period of time before the actual attack was launched.

    To read this article in full or to leave a comment, please click here

    Continue reading...
     

Share This Page