Informative

How costly is that typo?

Security products are essential for enterprises, vendors and end users to survive the current network environment. Ideally, which security products are to be deployed should depend on the costs and the benefits. While the cost can be easily quantified by the money spent or the deployment and management effort, how to assess the benefit of…

Disruptive Innovation

Innovation is a continual process, building upon the past to improve the future.  Often this means small, incremental steps that chip away at a larger problem.  Sometimes, by accident or design, those changes aren’t so small.  These massive changes are a disruptive innovation that can redefine what is possible. It used to be that the winner…

Reconnaissance: A Walkthrough of the “APT” Intelligence Gathering Process

Rotem Kerner of RSA Research has penned a short paper, Reconnaissance: A Walkthrough of the “APT” Intelligence Gathering Process.   It is first in a series that we will publish the follows The Cyber Kill Chain[i]. The Cyber Kill Chain model was developed by Lockheed Martin’s Computer Incident Response Team earlier in the decade.   It breaks…

From the Archives: Automation of Fraud – The Voxis Platform

During the recent months RSA  FirstWatch has identified a growing demand for tools to automate fraud related operations among the cybercriminals in their online communities and blackmarkets. Voxis is a fraudulent platform used by criminals to monetize stolen credit card credentials and increase their illicit revenues by automating fake transactions through multiple payment gateways. The FirstWatch…

Terracotta VPN: Enabler of Advanced Threat Anonymity

Today, RSA Research published an in-depth report on a commercial VPN network, originating in China, which we are calling “Terracotta”.  It is being used as a launch platform for APT actors including the now well-known Shell_Crew / Deep Panda group (which RSA exposed in a January 2014 report, http://www.emc.com/collateral/white-papers/h12756-wp-shell-crew.pdf ). Terracotta’s network of 1500+ VPN…

CARIS Workshop Summary and Reflection

The Internet Architecture Board (IAB) and the Internet Society (ISOC) hosted a day-long Coordinating Attack Response at Internet Scale (CARIS) workshop which took place last Friday in coordination with the Forum for Incident Response and Security Teams (FIRST) Conference in Berlin. The workshop included members of the FIRST community, attack response working group representatives (APWG,…