E3 – Hordes at the Gate – The Call of the Siren

“Don’t you think you are being a bit paranoid?” Greg asked Marty as the two exited the cafeteria.  “I mean, the DDOS attack was pretty severe. I think whoever was behind it accomplished their goal. Look at all the time and expense it took to control it. Not to mention the downtime, the annoyed customers,…

Read More

E3 – Hordes at the Gate – The Aftermath

Marty walked into the conference room and immediately sensed the buzz and tension.  He knew the debrief of the denial of service attack was going to be a long one but he didn’t anticipate this much friction.  The source of the stress wasn’t the actual attack or the mayhem that ensued to protect MagnaCorp from…

Read More

E3 – Hordes at the Gate – The Battle

The Hunter arrived on the wall of the fortress on the frontier out of breath. He had ridden through the night to get to the most active and dangerous part of the assault on the Kingdom’s walls. He leaned over the parapet and quickly surveyed the chaos below him. Within seconds an arrow whizzed past…

Read More

E3 – Hordes at the Gate – The Siege

The hulking figure dominating the corner of the crowded tavern was given a wide berth by the other patrons.  Even though the smoky room was packed with people, the table occupied by the massive man had plenty of space around it.  Several customers made obvious attempts not to trespass over the imaginary border circling the…

Read More

Fear Nothing: The Gamers Approach To Building a SOC

“You say the hill’s too steep to climb. Chiding! You say you’d like to see me try, Climbing! You pick the place and I’ll choose the time. And I’ll climb the hill in my own way” – from Fearless by Pink Floyd   Cliché alert! There is no silver bullet for security (I warned you).…

Read More

Four ways the financial industry could have fought Carbanak

It sounds like something out of a movie script — robbing a bank over the Internet — but that’s essentially what happened recently with the Carbanak malware. If you hadn’t heard about it, this was a campaign which ran over the course of 24 months and is believed to have netted thieves about US$1 billion.…

Read More

I’m sorry, I don’t speak security Klingon

“I’m just a soul whose intentions are good. Oh Lord, please don’t let me be misunderstood” From Don’t Let Me Be Misunderstood by The Animals Recently, I was speaking with a customer who told us their company’s top priority for the year was increasing their information security capabilities. Their biggest competitive advantage like many other…

Read More

Security Hipsters Meet The Mainstream

“Well, my boyfriend’s in a band, he plays guitar while I sing Lou Reed. I’ve got feathers in my hair, I get down to Beat poetry. And my jazz collection’s rare, I can play most anything. I’m a Brooklyn baby.” – from Brooklyn Baby by Lana Del Rey.   Whether we like it or not the…

Read More

RSA Rises to the Challenge of APTs

Recent news around APT attacks have underscored the critical importance of improving our techniques for rapidly detecting, analyzing and responding to APTs. To foster research in this area, Los Alamos National Lab (LANL) recently released an anonymized dataset of DNS activity collected from their internal servers over a two months window (February and March 2013), overlaid with traffic from 20 simulated APT attacks during the month of March. LANL also issued a public challenge to the cybersecurity community to “develop techniques for detecting malicious externaldomains given the DNS logs for a site and to identify potentially infected hosts in the process.”

Read More