We hear a lot about security orchestration, automation, and response. It will help us with our security skills gap. It will improve our operational efficiency, thus reducing mean time to detect and respond to incidents. It will give us more time for threat hunting. But how much is really being automated? In sponsorship with ServiceNow, […]
This post comes to you from Lamar Spells of http://foxtrot7security.blogspot.com/. ==================== As more companies fall victim to hacks based on SQL Injection and as the regulatory environment becomes more stringent, more and more companies are implementing network-based Web Application Firewalls (WAFs). Shares of one Web Application Firewall maker Imperva (NYSE: IMPV) are up about 40% […]
IDLE scans allow an attacker to scan a victim and frame an inactive host on the internet. The attacker doesn’t transmit packets directly to the victim, but instead uses the idle zombie to measure the victim’s response to a spoofed packet. NMAP currently does this with the -sI command line option. There is a very […]
Researchers at the University of Cambridge discovered a way to DoS users in China using China’s own firewall/filter against them. To quote the article (linked below), “the Chinese firewall can be used to launch denial-of-service attacks against specific IP addresses within China, including those of the Chinese government itself. The IDS uses a stateless server, […]
Fast Five
Selected by the SC Media Editorial team every Tuesday.
Sign up now for the top five issues cybersecurity pros need to know this week.