Coordinated attacks and probes have been observed against several networks that we protect. We describe some of these attacks and provide insight into how and why they are carried out. We also suggest hypotheses for some of the more puzzling probes. Methods for detecting these coordinated attacks are provided.
Recently, small and medium businesses have lost millions of dollars from fraudulent electronic financial transactions. This paper reviews the threat and provides guidance for mitigating the threat. These crimes typically begin with a phishing email targeted at the comptroller or other staff in the finance department. After the comptroller's computer is… (More)
Proper TCP/IP stack tuning has become an increased factor in host network performance. With 10 and 100 megabit Ethernet, default TCP/IP stack tuning parameters usually were sufficient to utilize the available bandwidth, almost to saturation. However, these settings usually are insufficient for full utilization of Gigabit Ethernet (1 GigE).
Respondents to this SANS survey point to strong planning, leveraging internal systems and intelligence, and defining gaps in protection and workarounds as key best practices for developing cyberthreat intelligence capabilities. These best practices, along with adoption trends and definitions, are discussed in this paper. In the last several years, we've… (More)
As technology progresses IT professionals and Security analysts are presented with an ever increasing volume of data to parse through to find evidence of security events. Many companies rely on disparate logging architectures that split network, server, and application logging. Each of these logging architectures are often isolation from each other. The… (More)
The brilliant innovators who launch tech startups may not have significant experience managing the security, privacy, or compliance issues that are inherent with a growing technology business. Although these businesses are able to attract considerable amounts of funding and woo well-known customers, there may be material issues under the surface that would… (More)
In December 2013 over 40 million credit cards were stolen from nearly 2000 Target stores by accessing data on point of sale (POS) systems. This paper will explore known issues in the Target breach and consider some of the Critical Controls that could have been used to both prevent this breach and mitigate losses. Abstract In December 2013 over 40 million… (More)
The place to get sensitive information relating to people who have access to our country's most sensitive information is the Office of Personnel Management's e-QIP Databases. These repositories provide a single location that contains the complete history and all associated pertinent information for anyone with a security clearance. There was a cascading… (More)
By leveraging widely accepted and respected industry certifications and developing a solid training program to assist in obtaining them, employers can ensure that their staff is appropriately educated and continually motivated towards meeting and exceeding company goals. This program can also be used as a retention tool for current and future employees by… (More)