The state of Information Security
Malware authors have figured out how to evade AV by continually tweaking their binaries. They can circumvent content filtering systems by hacking legitimate sites (banner ads, etc.) that users are allowed to access. They flow right by IDPS and Malware Detection Systems through the same type of techniques. Firewalls offer good protection for inbound connection attempts, though the threat vector now consists of an attacker riding back in on legitimate outbound connections.
Microsoft’s most recent anti-botnet campaign — a legal sneak attack against dozens of ZeuS botnets — seems to have ruffled the feathers of many in security community. The chief criticism is that the Microsoft operation exposed sensitive information that a handful of researchers had shared in confidence, and that countless law enforcement investigations may have been delayed or derailed as a result.
Officials say cyber attacks have shut down the websites of the two main Palestinian news agencies, the official Wafa and the privately run Maan.
The attacks came several days after hackers disrupted the websites of an Israeli hospital, a leading newspaper and Israel's official cultural festival.
The ever ongoing debate about quality IT staff once again received a nudge, this time by an article of J.Oquendo. In his article he takes another brutally honest stab at the Industry by pointing out that the new Shady RAT attacks aren’t that new and would have been easily caught by capable personnel. I agree with that view very strongly and would also like to point out that Shady RAT is really no different than Night Dragon in that both attack waves used techniques that have been known for a decade or more. Oviously someone is asleep at the wheel, but who?