From malware on Google's Android phones to the US Defense Advanced Research Projects Agency trying to understand how stories or narratives impact security and human behaviour, the security world certainly is never boring. Here we take a look at 20 security stories that have shaped the industry in the past few months.
Low-cost SSL proxy could bring cheaper, faster security; defeat threats like Firesheep
Researchers have found a cheaper, faster way to process SSL/TLS with off-the-shelf hardware, a development that could let more Web sites shut down cyberthreats posed by the likes of the Firesheep hijacking tool. The technology, dubbed SSLShading, shows how SSL proxies based on commodity hardware can protect web servers without slowing down transactions. SSL/TLS - the cryptographic protocols used to protect online web transactions - encrypts traffic from visitors' machines all the way to Web servers. That makes it impossible to pick up data such as session cookies by preying on unencrypted wireless networks, which is what Firesheep does.
Memory scraping malware goes after encrypted private information
What's 'pervasive memory scraping' and why is it considered by SANS Institute security researchers to be among the most dangerous attack techniques likely to be used in the coming year? Simply put, pervasive memory scraping is used by attackers who have gained administrative privileges to successfully get hold of personally identifiable information (PII) and other sensitive data held encrypted in a file system, according to Ed Skoudis, senior security consultant at InGuardians who is also an instructor at SANS events. Evidence of this attack is coming up again and again in data-breach cases, he said.
Tablets, smartphones force Cisco to rethink how security works
Cisco has unveiled a self-described 'complicated' security architecture dubbed SecureX that it says provides a context-aware way to safeguard networks increasingly overrun with smartphones, tablets and virtualisation. SecureX, outlined at the RSA Conference, will initially give Cisco firewalls - and eventually its switches, routers and other products - the ability to dynamically scan and tag data related to a user's identity and application/device usage in order to have a real-time basis for enforcing identity-based security policies.
What is an 'Advanced Persistent Threat,' anyway?
'Beware the Advanced Persistent Threat' is the security vendor mantra of the moment. But really, what is an APT? Depends who you ask ... Some claim the term 'Advanced Persistent Threat' originated somewhere in the Defence Department and its contractors that face continual cyberattack espionage assaults. "I think it was the Air Force," says Eddie Schwartz, NetWitness chief security officer. "It's persistence of the adversary and the variety of techniques they're using, like malware or social engineering, against a nation's significant economic interests."
Is a next-generation firewall in your future?
The traditional port-based enterprise firewall, now looking less like a guard and more like a pit stop for internet applications racing in through the often-open ports 80 and 443, is slowly losing out to a new generation of brawny, fast, intelligent firewalls. The so called next-generation firewall (NGFW) describes an enterprise firewall/VPN that has the muscle to efficiently perform intrusion prevention sweeps of traffic, as well as have awareness about the applications moving through it in order to enforce policies based on allowed identity-based application usage. It's supposed to have the brains to use information such as Internet reputation analysis to help with malware filtering or integrate with Active Directory.
See also: 10 utilities to secure your data