During last week’s RSA conference in San Francisco, I gave a lecture titled "Stock Exchanges in the Line of Fire – Morphology of Cyber Attacks." Based predominantly on my experience as part of Radware’s Emergency Response Team (ERT) that provides 24/7 DDoS attack mitigation support, I focused on three specific topics:
Today, we launched our 2012 Global Application and Network Security report. It was prepared by our security experts – the Emergency Response Team (ERT) – who’ve seen their fair share of cyber attacks while actively monitoring and mitigating attacks in real-time. In this year’s annual report, our experts have uncovered several new trends in cyber-security worthy of a closer look.
Radware’s Emergency Response Team (ERT) research Lab released a threat alert regarding a newly discovered Trojan Key Logger named Admin.HLP that was detected today for the first time within one of its customer’s servers. </p> <p>Admin.HLP, is malicious software that monitors keystrokes on the victim’s computer, collects user passwords, credit card numbers and other sensitive information. Then it sends all the stolen data out of the organization to the attackers’ remote servers over secured HTTPS connection.
Security specialists describe the malware Flame, also known as Flamer, as the most advanced computer virus ever found and a new level of sophistication in cyber warfare. Flame is able to extract large volumes of information from its victim and send the information back to its operators. The information that Flamer extracts includes key strokes, directory structure, files and documents, activation of audio recording by demand, scan for neighboring Bluetooth devices and much more.
Denial-of-Service (DoS) Attack forensics has several motivations. When under attack, this process is important to identify the attacker and safely distinguish it from legitimate traffic, and in turn to accurately employ various mitigation techniques to block it. After the attack is over, forensic is important for our customers to understand the attack origin, motivation, preparation for a second strike, and as a basis for legal actions. Our research team values forensic as a research tool that improves our understanding of the DoS attack world.