Expert(s):
Principal Security Architectfeature_status*/ ?>
Alert Logic

Comments Dotted : 3
November 28, 2019

Experts Comments On Dexphot Polymorphic Malware Detection
Starting with educating users is the first protection, treating the root cause of infection being the best plan of attack.
"Detection of polymorphic malware and other threats that avoid traditional signature detection relies on a more behavioural analysis based approach on the endpoint and network. By monitoring for suspicious activity, such as contacting known command and control infrastructure or making requests on the network that are abnormal, the activity of a breach can be detected and the polymorphic malware found – monitoring the behaviour of the computers themselves helps to; by building a model of the.....Read More
"Detection of polymorphic malware and other threats that avoid traditional signature detection relies on a more behavioural analysis based approach on the endpoint and network. By monitoring for suspicious activity, such as contacting known command and control infrastructure or making requests on the network that are abnormal, the activity of a breach can be detected and the polymorphic malware found – monitoring the behaviour of the computers themselves helps to; by building a model of the normal behaviour of a system activities that abnormally use resources can be lead threat hunters to the source of infection. Starting with educating users is the first protection, treating the root cause of infection being the best plan of attack – Equally important is putting in solutions backed by trusted experts that can detect behaviour of infections beyond traditional signature detection is a must in today’s complex threat landscape. Attackers and defenders are fighting it out with more intelligent evasion and detection techniques so the expertise and ability to evolve detection techniques is critical."  Read Less
November 13, 2019

Cyberattack On UK Labour Party System – Experts Reactions
It’s entirely plausible that someone without any hacking experience paid for the DDoS attack on the ‘dark web’ from what is known as a ‘booter’.
There is no information on who the culprits might be right now, but a DDoS attack is not complex to arrange but takes resources to setup from scratch. It’s entirely plausible that someone without any hacking experience paid for the DDoS attack on the ‘dark web’ from what is known as a ‘booter’ – a paid-for service where a hacking group will lease out their existing botnet to perform the attack. The barriers to entry for a DDoS attacker has been significantly lowered, offering users.....Read More
There is no information on who the culprits might be right now, but a DDoS attack is not complex to arrange but takes resources to setup from scratch. It’s entirely plausible that someone without any hacking experience paid for the DDoS attack on the ‘dark web’ from what is known as a ‘booter’ – a paid-for service where a hacking group will lease out their existing botnet to perform the attack. The barriers to entry for a DDoS attacker has been significantly lowered, offering users the option to anonymously attack any target, for a nominal fee. Whilst attacks have been reported during previous general elections, for example government systems being compromised during the 2015 Election (with some politicians and security services later blaming Russia), a deliberately disruptive attack against a specific party is unusual. A DDoS attack is where an attacker uses a set of compromised systems to make a huge amount of requests to a service to make it unavailable, the set of compromised systems is called a botnet. This botnet is effectively a large set of drones that are not necessarily connected to the attacker. Due to this tracking down the actual culprit is difficult, unless they decide to boast about it or make themselves known within the hacking community. Considering the attack fundamentally failed to cause significant disruption this seems unlikely.  Read Less
October 31, 2019

The World’s First Internet Domain Name Provider Confirms Data Breach – Expert Reactions
Sometimes "hashing" a password is referred to as encryption.
In this case, the dwell time between attack and detection is not the worst, but they have announced the beach within a good amount of time. They are asking users to reset their password when they login and are in the process of notifying them directly Web.com has stated that it doesn't believe passwords were compromised because they were encrypted, but don't state what kind of encryption. Sometimes "hashing" a password is referred to as encryption. Hashed passwords that aren't "strong".....Read More
In this case, the dwell time between attack and detection is not the worst, but they have announced the beach within a good amount of time. They are asking users to reset their password when they login and are in the process of notifying them directly Web.com has stated that it doesn't believe passwords were compromised because they were encrypted, but don't state what kind of encryption. Sometimes "hashing" a password is referred to as encryption. Hashed passwords that aren't "strong" enough, and can be brute forced to reveal the original password. Web.com password requirements are 13 characters which means that any hashed password would take too long to brute force (it's not clear if this was a change in response to the breach though). Ultimately, anyone creating a password on a site that contains sensitive information like credit card data needs to use a long password and the recommendation is to make this a memorable phrase and, have a set of different passwords used on sites based on how sensitive or personal the information they hold is, or use a password manager to generate unique passwords for each site.  Read Less