Take it from Harry Sverdlove, CTO of security firm Bit9, no organization – regardless of size or business — is immune to today’s attacks.

The security whitelisting vendor earlier this year revealed details of how attackers had stolen one of its digital code-signing certificates and then used it to sign malware attacks against three of its customers, who were the ultimate targets. It was an awkward and painful position for a security vendor, but Bit9 provided a detailed firsthand account of some of the key specifics of the attack, as well as the malware that was used.

Sverdlove here at Interop tomorrow will share five lessons from real-world attacks — some of which are gleaned from his company’s own experience getting attacked.

SOURCE: darkreading.com

Information Security Buzz