A security firm published a blog post today explaining how they compromised an endpoint security system. The vendor, Carbon Black, responded in a blog post explaining that this feature is off by default and customers receive a warning when they turn it on. Setting aside the topic of responsible disclosure for the moment, take a look at this statement in the research firm’s … [Read more...]
Don’t Be a Target – Anticipate and Monitor for APT Activity
Our security predictions for 2012 forecasted that the class of targeted attacks known at APTs – advanced persistent threats – would trickle down, and begin to affect smaller organizations. And while it might not make the headlines like the recent story about the data breach at Coca-Cola in 2009 that is still affecting the company three years later, a successful attack can be … [Read more...]