Tag: intrusion detection

Researchers at Purdue’s CERIAS group have developed a way of strengthening traditional password authentication against sophisticated attacks. Not only is the defense practical — you can download the PAM security module from GitHub — but it also includes a built-in alarm that warns you when attacker try to use decoy passwords they believe they have […]

Earlier this week I told you how to set up the journal daemon. Now that it has had time to gather data, let’s see how to easily extract meaningful reports from the Linux system log files. First, let’s see the complete journal data. Look at the first line to see how far back the journal […]

Cybersecurity laws and other regulations clearly exist for good reasons, and there are serious penalties involved if you fail to meet them. The new version of PCI DSS, the Payment Card Industry Data Security Standard, requires going beyond showing that data can be secure, you must show that it will be secure through established procedures […]

Another highly advanced and highly stealthy Advanced Persistent Threat (or APT) has come to light over the past few weeks. It has been around at least since 2008, and it may have been active for several years before that. Its stealthiness and complexity have delayed detection and defensive analysis. Symantec and Kaspersky Labs have released […]

Last week I told about how a vulnerable cloud server was deployed, ignored, and then owned by an attacker, with Amazon catching this and the entire cycle complete in just over two weeks. It had an obvious cause: skipping part of the process in which unneeded cloud resources are shut down. But I said that […]