Whereas early social engineering efforts convinced someone to provide a password or other information via a convincing phone call or conversation, today’s social engineering efforts are fare more nefarious, as evidenced in great detail within the recently published report: Shadows in the Cloud: Investigating Espionage 2.0.

Often we talk about how destination port is not an accurate classification for controlling network traffic. At this point, hopefully that is obvious. Everyone knows that just about anything can get out of an enterprise network via port 80 or 443. Lately I have had several discussions with customers curious about protocol validation and ensuring [...]

Looking for data leaks in email, IM and web traffic is easy, but that does not even begin to solve the problem. These are just few applications among the hundreds of application that are capable of file transfer – peer-to-peer applications, skype, online backup services and gmail to name a few. There are many examples of organizations losing data through peer-to-peer networks, such as Walter Reed and the Tokyo Police department.