Intrusion Prevention News and Errata

Security Teams Losing Ground Against Attackers?

This week the Ponemon Institute released a study of almost 600 IT security professionals who overwhelmingly reported an increase in advanced threats and a lack of proper security mechanisms to deal with them. A few important notes:

❯ “Advanced Threat” was defined as a threat requiring a methodology or a combination of techniques as opposed to just one.
❯ 71% of the participants reported an increase in advanced threats compared to the previous year.
❯ 80% believed that their IT management was unaware of the risk posed by these threats.
❯ 70% of threats were found to have evaded IPS and antivirus systems.
❯ IT overwhelming cited a lack of sufficient visibility and proper security technologies as the cause of missing the attacks.

While there are a lot of potential conclusions one could take from those numbers, the very obvious concept that ties them all together is that the current generation of security solutions are not doing their job. Attackers have figured out how to bypass single function systems and security teams can’t see what comes into the enterprise. Sounds like a job for an application-aware firewall that actually knows how to identify what traffic really is and then apply coordinated prevention that integrates IPS, malware prevention, and antivirus all in context. Hmmm…

A Busy Week for Twitter

❯ The saga between Twitter and Hacker Croll seems to be finally coming to a close. Hacker Croll (a celebrity hacker in all senses) got himself and the folks at Twitter into considerable hot water when he exposed weaknesses in the Twitter service by famously hacking into President Obama’s Twitter account. This led to Hacker Croll being prosecuted by his native French government, and Twitter being fined by the FTC. To the delight of conspiracy theorists everywhere, these events were recently resolved on the same day with Hacker Croll being convicted (suspended sentence) and Twitter settling with the FTC on June 24th.

❯ As an interesting aside, the thing that landed Twitter in the most trouble was not the hack itself, but its insistence to the public that user information was completely safe even in the wake of the breach. So the hacker got nabbed for proving publicly that the vulnerability existed and Twitter was hit for denying it – these fights never end well.

❯ Also on June 24th (a busy day for Twitter) researchers in Indonesia demonstrated yet another XSS vulnerability on the Twitter platform, capable of taking over Twitter accounts and spreading malware. The fun never stops.