Video Screencast Help
Symantec to Separate Into Two Focused, Industry-Leading Technology Companies. Learn more.
Information Unleashed
Showing posts tagged with APT targeted attacks
Showing posts in English
khaley | 20 Sep 2012 | 0 comments

In recent years there has been no shortage of news on highly sophisticated threats that are evading detection for long periods, causing serious damage to organizations and stealing valuable information. These are often directed at defense or other government targets, but we still feel the paranoia that we could be the next victim. While we worry about these highly targeted threats, looking for new solutions to protect us from these attacks, are we ignoring simple and effective steps to get the most out of our existing solutions? Are we neglecting our patches and updates, so worried about high-profile threats that simple, common threats easily enter our network?

Whatever new threats are developed, it will never be advisable to neglect the most basic security policies and practices. While we need to be aware of the evolution of security trends, it’s the little things that can still kill us. This point is further explored in my recent guest post in Forbes, which you can...

Symantec Security Response | 06 Sep 2012 | 0 comments

In 2009, we saw the start of high profile attacks by a group using the Hydraq (Aurora) Trojan horse. We've been monitoring the attacking group's activities for the last three years as they've consistently targeted a number of industries. These attackers have used a large number of zero-day exploits against not just the intended target organization, but also on the supply chain manufacturers that service the company in their cross hairs. These attackers are systematic and re-use components of an infrastructure we have termed the "Elderwood Platform". The term "Elderwood" comes from the exploit communication used in some of the attacks. This attack platform enables them to quickly deploy zero-day exploits. The attacking methodology has always used spear phishing emails but we are now seeing an increased adoption of "watering hole" attacks (...

Sean Doherty | 13 Feb 2012 | 0 comments

One hot topic in IT and information security today is the Advanced Persistent Threat, usually abbreviated to APT. However, the P in APT might as well stand for People. And therein lies a clue as to how APTs differ from other targeted attacks, something about which there has been a some confusion.

A standard targeted attack, while often requiring a significant investment of time, does not have dedicated personnel over a long period. If the assets that they are targeting are harder to reach than expected, or pwned asset is removed or patched, then that will often end the attack and another victim selected. Some targeted attacks are even highly automated. In an APT, however, there is someone continually guiding the attack, making adjustments to counter when the victim tries to stop it. It’s very much a person-to-...