The UK’s IT decision makers have it pretty tough. On the one hand the sheer range, volume and persistence of threats today make it virtually impossible to keep digital corporate assets 100% safe. But on the other, the outrageous hyperbole spread by security vendors in what is an increasingly crowded market makes finding the right tools more challenging than it’s ever been. In these situations, the opinions of journalists, independent reviewers and customers themselves become incredibly important. Continue reading →
Recent headlines have highlighted once again that many organisations are just a click away from a potentially catastrophic malware infection or data breach. The world-leading heart and lung Papworth Hospital in Cambridgeshire was lucky enough to have daily back-ups in place when it was recently hit by a ransomware attack. North Lincolnshire and Goole NHS Foundation Trust was less so, and ended up cancelling operations and moving patients elsewhere after IT systems were taken offline for several days.
Many endpoint security vendors trumpet their capabilities as a silver bullet to tackle these and other modern day threats. It’s a tempting prospect, but sadly with little substance to back up the claims. The truth is that the only way to effectively protect your organisation from the multiplicity of threats out there is with a multi-layered approach, which runs from traditional signature-based detection to advanced machine learning. Continue reading →
Indicators of compromise (IOCs) are an incredibly important forensic artifacts which, as the name suggests, are used in incident response and threat research to discover if a system has been compromised. They come in various forms, for example, unusual outbound network traffic, an MD5 file in a temporary directory, or even log-in irregularities. One class of IOCs so far resistant to detection by traditional methods relates to the use of external content in web-based attacks.
At Black Hat Europe earlier today, Trend Micro senior security researcher Marco Balduzzi, explained how a new machine learning approach can reap fantastic results for early detection of such threats. Continue reading →
Today’s IT security bosses are assailed from all sides by a huge variety of online threats. They’re designed to exploit known and unknown vulnerabilities across cloud, mobile, virtual and hybrid environments. And increasingly, they’re developed to outwit traditional signature-based tools. Yet the impact of these threats has never been greater. Data breaches and service outages can lead to heavy industry fines, damage to the brand, lost customers, remediation and clean-up costs, and even heft legal bills.
That’s why we have developed a new statistical-based approach designed to learn as it goes to detect modern unknown threats. This XGen approach was revealed at Black Hat today by senior researcher, Marco Balduzzi. Continue reading →