You are viewing 'Intelligence'

Solutionary blogs about intelligence.

The NTT Security SERT Q4 ‘16 Threat Intelligence Report

Key points: decline in attacks, challenges in securing the retail industry, and an apparent increase in nation state-sponsored cyberattacks

Danika Blessman

January 26, 2017 - Posted by Danika Blessman to Threat Intelligence

NTT Security SERT Q4 Threat Intelligence Report

The NTT Security SERT (Security Engineering Research Team) released its Q4 ‘16 Threat Intelligence Report today.

During Q4 ’16, NTT Security researchers observed a noticeable shift in the types of attacks from previous quarters – particularly exhibited by a much narrower scope of attack vectors. Several vulnerabilities such as Oracle Server Backup in the retail industry and Linux password files in the finance industry were specifically targeted – likely indicative of criminals identifying specific flaws and crafting attacks to fit, a sign of more sophisticated and directed efforts.

This shift was also evident in an overall 35 percent decrease in total security-related events across client networks from Q3 ’16 to Q4 ’16, including continued declines of 25 percent in... read more >

How Big Data is Advancing Cybersecurity

Brandon Louder

February 18, 2016 - Posted by Brandon Louder to Security Insight

Big Data

How many times have you heard a new technology or startup described as “innovative and revolutionizing,” “value added solution,” “disrupting industry,” or “making the world a better place”? Personally, I’ve heard these descriptions too many times to count. There are not many technologies that I can think back on and say “yep, they were right!” The advancement and application of big data, however, is definitely at the top of my list.

Big data analytics is an old “new” way of analyzing data. The concepts predate existing technologies, with probabilistic and statistical math. In the last few years, however, the technology has improved, making big data analytics simpler and more accessible. This old “new” way has recently become its own field of expertise and has revolutionized several industries.

Big data in the news

Investment banks now have people they lovingly... read more >

Introduction to Internet of Things (IoT) Security

12 Steps for creating a safe IoT environment

Vance Baker

February 09, 2016 - Posted by Vance Baker to Security Insight

Internet of Things

It’s hard to not find ourselves in possession of one of the so many newly available gadgets, technologies and appliances intended to improve our life experience. Most, if not all, of these new gadgets fall within the classification of “Internet of Things” (IoT), a rather nondescript categorization of devices that use Internet connectivity for a variety of purposes, ranging from entertainment to home automation to enhancing communications. The uncertainty of how to safely introduce these new things into our homes can be a little disconcerting.

Fear not! This blog provides a few basic steps allowing you to create a safe IoT environment in your home to connect those new gadgets and use them safely and in rapid fashion.

Let’s get the precautionary considerations addressed straightaway. First, security standards for IoT devices are evolving.... read more >

Researchers Discover SSH Backdoor in FortiGate Devices

Another Backdoor in a Security Device

Aaron Perkins

January 12, 2016 - Posted by Aaron Perkins to Threat Intelligence

Siren

Solutionary recently posted a blog discussing the discovery of a backdoor vulnerability in Juniper Networks’ ScreenOS. Here we are, less than a month later, notifying you of yet another backdoor vulnerability. This time, the backdoor is in Fortinet’s FortiGate devices.

Although a single research entity discovered this vulnerability on January 9, it was not until just a few hours ago that the news hit social media. Researchers from both Twitter and Reddit conducted real-time testing of the vulnerability, confirming that the exploit actually works.

This backdoor vulnerability is written in the Python programming language, and... read more >

Juniper Discovers Severe Vulnerabilities from Unauthorized Code in ScreenOS

Danika Blessman

December 18, 2015 - Posted by Danika Blessman to Threat Intelligence

Siren - ETA

On December 17, Juniper Networks published an out-of-cycle security announcement regarding a severe vulnerability their own security researchers had discovered in ScreenOS. These vulnerabilities affect any products and platforms running ScreenOS 6.2.0r15 through 6.2.0r18 and 6.3.0r12 through 6.3.0r20, covered under CVE-2015-7755.

Security researchers discovered the vulnerability during an internal code review and identified two specific issues. The first could allow unauthorized remote administrative access to an affected NetScreen firewall via Telnet or SSH, possibly leading to compromise of the affected system. The second issue, per the Juniper Networks... read more >

1 | 2 | 3 | 4 | Older Entries >>

Voted one of the Best Computer Security Blogs 2016
NTT Security (US), Inc. (formerly Solutionary) is a security consulting and managed security services provider. The NTT Security blog is a place for IT professionals to both learn and talk about the latest in IT security and compliance.

Get the NTT Security Blog delivered to your inbox!

Enter your Email:

(We will not share your email or use it for anything else.)

LATEST TWEETS