Search
Pete Silva - Daily Dose of Pete
You are here: DevCentral > Weblogs

espionage

espionage

Not that I really needed to point his out but, security attacks are moving ‘up the stack.’  90% of security investments are focused on network security, yet according to Gartner, 75% of the attacks are focused at the application layer and ‘over 90 percent of security vulnerabilities exist at the application layer, not the network layer.’  SQL Injection and XSS are #1 and #2 reported vulnerabilities and the top two from the OWASP Top 10.  Plus, from Forrester Consulting, the average loss of revenue per hour for a layer 7 DDoS attack is $220,000.  These vulnerabilities are some of the...

posted @ Wednesday, June 22, 2011 5:56 AM | Feedback (0)

Botnets?  Old school.  Spam?  So yesterday.  Phishing?  Don’t even bother…well, on second thought.  Spaghetti hacking like spaghetti marketing, toss it and see what sticks, is giving way to specific development of code (or stealing other code) to breach a particular entity.  In the past few weeks, giants like Sony, Google, Citibank, Lockheed and others have fallen victim to serious intrusions.  The latest to be added to that list: The IMF – International Monetary Fund.  IMF is an international, intergovernmental organization which oversees the global financial system.  First created to help stabilize the global economic system, they oversee exchange rates and...

posted @ Tuesday, June 14, 2011 5:33 AM | Feedback (0)

In case you missed this over the long weekend, a few more notable names were compromised in recent weeks.  A few weeks ago I wrote about how the Big Attacks are Back and it sure seems like the hits keep coming.  First, last Friday, Lockheed Martin said that earlier in the week, they detected that someone was trying to break into their network through the VPN.  Lockheed is a huge military contractor providing fighter jets, spy satellites and other military and intelligence equipment for the US and other government entities.  They are also known for Skunk Works or their Advanced...

posted @ Wednesday, June 01, 2011 9:36 AM | Feedback (0)

As we've seen with some of the recent high profile internet attacks, like HBGary, RSA, Google, Comodo and others, no one is immune from being a target and the perpetrators are exceedingly organized, exceptionally skilled and extremely well-funded. Often, the culprits might be better trained than the IT staff deployed to thwart the attacks. The attacks are targeted, elaborate and aggressive, not to mention a bit creative. The attacks are multi-layered in that once one type of attack settles in, another can and will crop up. They are not simply looking to deface a website but they are attempting to...

posted @ Wednesday, March 30, 2011 12:17 PM | Feedback (2)

Figured I’d write this now since many of you will be celebrating the holidays over the next couple weeks and who really wants to read a blog when you’re reveling with family and friends.  It’s been an interesting year for information security, and for me too.  I started the year with New Decade, Same Threats? and wondered if the 2010 predictions of: social media threats, smarter malware/botnets, using the cloud for crime, financial DDoS, rogue software, Mac and Mobile malware, more breaches and a whole host of others would come through.  And boy did they.  Social media was...

posted @ Wednesday, December 15, 2010 9:21 AM | Feedback (1)

Intellectual Property is one of a company’s most precious assets and includes things like patents, inventions, designs, source code, trademarks, trade secrets and more.  These formulas, processes, practices and other inside information can differentiate your brand and give a competitive edge in the marketplace.  An often cited example is Coca-Cola’s formula or KFC’s 11 herbs and spices.  For technology companies it can be their software, hardware design, development process, roadmaps, patents and others pertinent to the company.  In F5’s case, we own the patent for Cookie Persistence technology and have had to lawfully protect that valuable intellectual property. A...

posted @ Tuesday, April 06, 2010 2:09 PM | Feedback (0)

Peter Silva of F5 sits down with IOActive's Dan Kaminsky. In this extremely informative and lively discussion, the Domain Name System is the topic. DNS infrastructure, DNS vulnerabilities including DNS Cache Poisoning, DNSSEC and what's happened since the discovery of the flaw are all discussed. In 3-10 minute segments. ps Technorati Tags: Pete Silva,F5,security,application security,network security, business, banks, education, economy, technology, blogging, blogs, social networking, webinar, video, partners

posted @ Tuesday, March 09, 2010 1:49 PM | Feedback (2)

Peter Silva of F5 continues his conversation with IOActive's Dan Kaminsky. Please see Part 1 for complete description. In this segment, Dan talks about the discovery of DNS Cache Poisoning, DNSSEC and the overall importance of DNS to the Internet. ps Technorati Tags: Pete Silva,F5,security,application security,network security, business, banks, education, economy, technology, blogging, blogs, social networking, webinar, video, partners

posted @ Tuesday, March 09, 2010 1:43 PM | Feedback (0)

Do I call it Twenty-Ten or Two Thousand Ten?  Just not Two Thousand and Ten since that pesky decimal takes us back 10 years.  Eh, either way, the new year and decade brings out all the predictions for the coming year with this one taking the cybercriminal approach.   The various 'Year in Reviews' also make appearances since we need to understand where we came from to know where we’re going.  These are always interesting due to the various points of view even if many of the predictions are the same: social media threats, not necessarily more but smarter malware/botnets, using...

posted @ Wednesday, January 06, 2010 3:43 PM | Feedback (1)

Links

  
Are you interested in:
Search DevCentral to get answers to your questions.

Blog Stats

Posts:285
Comments:98
Stories:0
Trackbacks:111
  

Tags

  

Post Categories

  Cloud Computing
  Security
  SSL VPN
  Information security
  pci
  PKI
  application attacks
  malware
  mitigation
  client security
  compliance
  notification laws
  social media
  social networks
  twitter
  facebook
  youtube
  digg
  peter silva
  social media stats
  ipv6
  ipv4
  2012
  context
  contextual aware
  user centric
  decision
  game show
  granular
  control
  identity
  cloud security
  virtualization
  sys-con
  cloud expo
  virtual
  glenn brunette
  sun microsystems
  Bruce Schneier
  Schneier on security
  research
  2009
  blog
  2010
  threat
  pci dss
  regulations
  espionage
  pentagon
  crown jewels
  tower of london
  health care
  banking
  prediction
  cybercrime
  cybercrime kits
  dyi
  dnssec
  dummies
  l0pht
  2600
  breach
  privacy
  breaches
  web security
  spam
  trojan
  gogrid
  blogger
  personal
  business
  H1N1 flu
  emergency preparedness
  disaster recovery
  network security
  oracle
  sso
  single sign on
  big-ip
  oracle access manager
  f5
  personal devices
  mobile devices
  mobile security
  windows
  microsoft
  windows 7
  desktop
  games
  gaming
  online games
  DDoS
  scams
  consolidation
  data center
  tech sector
  single purpose
  dedicated
  management
  access security
  policy enforcement
  utm
  processing power
  video
  audio
  multi-media
  dns
  webinar
  interview
  ioactive
  kaminsky
  dan kaminsky
  partner
  rsa
  xml
  splunk
  instructional
  in 5
  education
  training
  idc
  smart city
  smart grid
  infrastructure
  web 2.0
  standards
  inter-cloud
  interoperability
  application mobility
  peering
  confusion
  cloud confusion
  cloud survey
  edge gateway
  v10.1
  history
  words and meanings
  lists
  fun
  patent
  intellectual property
  trade secrets
  confucius
  cloudfucius
  series
  blog series
  a-z
  law
  constitution
  court
  fourth amendment
  gps
  government
  legal
  vmotion
  vmware
  case study
  interop
  v10.2
  database
  csrf
  asm
  adc
  arx
  data manager
  netapp
  storage
  WAN optimization
  application delivery
  optimization
  compression
  whitepaper
  statistics
  cloud research
  cloud stats
  LTM VE
  travel
  firepass
  encryption
  music
  humor
  uptime
  cloud outage
  SLA
  availability
  customer
  vmworld
  yankee group
  sports
  NFL
  performance
  acceleration
  peoplesoft
  rman
  recovery manager
  oow
  openworld
  replication
  integration
  apm
  wi-fi
  numbers
  firepass
  risk
  open source
  authentication
  smart card
  kerberos
  Business Challenges
  evidence
  SSL
  SSL offload
  NIST
  2048-bit
  certificate
  rss
  blog analytics
  web traffic
  e-cards
  hardware
  support
  diagnostics
  iHealth
  apple
  iPhone
  iPad
  iOS
  itunes
  smartphone
  v10.2.1
  citrix
  vdi
  parody
  satire
  entertainment
  andriod
  virus
  google
  mac
  comscore
  ID theft
  social security
  ssn
  synthetic ID theft
  credit report
  data privacy
  cyber threat
  reports
  50 ways
  2011
  trade show
  silva
  emc
  emc world
  ixia
  viprion
  ssl tps
  vCMP
  outtakes
  acting
  theatre
  tokens
  vpn
  remote access
  intrusion 2.0
  toys
  v11
  ajax
  SANS
  devcentral
  whitehat
  sentinel
  waf
  scanner
  grossman
  iApps
  wan op
  file virtualization
  hawaii
  emea
  ipexpo
  london
  UK
  human behavior
  risk managment
  tech center
  secure vault
  fips
  appliance mode
  copyright
  pearl harbor
  Dec 7
  punchbowl
  honolulu
  staffing
  jobs
  irules
  AppSec
  TradSec
  icsa
  v11.1
  community
  

Archives

  

82,243 Members in 102 Countries and Growing!

Join DevCentral Today!

About DevCentral

DevCentral has been a successful, thriving community for many years. We have always strived to bring you the best technical documentation, discussion forums, blogs, media and much more that we can.

So dive in, get familiar with DevCentral. We hope you like it, we hope it makes your job easier, and lets you get that much more power out of the community. To learn more, make sure to check out the Getting Started section. And if you have any problems, or think something could be easier to use, drop us a line to let us know.

Got It !

We've received your comment and transmitted it directly to DevCentral HQ.

Thanks for taking time to let us know what's on your mind. At DevCentral | Community Matters!

Get In Touch With Us

Have questions, suggestions or just want to get something off your chest?

Use our handy form below to Direct Connect with DevCentral Mission Control.

Send Us Feedback       or
Copyright 1996 - 2011 F5 Networks, Inc.

Powered by the DevCentral Crew  |  Privacy Statement   |  Terms Of Use  |  Code of Conduct

Page generated faster than you can blink!