Security research from the front lines

Ryan Sherstobitoff

Subscribe to Ryan Sherstobitoff: eMailAlertsEmail Alerts
Get Ryan Sherstobitoff: homepageHomepage mobileMobile rssRSS facebookFacebook twitterTwitter linkedinLinkedIn

Top Stories by Ryan Sherstobitoff

As the malware threat landscape continues to evolve, hackers are continuously changing techniques to counteract detection technologies being developed by vendors. By using sophisticated methods to evade current antivirus technologies, hackers are relentless in their pursuit of damaging IT systems and oftentimes gaining access to sensitive information. Several years ago, hackers used polymorphism and metamorphism as tactics to constantly generate new variants of worms. Essentially, through polymorphism, the virus would morph into different variations, successfully bypassing signature-based technologies. The antivirus industry responded to this threat by creating emulation technologies to counteract the new breed of virus. This emulation engine was designed to mimic the properties of the morphed virus so it could be detected by other means (signature and heuristics). H... (more)

The Evolution of Traditional Anti-Virus to Security as a Service

Over the past five years, the anti-virus market has experienced tremendous growth as many new technologies have emerged in response to current threat conditions. What was once a market consisting of very few players is now a multi-billion dollar enterprise consisting of numerous companies with multiple anti-virus products that vary in focus and quality. According to some analyst forecasts, the global anti-virus market will likely surpass $58 billion by 2010 through the introduction of new technologies in the areas of data loss prevention, virtualization security, security-as-a-... (more)

Breaching Wireless Networks

Wireless networks and endpoints offer convenience and connectivity, but unless properly secured, they also offer a means of egress into the network. As evidenced by recent headlines surrounding undiscovered data breaches and subsequent public exposure, hackers have begun to turn their eye toward breaching wireless networks and taking advantage of the many weaknesses incumbent. At the same time, we continue to see a trend toward stealing cardholder information from retailers such as TJ Maxx and Hannaford Brothers. According to a recent study conducted by the Verizon Business Risk ... (more)

Zeus & SpyEye: Summary

For those who know how dangerous Zeus & SpyEye is to the financial services community, you can appreciate how difficult it is to determine methods and motives of an ever changing threat landscape; especially when dealing with the infamous Zeus banking Trojan. Thus, I provide a summary of some of the most recent changes and tactics used by fraudsters and some of their new targets. Zeus has been on the market for several years and has infected millions of PCs and has been associated with many high value losses in the business banking segment. Summary Community and regional banks ... (more)

Virtualization - Security Should Not Take a Backseat

There’s no question that advances in server virtualization technology are becoming popular among corporations that want to save money by consolidating resources and improving operational efficiency. Virtualization enables a dramatic increase in cost savings in ongoing maintenance and the cost required to keep physical assets afloat. These benefits are often seen by CIOs and other information technology leaders as adding tremendous value to an existing robust IT infrastructure. Who wouldn’t want to save money by reducing the size and extent of their data center, especially in the ... (more)