Categories: Newsletter

Network Monitoring News – Sep 2016

Drones

We have been hearing a lot about drones as of late. A new trend is for hackers to use drones to hover close to buildings or perch on a roof or ledge to feed open connections for Bluetooth and WiFi to internal users. They are also using drones to hack solar panels and other devices/equipment that were previously inaccessible.

Much more concerning is the use of drones to hack into cars. Drone jammers are devices that can jam the signal between the drone and handset, forcing them to land, my guess is we will be seeing companies mass produce these devices to prevent drones from accessing areas where they are not wanted.

Apple Patches

Apple issued emergency OS patches for the Mac, fixing the same three vulnerabilities the company addressed last week on the iPhone.

The trio of bugs were used to spy on an activist in the United Arab Emirates by turning his iPhone into a surveillance tool.

Getting Secure

Intrusion Detection is now a must have. Years ago IDS consisted of a single software package that parsed data against a rule set. Now, Intrusion Detection is pulling data from multiple sources (Log files from servers, logs from firewalls and other network equipment etc.) and parsing, categorizing, summarizing all data.

  1. Monitor Applications with Access to Data
  2. Create Specific Access Controls
  3. Collect Detailed Logs
  4. Maintain Security Patches
  5. Be Aware of Social Engineering
  6. Educate and Train Your Users
  7. Outline Clear Use Policies for New Employees and Vendors
  8. Monitor User Activity
  9. Create a Data Breach Response Plan
  10. Maintain Compliance

Not only does modern IDS look for problems, it is also looking for unexplained traffic or anomalous activity. IDS also looks for internal users connecting to command control servers, malicious web links, phishing, ransomware and much more. Most important, they enable us to find when our prevention systems have failed. Once an event is found, modern IDS can also retrieve all the records and logs to help track down the 5 W’s (Who? What? When? Where? Why? How?) about the incident.

Ron Samson

Share
Published by
Ron Samson
8 years ago

Recent Posts

What Apps Are Used in SIEM and How They Enhance Cybersecurity

Security Information and Event Management (SIEM) systems have become essential tools in today’s cybersecurity landscape.…

3 weeks ago

What You Need to Know About SIEM Integration with Your Existing Infrastructure

Today, organizations need a cybersecurity tool that will offer detection and response, among other services,…

3 weeks ago

SIEM Providers for Small Businesses: Affordable and Effective Options

The threat vectors in cybersecurity are increasing, and cyber attackers are targeting small businesses due…

4 weeks ago

What Affects EDR Pricing? Key Factors to Consider When Selecting Endpoint Protection

Sophisticated cyber threats have driven the demand for Endpoint Detection and Response (EDR) software, making…

4 weeks ago

The Benefits of EDR Software: A Deep Dive into Proactive Threat Detection

With cyber threats increasing in sophistication, businesses are under pressure to try and stay ahead…

1 month ago

EPP vs EDR: What You Need to Know About Endpoint Protection in 2025

Cybersecurity has become an ever-critical concern for businesses of all sizes. In 2025, as remote…

1 month ago