Sourcefire Corporate Blog

Fri Nov 08 19:30:00 UTC 2013


CryptoLocker: Teaching an Old Malware Concept New Tricks

posted by Zulfikar Ramzan

We’ve seen a significant uptick of a rather nefarious threat popularly known as CryptoLocker. Upon infecting a system, CryptoLocker encrypts the victim’s personal files (e.g., documents, spreadsheets, presentations, images, etc.), and then demands a payment in exchange for decrypting that data. Effectively, the vict...

Read more...




Mon Nov 04 17:05:00 UTC 2013


Twenty-Five Years Since the Morris Worm

posted by Dr. Zulfikar Ramzan

On Thursday, November 4th, 1988, the early adopters of the Internet were in for a bit of a rude awakening. The night before, a young Cornell Graduate Student named Robert Tappan Morris Junior executed a software program that would go down in the annals of cybersecurity history. 

Morris's program, which has since b...

Read more...




Mon Oct 14 14:00:00 UTC 2013


The Arrest of Blackhole Ringleader Paunch and the Crimeware Ecosystem

posted by Dr. Zulfikar Ramzan

The security community has been closely following the announcement that Paunch, the pseudonym of the author of the popular Blackhole web exploit toolkit, was apprehended and put in custody a few days ...

Read more...




Tue Oct 08 12:00:00 +0000 2013


ONE Team - Sourcefire is now part of Cisco

posted by Martin Roesch

Cisco’s acquisition of Sourcefire officially closed yesterday and we begin a new chapter as one team, focused on delivering threat-c...

Read more...




Thu Oct 03 18:00:00 UTC 2013


Cyber Security and Physical Security: Two Sides of The Same Coin

posted by Marc Blackmer

I've got a quick quiz for you:

On the shop floor, which is the more serious violation?

1.) Walking onto the floor without a hard hat;

2.) Or, keeping your network credentials on a sticky note under your keyboard.

If I were...

Read more...




Wed Sep 25 05:30:00 UTC 2013


If the Shoe Fits: Intrusion Prevention Systems as Web Application Firewalls

posted by Guest Contributor

The following is a guest post by Matthew Cohen, Co-CEO of NT OBJECTives, Inc.

One of the most interesting and lesser-known capabilities of intrusion detection and prevention (IDS/IPS) products is their ability to protect web applications as effectively as a web application firewall (WAF). A WAF (despite its somewhat misleading name) is actually nothing more than a special purpose IDS/IPS device specifically targeted at layer 7 (web applications). An IPS can be tuned to effectively blo...

Read more...




Tue Sep 17 14:45:00 +0000 2013


After a Successful Cyber Attack

posted by Jason Brvenik

After months of preparation, an att...

Read more...