Dataproof Communications

In April 2017, we published a detailed review of a malicious program that used DNS tunneling to communicate to its C&C. That study prompted us to develop a technology to detect similar threats, which allowed us to collect a multitude of malware samples using DNS tunneling. In this article, we will examine some of the most notable malicious programs that...

Following the high-profile breach of the US Office of Personnel Management (OPM), which exposed the personal data of millions of Americans, the House of Representatives’ Committee on Oversight and Government Reform issued a report on the attack in 2016. That report provided an exhaustive account of the events leading up to the breach, illustrating how a hacker posing as an employee...

As we enter the New Year, IT and security leaders have most likely been glued to revelations of major new CPU-level vulnerabilities Meltdown and Spectre, described by researchers as among the “worst ever” discovered. However, there’s arguably an even more pressing concern, not just for IT but the entire organisation: GDPR compliance. There are now just over four months...

Once an organization’s network is breached, extinguishing the flames is just the first step in a long, painful and costly journey to recovery. There’s still the wreckage to sift through, investigators to perform analyses, insurance claims and, of course, a business to reconstruct and secure. It isn’t business as usual once operations are restored; a breach can plague an...

More and more IT professionals see DevSecOps, a practice which integrates security measures earlier in the development process to improve production code quality, as a mainstay for future application development. Much of this stems from the growing trend towards speeding up application development through adopting architectures using DevOps, containers and microservices, as well as supporting automation toolchains and frameworks. This...

With 50,000 attendees, over 1,000 breakout sessions and countless sponsors and exhibitors, the 2017 AWS re:Invent conference in Las Vegas was one of the largest events yet. With announcements like server-less containers, managed databases and bare metal compute instances immediately available as a service, enterprises see cloud adoption as a clear choice model to operate. Security to protect infrastructure...

At the beginning of October 2017, we discovered new Android spyware with several features previously unseen in the wild. In the course of further research, we found a number of related samples that point to a long-term development process. We believe the initial versions of this malware were created at least three years ago – at the end of...

- Read more

Introduction We are excited to announce that Centrify now supports CoreOS Container Optimized Linux which several of our customers are using as part of their adoption of containerization for their application deployments. But first, let’s start with an overview of how Centrify can help you protect access to these containerized platforms and the applications that run on them. As organizations embrace...

Not long ago, for security, compliance or other reasons, it was unthinkable for many regulated organizations to move sensitive data into the cloud. It’s striking how things have changed. Maybe it was inevitable that services like email were cloud migration candidates. People trust Microsoft, and it’s quite impressive what they have done to make Office 365 simple to adopt and...