Security Experts:

long dotted


Solutionary found that Amazon Web Services (AWS) continues to be responsible for hosting most malware.
Malware developers have recently started advertising a new banking Trojan called "Kronos" on a Russian cybercrime forum.
The source code for a version of the Tinba malware was published last week on a private underground forum, Denmark-based CSIS Security Group reported on Thursday.
Cybercriminals have developed a new Trojan largely based on Gameover Zeus in an effort to revive the botnet that was recently disrupted by international authorities.
Attackers have been stealing Google, Yahoo, Facebook, Skype, Dropbox, Amazon, Yahoo, Hotmail, LinkedIn, Rediff and banking credentials from a wide range of organizations, including in sectors like energy, health, insurance, education and even charities, Cyphort said.
The personal data of thousands of US government workers was not compromised in a recently reported cyber attack, officials said Thursday.
Law enforcement agencies and cybersecurity firms have teamed up in an operation aimed at Shylock, a widely distributed piece of malware used by cybercriminals to steal banking credentials.
China-based threat actors are using sophisticated malware installed on handheld scanners to target shipping and logistics organizations from all over the world.
The notorious file-encrypting CryptoLocker ransomware hasn't been active since the latest takedown operation, but its delivery network is still up and running.
OpenDNS has enhanced its cloud-based network security service Umbrella with new capabilities designed to protect organizations against targeted attacks.


rss icon

Wade Williamson's picture
The most important aspect for us as security professionals is to realize that the man-in-the-browser is not going away, and to understand what exactly has made it so successful.
Wade Williamson's picture
In the same way we have watched APT techniques trickle down from nation-state actors to more opportunistic criminals, we should expect MitB to expand from financial services to all types of applications.
Michael Callahan's picture
While attackers are constantly improving their evasion tactics to extend the lifetime of their malware, users can also leverage these types of evasion tactics to help prevent malware infection in the first place.
Marc Solomon's picture
Many continue to click on links or attachments sent via email without taking any steps to verify the origin of the email or the validity of the link or attachment. It only takes one click to for an attacker to establish a foothold in the target’s systems.
Danelle Au's picture
Trying to defend against modern, advanced attacks with one-off point solutions is like playing a whack-a-mole game, always one step behind the attacker and trying to play catch up with the alerts as they’re received.
Marc Solomon's picture
Mosquitoes are quite similar to malware. There are thousands of species and numerous ways to try to protect against them but each method has its limitations.
Aviv Raff's picture
Without the elements of prevention, detection, and protection all working together, threat actors will always have the advantage, and will find a way to carry out their illicit economic, political or social agendas.
Aviv Raff's picture
A combination of new threat actors, new attack approaches, and new masking tactics demand that enterprises redefine malware, and make all necessary investments in people, technology and systems to stay one step ahead.
Mark Hatton's picture
One of my concerns heading into these Olympic Games is that the public has become somewhat desensitized to cyber-attacks and we may not have the same level of vigilance against cyber threats as we should.
Jon-Louis Heimerl's picture
Social engineering attacks can happen at any time. Here are some strategies you can use to help reduce the chances of a successful social engineering/phishing attack you or your organization.