Security Experts:

long dotted

NEWS & INDUSTRY UPDATES

A new variant of the CryptoMix ransomware was recently observed, appending the .EXTE extension to the targeted files, security researchers warn. [Read More]
A recently observed feature-rich backdoor is capable of spying on its victim’s activities by recording full videos with the help of the "ffmpeg" application, Malwarebytes warns. [Read More]
Windows Defender ATP in Windows 10 Creators Update can detect code injection techniques associated with these threats, such as process hollowing and atom bombing. [Read More]
A newly discovered LockPoS Point of Sale (PoS) malware is being delivered via a dropper that is manually loaded and executed on the targeted systems, Arbor Networks Security researchers warn. [Read More]
A variant of the Dok malware for Mac targets Swiss banking users in attacks that appear to be part of Operation Emmental [Read More]
The master decryption key for last year’s Petya ransomware was made public last week and has been already confirmed to be genuine. [Read More]
Hackers used template injection to phish credentials in recent attacks targeting critical infrastructure companies in the U.S. and Europe [Read More]
Cybercriminals used PoSeidon PoS malware to steal payment card and biometric data from Avanti kiosks [Read More]
Android file-encrypting ransomware SLocker was recently observed using an interface similar to that of the WannaCry malware that hit Windows systems worldwide last month, TrendMicro security researchers reveal. [Read More]
Threat actor targets several prominent Chinese-language news websites in phishing, malware and reconnaissance attacks [Read More]

FEATURES, INSIGHTS // Malware

rss icon

Travis Greene's picture
To reduce exposure to malware, security teams need to learn the DevOps techniques that are being adopted across the rest of the IT organization.
Justin Fier's picture
The early indicators of the WannaCry attack were evident, but it spread too quickly for human security teams to react before it spread across the world like wildfire.
Jennifer Blatnik's picture
If the WannaCry incident taught us anything, it’s that global, widespread ransomware can and will impact organizations without any notice. The time to prepare is now.
Lance Cottrell's picture
Investigating nefarious actors online can be dangerous, as the places hunters go are likely to be full of malware and people actively monitoring for outsiders.
Scott Simkin's picture
When implemented in series, common malware analysis environments allow security teams to handle the vast majority of threats automatically, freeing up team resources to actively hunt more advanced threats.
Scott Simkin's picture
When implemented as part of a natively-engineered security platform, these malware identification and prevention practices can reduce the operational burden put on security teams.
Jack Danahy's picture
Identifying malicious software by recognizing that it just damaged the system or exfiltrated some amount of information is no longer defense, but detection.
Adam Meyer's picture
While malicious actors demanding ransoms is not new, the surge of organizations being targeted with fake extortion demands and empty threats is. Let’s look at how extortion campaigns are carried out through the “avenue of approach” lens.
Jack Danahy's picture
Protection against the effects of ransomware starts with a clear understanding of all of the means that attackers will use to implant that first malicious package.
Scott Simkin's picture
Attackers have developed anti-VM analysis techniques to allow the malware to recognize when it is being run on a virtual machine and fail to execute, meaning the system or threat analytics cannot make a verdict determination or extract intelligence from the sample.