Security Experts:

long dotted


The Internet Explorer zero-day patched this week by Microsoft has been used in watering hole attacks to deliver the PlugX RAT.
Russian anti-virus vendor Kaspersky Lab is denying accusations that it conducted operations designed to trick software from competing firms into classifying harmless files as malicious.
A large malvertising attack recently hit the Yahoo! advertising network, which leveraged Microsoft Azure websites and eventually redirected browsers to pages hosting the Angler Exploit Kit to compromise systems.
Beware of fake Windows 10 upgrade emails! They carry a piece of ransomware that encrypts your files.
Cybercriminals are using the Angler exploit kit to identify and infect PoS systems with malware.
Rook Security has released a free software tool designed to help organizations determine if they have been impacted by malware developed by Italian surveillance software maker Hacking Team.
New GamaPoS malware steals payment card data from US organizations. The threat is delivered using the Andromeda botnet.
The criminal gang behind the Dyre malware will target more Spanish banks and Spain-based subsidiaries of other banks this summer with fraudulent wire transfers, according to IBM security researchers.
TeslaCrypt 2.0 ransomware comes with a new ransom screen (taken from CryptoWall 3.0) and an improved encryption scheme.
Seaduke Trojan, the latest member of the “Duke” malware family, used in attacks against high-value targets.


rss icon

Marc Solomon's picture
Mosquitoes are quite similar to malware. There are thousands of species and numerous ways to try to protect against them but each method has its limitations.
Aviv Raff's picture
Without the elements of prevention, detection, and protection all working together, threat actors will always have the advantage, and will find a way to carry out their illicit economic, political or social agendas.
Aviv Raff's picture
A combination of new threat actors, new attack approaches, and new masking tactics demand that enterprises redefine malware, and make all necessary investments in people, technology and systems to stay one step ahead.
Mark Hatton's picture
One of my concerns heading into these Olympic Games is that the public has become somewhat desensitized to cyber-attacks and we may not have the same level of vigilance against cyber threats as we should.
Jon-Louis Heimerl's picture
Social engineering attacks can happen at any time. Here are some strategies you can use to help reduce the chances of a successful social engineering/phishing attack you or your organization.
Aviv Raff's picture
Just as offices need to detect break-ins to keep criminals from committing industrial espionage, enterprises need to put more focus on detecting APTs and other advanced threats to keep adversaries from their network.
Aviv Raff's picture
There are four key reasons why cloud-based sandboxes are qualitatively more effective than on-premise appliances...
Jeff Hudson's picture
Organizations need to consider more than just the malware itself if they are to defend against it; the first step in defending against malicious code infections is ensuring that a strong trust infrastructure is in place and well secured.
Wade Williamson's picture
By shortening the scope of an attack, it’s far less likely that response teams will get the chance to analyze such attacks in situ, so to speak.
Wade Williamson's picture
Security in the era of APTs is everyone’s problem, and to truly adapt means each team in an enterprise has to push itself out of its traditional comfort zone. Let’s look at some of these challenges.