Security Experts:

long dotted

NEWS & INDUSTRY UPDATES

A new piece of Android malware can perform a wide range of actions on infected phones without being detected by making it look like the device is turned off.
Researchers have obtained samples of what appears to be Babar, a nation state espionage malware believed to have been developed and used by a French intelligence agency.
Check Point Software Technologies has acquired Hyperwise, a privately held, security startup focused on CPU-level threat prevention technology.
Researchers at Kaspersky have conducted a detailed analysis of some of the plugins used by the advanced persistent threat (APT) group known as BlackEnergy2 (BE2), or Sandworm Team.
An attack group, dubbed “Desert Falcons” by Kaspersky Lab, appears to be the first known Arabic cyber-espionage group to develop and run full-scale cyber-espionage operations.
The Vawtrak banking malware now leverages macros and the Windows PowerShell scripting tool to infect computers, Trend Micro reported on Monday.
A multinational gang of cybercriminals infiltrated more than 100 banks across 30 countries and made off with up to one billion dollars over a period of roughly two years, Kaspersky Lab said on Saturday.
An individual claiming to be one of the developers of the RIG exploit kit has leaked the source code for what appears to be a fairly recent version of the exploit kit.
The developers of the Simplocker Android ransomware are trying to make it more difficult to recover encrypted files without paying up.
XOR.DDoS is a piece of malware that's used by Chinese threat actors to launch DDoS attacks from Linux and other types of systems.

FEATURES, INSIGHTS // Malware

rss icon

Aviv Raff's picture
Without the elements of prevention, detection, and protection all working together, threat actors will always have the advantage, and will find a way to carry out their illicit economic, political or social agendas.
Aviv Raff's picture
A combination of new threat actors, new attack approaches, and new masking tactics demand that enterprises redefine malware, and make all necessary investments in people, technology and systems to stay one step ahead.
Mark Hatton's picture
One of my concerns heading into these Olympic Games is that the public has become somewhat desensitized to cyber-attacks and we may not have the same level of vigilance against cyber threats as we should.
Jon-Louis Heimerl's picture
Social engineering attacks can happen at any time. Here are some strategies you can use to help reduce the chances of a successful social engineering/phishing attack you or your organization.
Aviv Raff's picture
Just as offices need to detect break-ins to keep criminals from committing industrial espionage, enterprises need to put more focus on detecting APTs and other advanced threats to keep adversaries from their network.
Aviv Raff's picture
There are four key reasons why cloud-based sandboxes are qualitatively more effective than on-premise appliances...
Jeff Hudson's picture
Organizations need to consider more than just the malware itself if they are to defend against it; the first step in defending against malicious code infections is ensuring that a strong trust infrastructure is in place and well secured.
Wade Williamson's picture
By shortening the scope of an attack, it’s far less likely that response teams will get the chance to analyze such attacks in situ, so to speak.
Wade Williamson's picture
Security in the era of APTs is everyone’s problem, and to truly adapt means each team in an enterprise has to push itself out of its traditional comfort zone. Let’s look at some of these challenges.
Shaun Donaldson's picture
What is it about public cloud that breaks traditional endpoint security? First, let’s consider how traditional endpoint anti-malware ended-up where it is today.