Security Experts:

long dotted

NEWS & INDUSTRY UPDATES

After analyzing malicious traffic from its customers' networks, Cisco found that roughly 94 percent of them had issued DNS requests to hostnames with IP addresses associated with the distribution of malware that incorporates man-in-the-browser.
Researchers have analyzed a remote administration tool (RAT) that's capable of using popular webmail and other types of services for command and control (C&C) communications.
Researchers at Trend Micro have analyzed a new Trojan that uses the Windows registry to hide all it's malicious code.
Security firms have discovered a new piece of malware that uses GNU Privacy Guard (GnuPG) to encrypt files and hold them for ransom.
Researchers at FireEye have analyzed the operations of the advanced persistent threat (APT) group dubbed "Pitty Tiger," and determined that it might have been active since as far back as 2008.
USB controller chips in peripherals can be reprogrammed to spoof other devices and there's little or no protection to protect against it.
Israel-based threat detection firm Seculert has been monitoring the effects of the recent Gameover Zeus and Shylock botnet takedown operations, and found that the cybercriminals have already taken steps to resurrect their campaigns.
Kaspersky Lab has published a new research paper on Koler, the "police" ransomware that has been targeting Android users since April.
The crash of the Malaysia Airlines flight MH17 in eastern Ukraine on June 17 continues to make headlines, making it a perfect event for cybercriminals to leverage in their malicious campaigns.
Starting with Firefox 31, the malware detection mechanism integrated into the Web browser has been expanded to include downloaded files, Mozilla announced on Wednesday.

FEATURES, INSIGHTS // Malware

rss icon

Jon-Louis Heimerl's picture
Social engineering attacks can happen at any time. Here are some strategies you can use to help reduce the chances of a successful social engineering/phishing attack you or your organization.
Aviv Raff's picture
Just as offices need to detect break-ins to keep criminals from committing industrial espionage, enterprises need to put more focus on detecting APTs and other advanced threats to keep adversaries from their network.
Aviv Raff's picture
There are four key reasons why cloud-based sandboxes are qualitatively more effective than on-premise appliances...
Jeff Hudson's picture
Organizations need to consider more than just the malware itself if they are to defend against it; the first step in defending against malicious code infections is ensuring that a strong trust infrastructure is in place and well secured.
Wade Williamson's picture
By shortening the scope of an attack, it’s far less likely that response teams will get the chance to analyze such attacks in situ, so to speak.
Wade Williamson's picture
Security in the era of APTs is everyone’s problem, and to truly adapt means each team in an enterprise has to push itself out of its traditional comfort zone. Let’s look at some of these challenges.
Shaun Donaldson's picture
What is it about public cloud that breaks traditional endpoint security? First, let’s consider how traditional endpoint anti-malware ended-up where it is today.
Marc Solomon's picture
To detect, understand and stop advanced threats you need new tools and techniques that enable you to always watch, never forget and take action should a file be determined to be malicious at a later time. In effect, you need to be able to turn back time.
Marc Solomon's picture
Defenders need a new threat-centric approach to security to address the full attack continuum – before, during and after an attack – with continuous visibility into indicators of compromise and retrospective security to quickly contain and stop the damage.
Wade Williamson's picture
It’s important we remember that IT security is essentially an asymmetric struggle. If we don’t adapt, we simply play into the hands of those who want to attack us.