Security Experts:

long dotted

NEWS & INDUSTRY UPDATES

Flash Player vulnerability (CVE-2015-3090) fixed two weeks ago integrated into Angler exploit kit. The flaw is leveraged to deliver the Bedep Trojan.
Scareware disguised as Minecraft apps on Google Play downloaded by users up to 28 million times, says ESET.
Cybercriminals are using SVG image files to distribute CryptoWall ransomware. The malware might also be targeting school databases.
Penn State University said Friday that it disconnected the network of its college of engineering from the Internet in response to a cyber attack believed to be conducted by threat actors based in China.
The attack group "Naikon" has spent the last five years successfully infiltrating national organizations around the South China Sea in search of geo-political intelligence, Kaspersky Lab said.
Cybercriminals use the Bartalex macro malware to deliver the Dyre banking Trojan to enterprises. Most infections spotted in the United States.
Invincea has enhanced its offerings with new threat identification and response capabilities added to its container-based endpoint protection solution.
The attack launched by ISIS-linked hackers on the French TV station TV5Monde appears to have involved Kjw0rm, a RAT developed using Njw0rm source code.
Linux Australia server hacked. The attackers set up a botnet C&C server and they might have stolen the personal details of conference attendees.
Researchers at Trend Micro have identified a 64-bit version of the NewPosThings point-of-sale (PoS) malware.

FEATURES, INSIGHTS // Malware

rss icon

Marc Solomon's picture
Mosquitoes are quite similar to malware. There are thousands of species and numerous ways to try to protect against them but each method has its limitations.
Aviv Raff's picture
Without the elements of prevention, detection, and protection all working together, threat actors will always have the advantage, and will find a way to carry out their illicit economic, political or social agendas.
Aviv Raff's picture
A combination of new threat actors, new attack approaches, and new masking tactics demand that enterprises redefine malware, and make all necessary investments in people, technology and systems to stay one step ahead.
Mark Hatton's picture
One of my concerns heading into these Olympic Games is that the public has become somewhat desensitized to cyber-attacks and we may not have the same level of vigilance against cyber threats as we should.
Jon-Louis Heimerl's picture
Social engineering attacks can happen at any time. Here are some strategies you can use to help reduce the chances of a successful social engineering/phishing attack you or your organization.
Aviv Raff's picture
Just as offices need to detect break-ins to keep criminals from committing industrial espionage, enterprises need to put more focus on detecting APTs and other advanced threats to keep adversaries from their network.
Aviv Raff's picture
There are four key reasons why cloud-based sandboxes are qualitatively more effective than on-premise appliances...
Jeff Hudson's picture
Organizations need to consider more than just the malware itself if they are to defend against it; the first step in defending against malicious code infections is ensuring that a strong trust infrastructure is in place and well secured.
Wade Williamson's picture
By shortening the scope of an attack, it’s far less likely that response teams will get the chance to analyze such attacks in situ, so to speak.
Wade Williamson's picture
Security in the era of APTs is everyone’s problem, and to truly adapt means each team in an enterprise has to push itself out of its traditional comfort zone. Let’s look at some of these challenges.