Security Experts:

long dotted


Researchers have analyzed a piece of ransomware that doesn’t need to communicate with a C&C server to encrypt files on the infected computer.
XcodeGhost compiler malware updated with iOS 9 support. Infections spotted in US enterprises, FireEye warns.
San Diego-based based iboss Cybersecurity announced on Tuesday that it has raised $35 million in a Series A funding round from investment giant Goldman Sachs.
Hackers breached the systems of anti-adblocking service PageFair and used the access to deliver malware
A piece of malware called Chikdos infects MySQL servers and abuses them to conduct DDoS attacks.
The Dridex banking Trojan is still active, despite arrests and damage caused to the threat’s infrastructure.
Roughly 18,000 Android applications built using the Taomike SDK have been found to include SMS theft functionality.
Thousands of ecommerce websites powered by Magento deliver Andromeda/Gamarue malware via Neutrino exploit kit.
A recent attack campaign targeting the Israeli public sector has been using malicious Rich Text Format (RTF) documents to inject the Zeus Trojan.
HDRoot is a bootkit used by the Chinese APT Winnti to maintain persistence and deliver backdoors


rss icon

Danelle Au's picture
Trying to defend against modern, advanced attacks with one-off point solutions is like playing a whack-a-mole game, always one step behind the attacker and trying to play catch up with the alerts as they’re received.
Marc Solomon's picture
Mosquitoes are quite similar to malware. There are thousands of species and numerous ways to try to protect against them but each method has its limitations.
Aviv Raff's picture
Without the elements of prevention, detection, and protection all working together, threat actors will always have the advantage, and will find a way to carry out their illicit economic, political or social agendas.
Aviv Raff's picture
A combination of new threat actors, new attack approaches, and new masking tactics demand that enterprises redefine malware, and make all necessary investments in people, technology and systems to stay one step ahead.
Mark Hatton's picture
One of my concerns heading into these Olympic Games is that the public has become somewhat desensitized to cyber-attacks and we may not have the same level of vigilance against cyber threats as we should.
Jon-Louis Heimerl's picture
Social engineering attacks can happen at any time. Here are some strategies you can use to help reduce the chances of a successful social engineering/phishing attack you or your organization.
Aviv Raff's picture
Just as offices need to detect break-ins to keep criminals from committing industrial espionage, enterprises need to put more focus on detecting APTs and other advanced threats to keep adversaries from their network.
Aviv Raff's picture
There are four key reasons why cloud-based sandboxes are qualitatively more effective than on-premise appliances...
Jeff Hudson's picture
Organizations need to consider more than just the malware itself if they are to defend against it; the first step in defending against malicious code infections is ensuring that a strong trust infrastructure is in place and well secured.
Wade Williamson's picture
By shortening the scope of an attack, it’s far less likely that response teams will get the chance to analyze such attacks in situ, so to speak.