Security Experts:

long dotted

NEWS & INDUSTRY UPDATES

The Shadow Brokers have released more NSA exploits, along with a message to US President Donald Trump [Read More]
Researchers have discovered a strange new ransomware called 'rensenWare'. Rather than demanding money for decryption, it requires the victim to score points to decrypt files. [Read More]
Hackers linked to China hijacked the website of a U.S. trade group in an effort to deliver reconnaissance malware to visitors [Read More]
Recently patched Apache Struts 2 vulnerability is now being used to deliver Cerber ransomware to Windows servers [Read More]
Cyberespionage group apparently not linked to any previously known actor uses Windows and Android malware to target organizations in the Middle East [Read More]
A newly discovered remote administration tool (RAT) uses popular legitimate websites for its command and control (C&C) communication and for the exfiltration of data. [Read More]
NoMoreRansom, a project launched in 2016 by Europol, the Dutch National Police, Kaspersky Lab and Intel Security (now once again McAfee) has published its latest progress report. [Read More]
Researchers identified a backdoor linking the Russian-speaking Turla actor to Moonlight Maze, one of the earliest cyberespionage operations [Read More]
A recently discovered piece of malware allows attackers to remotely control compromised ATMs (automated teller machines), Kaspersky Lab reveals. [Read More]
Russia-linked APT29 group uses a stealthy backdoor dubbed POSHSPY to maintain access to targeted systems [Read More]

FEATURES, INSIGHTS // Malware

rss icon

Alastair Paterson's picture
Cyber situational awareness can give you greater insights into the tools and processes used by actors that employ DDoS-based extortion and compromised data release extortion.
David Holmes's picture
A cyber espionage attack against Swiss defense firm RUAG was carried out by the Russia-linked hackers according to a report commissioned by the Swiss government.
Wade Williamson's picture
Behavioral detection models can focus in on what the attacker actually does, instead of relying on a set of signatures or known indicators of compromise that often lag behind attackers.
Jack Danahy's picture
Typical lockdown or encryption of a system happens within a minute or two of the ransomware’s execution. At that point, there are only two choices left: pay or start cleaning up.
Torsten George's picture
What do enterprises need to know about ransomware attacks and what can they do to minimize the risk of being victimized?
Jennifer Blatnik's picture
It is critical for business leadership to address the growing threat of ransomware as a business risk rather than a siloed IT issue.
Wade Williamson's picture
The evolution of ransomware from simple malware to more persistent attacks has a major impact on the way enterprise security teams have to think about mitigation.
Scott Gainey's picture
By monitoring for and detecting the underlying and shared behaviors of malware we can effectively stop ransomware infections before they can cause damage.
Shlomo Kramer's picture
Mid-market enterprises with limited resources and weak defenses are a particularly good target for ransomware attacks: they have just enough assets worth paying for, and the capital to do so.
Scott Gainey's picture
Companies need educate employees about ransomware, and the techniques criminals use to launch attacks such as phishing emails or distribution through social media channels.