Security Experts:

long dotted

NEWS & INDUSTRY UPDATES

HTML5 will not prevent malvertising. This has nothing to do with HTML5 per se, but is down to the nature of the adverts themselves. [Read More]
Seven years after it emerged, the Confiker worm is the most prominent malware family. [Read More]
Over the past two months, Cerber ransomware campaigns have focused mainly on three geographies: the United States, Turkey, and the United Kingdom. [Read More]
Malware authors have been long using JavaScript to distribute their malicious applications, but none of them has created a piece of ransomware using exclusively JavaScript until now. [Read More]
Malware authors are switching from macros to object linking and embedding (OLE) to hide malicious Visual Basic and JavaScript scripts in Office documents, Microsoft warns. [Read More]
The PhotoMiner worm spreads through infecting websites that are hosted on FTP servers, and brings its authors money by mining for the Monero crypto-currency. [Read More]
The leaked source code of the Carberp Trojan has spawned numerous malware variations, including Bolek, a polymorphic file malware showing increased sophistication. [Read More]
Malicious email campaigns spreading the Dridex banking Trojan and the Locky ransomware have been inactive for over a week after the Necurs botnet experienced an outage. [Read More]
The developers of SNSLocker ransomware included credentials to access to their server in the ransomware’s code and forgot to remove them before beginning their infection campaign. [Read More]
Researchers at SecureWorks warn that a lesser-known capability in Background Intelligent Transfer Service (BITS) is being leveraged to download malware. [Read More]

FEATURES, INSIGHTS // Malware

rss icon

Scott Gainey's picture
To replace antivirus, consider alternatives that integrate prediction, prevention, detection and remediation to protect against advanced threats that employ a wide variety of attack vectors.
Simon Crosby's picture
We owe the richness of today’s Web to the micro-payment model of online advertising, and it is difficult to imagine an alternative. But there are consequences for anyone who uses the Internet, although they may not realize it.
Bill Sweeney's picture
While the battlefield and rules of engagement have changed, the people fighting the battle against APTs remain as committed as ever.
Wade Williamson's picture
Although ransomware is commonly targeted at consumers, recent versions have targeted the enterprise with a vengeance. This has shifted ransomware from a nuisance to a potentially debilitating attack that can freeze critical assets and intellectual property.
Simon Crosby's picture
While data breaches aren’t going away anytime soon, every company has a choice of how they prepare for them. By focusing on the endpoint, businesses can better secure themselves with less cost and less time expended by the IT team.
Marc Solomon's picture
Given the continuous innovation by attackers, it’s likely that your malware analysis needs have exceeded the capabilities of traditional sandboxing technologies.
Wade Williamson's picture
By building security controls that identify and correlate the malicious behaviors of an attack, we can begin to the tip the scales back in our favor.
Wade Williamson's picture
Like most modern malware, Carbanak is not some autonomous bit of code running on its own, but rather a vehicle for a remote human attacker to watch, learn and remotely drive the attack.
Pat Calhoun's picture
Cybercriminals are getting increasingly sophisticated in their efforts to outsmart security defenses such as sandboxing. Here is a quick look at techniques used by attackers to evade sandbox detection.
Marc Solomon's picture
Malvertising underscores the need for an approach to security that addresses the full attack continuum. With ongoing visibility and control, and intelligent and continuous updates, security professionals can take action to stop the inevitable outbreak.