Security Experts:

long dotted

NEWS & INDUSTRY UPDATES

An Android banking Trojan discovered a couple of years ago has become a global threat in the past months, after being updated with ransomware capabilities, Doctor Web security researchers warn. [Read More]
The malware used in the Bangladesh Central Bank theft and an unnamed bank in Vietnam could be be linked to other cyberattacks, including the massive attack against Sony Pictures in 2014. [Read More]
In a legal brief, Mozilla warns that “the security of millions of individuals using Mozilla’s Firefox Internet browser could be put at risk by a premature disclosure of the vulnerability. [Read More]
Onapsis warns that there are indicators of exploitation against 36 large-scale global enterprises around the world. [Read More]
Malware actors are exploiting the Flash Player vulnerability, which affects machines running Windows, Mac OS X, Linux and Chrome OS. [Read More]
The Bucbi ransomware, a threat detected back in early 2014, now uses RDP brute force attacks as its delivery mechanism. [Read More]
A new Android banking Trojan capable of spying on users and stealing credit card info is achieving persistency on infected devices by prompting for device administrator rights until the user gives in. [Read More]
The Chinese computer manufacturer is warning that multiple vulnerabilities in the "Lenovo Solution Center" could expose millions of users to malicious hacker attacks. [Read More]
A new information stealer Trojan has been spotted targeting the customers of banks in the United States and Mexico [Read More]
Adobe plans to address critical vulnerabilities in its widely deployed software for viewing, printing, and commenting on PDF documents. [Read More]

FEATURES, INSIGHTS // Malware

rss icon

Wade Williamson's picture
Although ransomware is commonly targeted at consumers, recent versions have targeted the enterprise with a vengeance. This has shifted ransomware from a nuisance to a potentially debilitating attack that can freeze critical assets and intellectual property.
Simon Crosby's picture
While data breaches aren’t going away anytime soon, every company has a choice of how they prepare for them. By focusing on the endpoint, businesses can better secure themselves with less cost and less time expended by the IT team.
Marc Solomon's picture
Given the continuous innovation by attackers, it’s likely that your malware analysis needs have exceeded the capabilities of traditional sandboxing technologies.
Wade Williamson's picture
By building security controls that identify and correlate the malicious behaviors of an attack, we can begin to the tip the scales back in our favor.
Wade Williamson's picture
Like most modern malware, Carbanak is not some autonomous bit of code running on its own, but rather a vehicle for a remote human attacker to watch, learn and remotely drive the attack.
Pat Calhoun's picture
Cybercriminals are getting increasingly sophisticated in their efforts to outsmart security defenses such as sandboxing. Here is a quick look at techniques used by attackers to evade sandbox detection.
Marc Solomon's picture
Malvertising underscores the need for an approach to security that addresses the full attack continuum. With ongoing visibility and control, and intelligent and continuous updates, security professionals can take action to stop the inevitable outbreak.
Wade Williamson's picture
The most important aspect for us as security professionals is to realize that the man-in-the-browser is not going away, and to understand what exactly has made it so successful.
Wade Williamson's picture
In the same way we have watched APT techniques trickle down from nation-state actors to more opportunistic criminals, we should expect MitB to expand from financial services to all types of applications.
Michael Callahan's picture
While attackers are constantly improving their evasion tactics to extend the lifetime of their malware, users can also leverage these types of evasion tactics to help prevent malware infection in the first place.