Security Experts:

long dotted

NEWS & INDUSTRY UPDATES

The official website of Ukraine-based accounting software developer Crystal Finance Millennium (CFM) was abused for the distribution of a variant of the ZeuS banking Trojan, Talos reports. [Read More]
The Necurs botnet ended the year sending tens of millions of spam emails daily as part of massive ransomware distribution campaigns. [Read More]
Clothing retailer Forever 21 informed customers that malware collected data from its payment systems for a period of more than 7 months [Read More]
Hundreds of thousands of attempts to exploit a recently discovered vulnerability in Huawei HG532 home routers have been observed over the past month, Check Point security researchers warn. [Read More]
Feedback Friday – Industry reactions to the United States and other countries accusing North Korea of launching the WannaCry attack [Read More]
Yet another plugin was removed from the WordPress repository after a backdoor was added to it following a recent update. [Read More]
A recently observed backdoor could be intended as the successor of the NetTraveler malware, Kaspersky Lab security researchers say. [Read More]
A recently discovered Android malware features a modular architecture that allows it to perform a broad range of nefarious activities, Kaspersky Lab researchers warn. [Read More]
A recently discovered Remote Access Trojan (RAT) is being distributed via documents that exploit a 17-year old Office vulnerability patched in November 2017. [Read More]
Researchers believe Iran used the Triton/Trisis ICS malware to attack a critical infrastructure organization in Saudi Arabia [Read More]

FEATURES, INSIGHTS // Malware

rss icon

Adam Meyer's picture
While malicious actors demanding ransoms is not new, the surge of organizations being targeted with fake extortion demands and empty threats is. Let’s look at how extortion campaigns are carried out through the “avenue of approach” lens.
Jack Danahy's picture
Protection against the effects of ransomware starts with a clear understanding of all of the means that attackers will use to implant that first malicious package.
Scott Simkin's picture
Attackers have developed anti-VM analysis techniques to allow the malware to recognize when it is being run on a virtual machine and fail to execute, meaning the system or threat analytics cannot make a verdict determination or extract intelligence from the sample.
Jack Danahy's picture
The impact of ransomware has expanded from an IT nuisance to attacks that can shut down and potentially ruin the businesses they infect.
Alastair Paterson's picture
Although ransomware and DDoS attacks have captured the attention of the security industry of late, a surge in trojan variants targeting banks across geographies is catching many by surprise.
Ashley Arbuckle's picture
With good security hygiene and a few basic measures you’ll be able to more effectively block, contain, and negate the impact of ransomware.
Wade Williamson's picture
There are computers within our computers that are largely beyond the scope of security, yet control everything we think we know about the device.
Erin O’Malley's picture
Hackers are humans, too, and most humans tend to veer toward the path of least resistance. So why wouldn’t they choose an easy—and lucrative—target like a hospital?
Alastair Paterson's picture
Cyber situational awareness can give you greater insights into the tools and processes used by actors that employ DDoS-based extortion and compromised data release extortion.
David Holmes's picture
A cyber espionage attack against Swiss defense firm RUAG was carried out by the Russia-linked hackers according to a report commissioned by the Swiss government.