Security Experts:

long dotted

NEWS & INDUSTRY UPDATES

Researchers at Kaspersky Lab have uncovered a new malware sample designed to target Linux operating systems, that has been used by the notorious advanced persistent threat (APT) group called "Turla" (also known as Snake and Uroburos).
Cybercriminals have been using a new variant of the Neverquest malware to target the customers of financial institutions, researchers at IBM Trusteer reported.
North Korea denied Sunday involvement in a brazen cyber attack on Sony Pictures, but praised it as a "righteous deed" potentially orchestrated by supporters furious over a Hollywood comedy depicting a fictional CIA plot to assassinate leader Kim Jong-Un.
Researchers from Trend Micro say have identified the piece of malware that appears to have been used in the recent cyberattack targeting the corporate network of Sony Pictures.
A sample of a new piece of malware designed to target point-of-sale (PoS) systems was submitted to VirusTotal a few days ago, according to researchers who analyzed the malware.
Researchers have sinkholed the command and control (C&C) domains used by the CryptoPHP malware and determined that tens of thousands of websites have been affected.
Researchers at Trend Micro have come across a sample of a new point-of-sale (PoS) malware that appears to be under development.
Industry experts provide feedback on malware dubbed “Regin,” a Trojan that has been used since 2008 in attacks against private individuals and small businesses, and sectors such as telecoms, hospitality, energy, aviation, and research.
Researchers have created custom malware samples in an effort to test the effectiveness of some top advanced persistent threat (APT) attack detection appliances.
The creators of the Android remote administration tool (RAT) called DroidJack started off as legitimate application developers, but when they realized that their products were not as successful as they had hoped, they turned to developing a crimeware tool.

FEATURES, INSIGHTS // Malware

rss icon

Marc Solomon's picture
Malvertising underscores the need for an approach to security that addresses the full attack continuum. With ongoing visibility and control, and intelligent and continuous updates, security professionals can take action to stop the inevitable outbreak.
Wade Williamson's picture
The most important aspect for us as security professionals is to realize that the man-in-the-browser is not going away, and to understand what exactly has made it so successful.
Wade Williamson's picture
In the same way we have watched APT techniques trickle down from nation-state actors to more opportunistic criminals, we should expect MitB to expand from financial services to all types of applications.
Michael Callahan's picture
While attackers are constantly improving their evasion tactics to extend the lifetime of their malware, users can also leverage these types of evasion tactics to help prevent malware infection in the first place.
Marc Solomon's picture
Many continue to click on links or attachments sent via email without taking any steps to verify the origin of the email or the validity of the link or attachment. It only takes one click to for an attacker to establish a foothold in the target’s systems.
Danelle Au's picture
Trying to defend against modern, advanced attacks with one-off point solutions is like playing a whack-a-mole game, always one step behind the attacker and trying to play catch up with the alerts as they’re received.
Marc Solomon's picture
Mosquitoes are quite similar to malware. There are thousands of species and numerous ways to try to protect against them but each method has its limitations.
Aviv Raff's picture
Without the elements of prevention, detection, and protection all working together, threat actors will always have the advantage, and will find a way to carry out their illicit economic, political or social agendas.
Aviv Raff's picture
A combination of new threat actors, new attack approaches, and new masking tactics demand that enterprises redefine malware, and make all necessary investments in people, technology and systems to stay one step ahead.
Mark Hatton's picture
One of my concerns heading into these Olympic Games is that the public has become somewhat desensitized to cyber-attacks and we may not have the same level of vigilance against cyber threats as we should.