Security Experts:

long dotted

NEWS & INDUSTRY UPDATES

A recently discovered Hidden Tear ransomware offspring called "Karmen" is being sold on underground forums as a Ransomware-as-a-Service (RaaS), priced at just $175. [Read More]
Company confirms cybercriminals used malware to steal payment card data from nearly 40 Shoney’s restaurants [Read More]
Microsoft assures customers that the latest Shadow Brokers exploits have already been patched, including several with March updates [Read More]
Cerber, one of the most active malware families over the past year, has increased its share of the ransomware market to 87% in the first quarter of 2017. [Read More]
Malware used in targeted attacks in South Korea and Japan padded with junk data to evade detection - sample sizes range between 50 Mb and 200 Mb [Read More]
Callisto is a threat actor that has spied on entities with an interest in foreign and security policy in Europe and South Caucasus [Read More]
A Microsoft Office 0-day vulnerability (CVE-2017-0199) that was disclosed just days ago is already being exploited by attackers associated with malware families such as Latentbot and WingBird. [Read More]
While the Sundown Exploit Kit has been inactive for the past month or so, the recent Terror Exploit Kit is being used in new campaigns, researchers say. [Read More]
A recently revealed zero-day vulnerability in Microsoft Office is being exploited by the Dridex banking Trojan to compromise computers. [Read More]
Symantec determined that some of WikiLeaks’ CIA exploits are very similar to ones used by a cyberespionage group it tracks as Longhorn [Read More]

FEATURES, INSIGHTS // Malware

rss icon

Scott Simkin's picture
When implemented as part of a natively-engineered security platform, these malware identification and prevention practices can reduce the operational burden put on security teams.
Jack Danahy's picture
Identifying malicious software by recognizing that it just damaged the system or exfiltrated some amount of information is no longer defense, but detection.
Adam Meyer's picture
While malicious actors demanding ransoms is not new, the surge of organizations being targeted with fake extortion demands and empty threats is. Let’s look at how extortion campaigns are carried out through the “avenue of approach” lens.
Jack Danahy's picture
Protection against the effects of ransomware starts with a clear understanding of all of the means that attackers will use to implant that first malicious package.
Scott Simkin's picture
Attackers have developed anti-VM analysis techniques to allow the malware to recognize when it is being run on a virtual machine and fail to execute, meaning the system or threat analytics cannot make a verdict determination or extract intelligence from the sample.
Jack Danahy's picture
The impact of ransomware has expanded from an IT nuisance to attacks that can shut down and potentially ruin the businesses they infect.
Alastair Paterson's picture
Although ransomware and DDoS attacks have captured the attention of the security industry of late, a surge in trojan variants targeting banks across geographies is catching many by surprise.
Ashley Arbuckle's picture
With good security hygiene and a few basic measures you’ll be able to more effectively block, contain, and negate the impact of ransomware.
Wade Williamson's picture
There are computers within our computers that are largely beyond the scope of security, yet control everything we think we know about the device.
Erin O’Malley's picture
Hackers are humans, too, and most humans tend to veer toward the path of least resistance. So why wouldn’t they choose an easy—and lucrative—target like a hospital?