Security Experts:

long dotted


Hajime, a mysterious of Internet of Things (IoT) malware that emerged in October last year, has already ensnared around 300,000 devices in a botnet, Kaspersky Lab researchers say. [Read More]
Restaurant chain Chipotle informs customers that its payment processing systems have been hacked. Investigation ongoing [Read More]
Russia-linked cyberspy group Pawn Storm (aka APT28 and Fancy Bear) reportedly targeted French presidential candidate Emmanuel Macron [Read More]
Peter Yuryevich Levasho, the alleged author of the Kelihos botnet, has been charged in an eight-count indictment returned by a federal grand jury. [Read More]
Russian cybercriminal Valeryevich Seleznev was sentenced in the United States to 27 years in prison for hacking into point-of-sale (PoS) computers to steal credit card numbers. [Read More]
One of the tools allegedly used by the NSA-linked threat actor “Equation Group” and made public roughly a week ago has been already observed in live attacks. [Read More]
The Necurs botnet has switched back to delivering the Locky ransomware which is being distributed in high volumes. [Read More]
Denmark denounced Moscow's "aggressive" behavior after a report accused Russian hackers of infiltrating the defense ministry's email accounts. [Read More]
A recently discovered remote access Trojan (RAT) that abuses Excel macros in an innovative way has been active for more than two years, Palo Alto Networks security researchers reveal. [Read More]
The number of attacks involving exploits increased by 25% last year, but the number of attacked users dropped by 20%, says Kaspersky [Read More]


rss icon

Alastair Paterson's picture
Bad actors will do whatever they can to take advantage of this potentially lucrative tax season – so beware the Ides of April.
Scott Simkin's picture
When implemented as part of a natively-engineered security platform, these malware identification and prevention practices can reduce the operational burden put on security teams.
Alastair Paterson's picture
A recent look at insider trading on the dark web shows how underground operators use OPSEC to protect their businesses.
Jack Danahy's picture
Identifying malicious software by recognizing that it just damaged the system or exfiltrated some amount of information is no longer defense, but detection.
Lance Cottrell's picture
In addition to basic credit monitoring, breached companies need to get ahead of the attacks and start providing security solutions that actually protect the victims before they are victimized again.
Adam Meyer's picture
While malicious actors demanding ransoms is not new, the surge of organizations being targeted with fake extortion demands and empty threats is. Let’s look at how extortion campaigns are carried out through the “avenue of approach” lens.
Alastair Paterson's picture
It’s natural to think that their adversaries are all financially motivated, but many are not. In 2016 we saw drivers like hacktivism, ideological differences and intelligence gathering also motivating attacks.
Jack Danahy's picture
Protection against the effects of ransomware starts with a clear understanding of all of the means that attackers will use to implant that first malicious package.
Scott Simkin's picture
Attackers have developed anti-VM analysis techniques to allow the malware to recognize when it is being run on a virtual machine and fail to execute, meaning the system or threat analytics cannot make a verdict determination or extract intelligence from the sample.
Josh Lefkowitz's picture
It’s critical to recognize that there will always be virtual ways in which terrorists and other criminals can create threats that no border process or physical security program can stop.