Security Experts:

Siggi Stefnisson's picture

Siggi Stefnisson

Sigurdur “Siggi” Stefnisson is vice president of threat detection at Cyren, an Internet Security as a Service provider that protects users against cyberattacks and data breaches through cloud-based web security, email security, DNS security and sandboxing solutions.

Recent articles by Siggi Stefnisson

  • Companies often grant access to corporate data and give access to all sorts of systems with the expectation that their business partners will have reasonable security practices in place.
  • Ninety percent of breaches may begin with an email, but today most of the action happens well after an inbound email has been scanned and delivered.
  • History shows that, in security, the next big thing isn’t always an entirely new thing. We have precedents—macro malware existed for decades before it really became a “thing.”
  • The FUD crypter service industry is giving a second life to a lot of old and kind-of-old malware, which can be pulled off the shelf by just about anybody with confused ethics and a Bitcoin account.
  • A study found that over 98 percent of malware making it to the sandbox array uses at least one evasive tactic, and 32 percent of malware samples making it to this stage could be classified as “hyper-evasive".
  • Historical patterns and recent activity indicate that another major Necurs malware outbreak is looming just around the corner.
  • It remains to be seen whether more legitimate web operations will embrace the approach, but you can count on illegitimate and malicious use of cryptomining to grow robustly.
  • Even though I've been analyzing malware for the past 20 years, I do understand that internet security is not merely a technical problem, but also a business problem.
  • I think it’s largely understood that the rise of a virtual, anonymized and easy-to-use payment system was a key factor in making ransomware the phenomenon it is today.
  • When disaster strikes, cyber criminals are always right behind, ready to apply social engineering techniques to take advantage of both the victims and people wishing to help.
  • In the cat-and-mouse game between security providers and malware authors, cybercriminals keep innovating and experimenting – a dynamic seen in the recent resurgence of the Locky ransomware.
  • SSL encryption can create blind spots in many organizations, as malware in the HTTPS channel is essentially hidden from most web security tools.