Security Experts:

WRITE FOR US
Siggi Stefnisson's picture

Siggi Stefnisson

Contact Siggi Stefnisson

Sigurdur “Siggi” Stefnisson is vice president of threat detection at Cyren, an Internet Security as a Service provider that protects users against cyberattacks and data breaches through cloud-based web security, email security, DNS security and sandboxing solutions.

Recent articles by Siggi Stefnisson

  • Evasive Malware, Meet Evasive Phishing
    “Evasive phishing" is not a term much heard, but we all will—and need to—start talking a lot more about it than we have in the past.
  • Phishing Training is a Tool, Not a Solution
    We should be thinking about how users work, what they do and how it affects the security posture of the business, but does security really start with them?
  • Who's Winning the Cybercrime Battle?
    If I have one wish for ‘Cybersecurity Awareness Month,’ it’s that we all need to be aware of the need for innovative responses on the part of the security industry, to counter a threat industry which is innovating both technical and business models at a rapid pace.
  • Malware Businesses Blending the Legitimate and the Illegitimate
    The truth is that quite a lot of malware is developed by an organization—an actual office of people that show up and spend their working day writing malware for a paycheck.
  • Weak Security Socializes Risk
    Companies often grant access to corporate data and give access to all sorts of systems with the expectation that their business partners will have reasonable security practices in place.
  • Cross-Vector Threats: The Web Begins Where Email Ends
    Ninety percent of breaches may begin with an email, but today most of the action happens well after an inbound email has been scanned and delivered.
  • Watch Out for Fileless Ransomware
    History shows that, in security, the next big thing isn’t always an entirely new thing. We have precedents—macro malware existed for decades before it really became a “thing.”
  • FUD Crypters Recycling Old Malware
    The FUD crypter service industry is giving a second life to a lot of old and kind-of-old malware, which can be pulled off the shelf by just about anybody with confused ethics and a Bitcoin account.
  • Evasive Malware Now a Commodity
    A study found that over 98 percent of malware making it to the sandbox array uses at least one evasive tactic, and 32 percent of malware samples making it to this stage could be classified as “hyper-evasive".
  • Necurs Botnet to Erupt This Month?
    Historical patterns and recent activity indicate that another major Necurs malware outbreak is looming just around the corner.
  • Downsides and Dangers of Cryptominers
    It remains to be seen whether more legitimate web operations will embrace the approach, but you can count on illegitimate and malicious use of cryptomining to grow robustly.
  • To Stop Phishing, Understand the Long Tail of Risk
    Even though I've been analyzing malware for the past 20 years, I do understand that internet security is not merely a technical problem, but also a business problem.
  • Ransomware and Bitcoin Enter New Phase
    I think it’s largely understood that the rise of a virtual, anonymized and easy-to-use payment system was a key factor in making ransomware the phenomenon it is today.
  • Victimized Twice: Cyber Criminals Target Natural Disasters
    When disaster strikes, cyber criminals are always right behind, ready to apply social engineering techniques to take advantage of both the victims and people wishing to help.
  • Survival of the Fittest: Why Locky Ransomware is Back
    In the cat-and-mouse game between security providers and malware authors, cybercriminals keep innovating and experimenting – a dynamic seen in the recent resurgence of the Locky ransomware.
  • Private, But Not Secure: HTTPS is Hiding Cybercrime
    SSL encryption can create blind spots in many organizations, as malware in the HTTPS channel is essentially hidden from most web security tools.