Security Experts:

long dotted

NEWS & INDUSTRY UPDATES

Mysterious cybercrime group has targeted industrial organizations in Europe, Asia and North America as part of an information theft campaign. [Read More]
Uber has turned the CISO reins to NewsCorp executive Latha Maripuri, while Square taps a Google veteran to be manage its security program. [Read More]
Microsoft has raised the alarm after discovering Chinese cyber-espionage operators chaining multiple zero-day exploits to siphon e-mail data from corporate Microsoft Exchange servers. [Read More]
A Ryuk ransomware variant observed in early 2021 is capable of lateral movement within the infected networks. [Read More]
Threat intelligence vendor Recorded Future is reporting a wave of targeted attacks against power plants, electricity distribution centers and seaports in India. [Read More]
Asian food distributor JFC International says its IT systems were briefly disrupted by a ransomware attack. [Read More]
NEWS ANALYSIS: Armorblox raises $30 million and joins a growing list of well-heeled startups taking a stab addressing one of cybersecurity’s most difficult problems: keeping malicious hackers out of corporate mailboxes. [Read More]
Ukraine says its government agencies have been targeted by Russia in DDoS and supply chain attacks. [Read More]
Bot protection startup PerimeterX raises $57 million more in new financing to fuel its push into new markets globally. [Read More]
Active for at least two years, the threat actor switched from PowerShell Empire to using the Koadic and Octopus RATs. [Read More]

FEATURES, INSIGHTS // Malware

rss icon

Derek Manky's picture
Each side of the public-private collaboration has resources and capabilities that shore up the other and increase effectiveness in combatting cybercrime.
Tim Bandos's picture
The ransomware threat could still become more pervasive over the next two to three years, not because ransomware is effective in and of itself but because of other players in the game continue to fan the flames.
Derek Manky's picture
2020 has taught us to revisit the practice of inspecting encrypted traffic. These are all standard security protocols to step up in light of what cybercriminals are doing now.
Joshua Goldfarb's picture
Playing whack-a-mole with malicious code infections, phishing sites, and compromised credentials won’t help an enterprise reduce losses due to fraud.
Torsten George's picture
Ransomware is just one of many tactics, techniques, and procedures (TTPs) that threat actors are using to attack organizations by compromising remote user devices.
John Maddison's picture
Intent-based segmentation, deception technology, and an integrated security fabric are essential tools in beating malware designed to avoid detection and analysis.
Justin Fier's picture
The origin story of Mimikatz — a post-exploitation module that has enabled criminals to steal millions of passwords around the world — reads like an over-the-top spy thriller.
Siggi Stefnisson's picture
The truth is that quite a lot of malware is developed by an organization—an actual office of people that show up and spend their working day writing malware for a paycheck.
Erin O’Malley's picture
When ransomware strikes, there aren’t many options for response and recovery. Essentially, you can choose your own adventure and hope for the best.
Siggi Stefnisson's picture
History shows that, in security, the next big thing isn’t always an entirely new thing. We have precedents—macro malware existed for decades before it really became a “thing.”