Security Experts:

long dotted

NEWS & INDUSTRY UPDATES

The malware uses screen recording and keylogging to harvest users’ login credentials for banking applications and crypto-wallets. [Read More]
Russia’s APT29 is still actively delivering the WellMess malware, which it used in attacks aimed at COVID-19 vaccine makers, despite the fact that the malware was exposed by Western governments. [Read More]
Focused on high-profile victims, the Chinese-speaking adversary uses a formerly unknown Windows kernel-mode rootkit and does not appear to be linked to known threat actors. [Read More]
Foxit Software patches vulnerabilities that put users at risk of remote code execution attacks via specially crafted PDF files. [Read More]
A high-powered joint advisory calls attention to gaping holes in perimeter-type devices like VPN appliances, network access gateways and enterprise cloud applications. [Read More]
Google shares bug-bounty financial data and launches a new initiative to bring all of its vulnerability reporting programs into a single online platform. [Read More]
Apple ships an out-of-band security update and warns of active zero-day attacks targeting macOS and iOS users. [Read More]
Mozilla has completely removed support for the File Transfer Protocol (FTP) from in the latest release of its flagship Firefox browser. [Read More]
Intezer warns that threat actors are abusing Argo Workflows to target Kubernetes deployments and deploy crypto-miners. [Read More]
Kaseya has obtained a universal decryptor that should allow victims of the recent REvil ransomware attack to recover their files. [Read More]

FEATURES, INSIGHTS // Malware

rss icon

Idan Aharoni's picture
The fact that so many large and high-profile enterprises fall prey to ransomware attacks that in many cases does not pose any new technical challenge suggests that there are still many gaps that needs to be closed.
Gordon Lawson's picture
Threat hunting must be non-attributable, while maintaining a clear audit trail to satisfy legal and governance requirements.
Derek Manky's picture
Each side of the public-private collaboration has resources and capabilities that shore up the other and increase effectiveness in combatting cybercrime.
Tim Bandos's picture
The ransomware threat could still become more pervasive over the next two to three years, not because ransomware is effective in and of itself but because of other players in the game continue to fan the flames.
Derek Manky's picture
2020 has taught us to revisit the practice of inspecting encrypted traffic. These are all standard security protocols to step up in light of what cybercriminals are doing now.
Joshua Goldfarb's picture
Playing whack-a-mole with malicious code infections, phishing sites, and compromised credentials won’t help an enterprise reduce losses due to fraud.
Torsten George's picture
Ransomware is just one of many tactics, techniques, and procedures (TTPs) that threat actors are using to attack organizations by compromising remote user devices.
John Maddison's picture
Intent-based segmentation, deception technology, and an integrated security fabric are essential tools in beating malware designed to avoid detection and analysis.
Justin Fier's picture
The origin story of Mimikatz — a post-exploitation module that has enabled criminals to steal millions of passwords around the world — reads like an over-the-top spy thriller.
Siggi Stefnisson's picture
The truth is that quite a lot of malware is developed by an organization—an actual office of people that show up and spend their working day writing malware for a paycheck.