Security Experts:
LATEST SECURITY NEWS HEADLINES
NEWS & INDUSTRY UPDATES
The China-linked cyberspy group known as APT10 has targeted a US law firm, a major Norwegian MSP, and an international apparel company in an extended cyber-espionage campaign. [Read More]
A malware attack using a newly discovered backdoor has been targeting the mailing list of the organization officially representing the Tibetan government-in-exile. [Read More]
Huddle House, a casual dining and fast food chain with over 300 restaurants, informs customers of a payment card breach. [Read More]
A new backdoor is targeting Linux servers in East Asia and Latin America, including Amazon Web Services (AWS) hosted machines, Check Point security researchers say. [Read More]
A recently discovered piece of Mac malware is targeting browser cookies associated with mainstream cryptocurrency exchanges and wallet service websites, as well as personal user information, Palo Alto Networks security researchers say. [Read More]
The Ursnif Trojan has been using a fileless attack technique and CAB files to compress harvested data before exfiltration in recent attacks. [Read More]
Infamous "Cobalt" hacking group has been using Google App Engine for the delivery of malware through PDF decoy documents, security researchers say. [Read More]
Spam campaigns that have active during the last several months have been distributing the Redaman banking malware, Palo Alto Networks security researchers say. [Read More]
The 2019 State of Malware report from Malwarebytes is packed with statistics on when, where and what malware was detected through 2018. [Read More]
Kaspersky researchers discover links, including shared C&C infrastructure, between GreyEnergy and Zebrocy, both of which have been tied to Russia. [Read More]
- 1 of 177
- ››
FEATURES, INSIGHTS // Malware
The truth is that quite a lot of malware is developed by an organization—an actual office of people that show up and spend their working day writing malware for a paycheck.
When ransomware strikes, there aren’t many options for response and recovery. Essentially, you can choose your own adventure and hope for the best.
History shows that, in security, the next big thing isn’t always an entirely new thing. We have precedents—macro malware existed for decades before it really became a “thing.”
The FUD crypter service industry is giving a second life to a lot of old and kind-of-old malware, which can be pulled off the shelf by just about anybody with confused ethics and a Bitcoin account.
Cryptojacking malware grew from impacting 13% of all organizations in Q4 of 2017 to 28% of companies in Q1 of 2018, more than doubling its footprint.
A study found that over 98 percent of malware making it to the sandbox array uses at least one evasive tactic, and 32 percent of malware samples making it to this stage could be classified as “hyper-evasive".
The cost of electricity has led some to take shortcuts in the search for power sources - individuals and organizations are now being breached by cyber-criminals seeking to take advantage of corporate infrastructures.
Historical patterns and recent activity indicate that another major Necurs malware outbreak is looming just around the corner.
It remains to be seen whether more legitimate web operations will embrace the approach, but you can count on illegitimate and malicious use of cryptomining to grow robustly.
Take a step back and realize that cryptocurrency mining is really just another form of malware, which is something you should be good at finding already.
- 1 of 13
- ››
SecurityWeek Daily Briefing
- Cryptojacking Applications Land in Microsoft Store
- US Says Ex-intel Official Defected to Iran, Revealed Secrets
- DHS Cyber Leader Says 2020 Security Preparations Underway
- CSRF Vulnerability in Facebook Earns Researcher $25,000
- Mozilla, Others Want Big Retailers to Pledge Minimum IoT Security
- Facebook Taps User Data to Defend Workers From Threats
- Hackers Target WordPress Sites via WP Cost Estimation Plugin
- New Variant of Shlayer macOS Malware Discovered
- Germany to Let NATO Use its Cyber Skills
- Google Paid Out $3.4 Million for Vulnerabilities Reported in 2018
Copyright © 2019 Wired Business Media. All Rights Reserved. Privacy Policy