Security Experts:
LATEST SECURITY NEWS HEADLINES
NEWS & INDUSTRY UPDATES
The malware uses screen recording and keylogging to harvest users’ login credentials for banking applications and crypto-wallets. [Read More]
Russia’s APT29 is still actively delivering the WellMess malware, which it used in attacks aimed at COVID-19 vaccine makers, despite the fact that the malware was exposed by Western governments. [Read More]
Focused on high-profile victims, the Chinese-speaking adversary uses a formerly unknown Windows kernel-mode rootkit and does not appear to be linked to known threat actors. [Read More]
Foxit Software patches vulnerabilities that put users at risk of remote code execution attacks via specially crafted PDF files. [Read More]
A high-powered joint advisory calls attention to gaping holes in perimeter-type devices like VPN appliances, network access gateways and enterprise cloud applications. [Read More]
Google shares bug-bounty financial data and launches a new initiative to bring all of its vulnerability reporting programs into a single online platform. [Read More]
Apple ships an out-of-band security update and warns of active zero-day attacks targeting macOS and iOS users. [Read More]
Mozilla has completely removed support for the File Transfer Protocol (FTP) from in the latest release of its flagship Firefox browser. [Read More]
Intezer warns that threat actors are abusing Argo Workflows to target Kubernetes deployments and deploy crypto-miners. [Read More]
Kaseya has obtained a universal decryptor that should allow victims of the recent REvil ransomware attack to recover their files. [Read More]
- 1 of 267
- ››
FEATURES, INSIGHTS // Malware
The fact that so many large and high-profile enterprises fall prey to ransomware attacks that in many cases does not pose any new technical challenge suggests that there are still many gaps that needs to be closed.
Threat hunting must be non-attributable, while maintaining a clear audit trail to satisfy legal and governance requirements.
Each side of the public-private collaboration has resources and capabilities that shore up the other and increase effectiveness in combatting cybercrime.
The ransomware threat could still become more pervasive over the next two to three years, not because ransomware is effective in and of itself but because of other players in the game continue to fan the flames.
2020 has taught us to revisit the practice of inspecting encrypted traffic. These are all standard security protocols to step up in light of what cybercriminals are doing now.
Playing whack-a-mole with malicious code infections, phishing sites, and compromised credentials won’t help an enterprise reduce losses due to fraud.
Ransomware is just one of many tactics, techniques, and procedures (TTPs) that threat actors are using to attack organizations by compromising remote user devices.
Intent-based segmentation, deception technology, and an integrated security fabric are essential tools in beating malware designed to avoid detection and analysis.
The origin story of Mimikatz — a post-exploitation module that has enabled criminals to steal millions of passwords around the world — reads like an over-the-top spy thriller.
The truth is that quite a lot of malware is developed by an organization—an actual office of people that show up and spend their working day writing malware for a paycheck.
- 1 of 14
- ››
Get the Daily Briefing
- Oregon Examines Spyware Investment Amid Controversy
- Black Hat Keynote: Mobile Platforms 'Actively Obstructing' Zero-Day Malware Hunters
- Senate Report: Federal Agencies Still Have Poor Cybersecurity Practices
- Advanced Technology Ventures Discloses Ransomware Attack
- New CISA and NSA Guidance Details Steps to Harden Kubernetes Systems
- ICS Vendors Address Vulnerabilities Affecting Widely Used Licensing Product
- Chinese Cyberspy Group APT31 Starts Targeting Russia
- Google Patches Several Chrome Flaws That Can Be Exploited via Malicious Extensions
- Vulnerabilities in NicheStack TCP/IP Stack Affect Many OT Device Vendors
- Google Patches High-Risk Android Security Flaws
Copyright © 2021 Wired Business Media. All Rights Reserved. Privacy Policy