Security Experts:

long dotted

NEWS & INDUSTRY UPDATES

A malicious campaign is targeting organizations from a broad range of industries with a piece of malware known as Kwampirs, FBI warns. [Read More]
The financially-motivated hacking group FIN7 has started mailing malicious USB devices to intended victims to infect them with malware, the FBI warns. [Read More]
IBM and FireEye have spotted a campaign that relies on fake “COVID-19 Payment” emails to deliver the Zeus Sphinx banking trojan to people in the US, Canada and Australia. [Read More]
Russian cybercriminals targeted pharmaceutical and manufacturing companies in Western Europe and the attack likely involved two Windows vulnerabilities which Microsoft did not expect to be exploited. [Read More]
A recently observed campaign is attempting to infect the iPhones of users in Hong Kong with an iOS backdoor that allows attackers to take control of devices. [Read More]
A targeted and ongoing campaign first spotted last year has hit industrial organizations in the Middle East with a new Trojan. [Read More]
A newly launched service from abuse.ch aims to make it easy for the community to share known malware samples and access additional intelligence on them. [Read More]
University of Utah Health revealed last week that it discovered unauthorized access to some employee email accounts, along with a malware infection on one of its workstations. [Read More]
New Mexico school districts, universities, and government agencies have collectively spent millions of dollars to regain control of their computer systems after being hit by ransomware. [Read More]
UK financial technology company Finastra has disclosed a data breach that may involve ransomware. [Read More]

FEATURES, INSIGHTS // Malware

rss icon

John Maddison's picture
Intent-based segmentation, deception technology, and an integrated security fabric are essential tools in beating malware designed to avoid detection and analysis.
Justin Fier's picture
The origin story of Mimikatz — a post-exploitation module that has enabled criminals to steal millions of passwords around the world — reads like an over-the-top spy thriller.
Siggi Stefnisson's picture
The truth is that quite a lot of malware is developed by an organization—an actual office of people that show up and spend their working day writing malware for a paycheck.
Erin O’Malley's picture
When ransomware strikes, there aren’t many options for response and recovery. Essentially, you can choose your own adventure and hope for the best.
Siggi Stefnisson's picture
History shows that, in security, the next big thing isn’t always an entirely new thing. We have precedents—macro malware existed for decades before it really became a “thing.”
Siggi Stefnisson's picture
The FUD crypter service industry is giving a second life to a lot of old and kind-of-old malware, which can be pulled off the shelf by just about anybody with confused ethics and a Bitcoin account.
John Maddison's picture
Cryptojacking malware grew from impacting 13% of all organizations in Q4 of 2017 to 28% of companies in Q1 of 2018, more than doubling its footprint.
Siggi Stefnisson's picture
A study found that over 98 percent of malware making it to the sandbox array uses at least one evasive tactic, and 32 percent of malware samples making it to this stage could be classified as “hyper-evasive".
Justin Fier's picture
The cost of electricity has led some to take shortcuts in the search for power sources - individuals and organizations are now being breached by cyber-criminals seeking to take advantage of corporate infrastructures.
Siggi Stefnisson's picture
Historical patterns and recent activity indicate that another major Necurs malware outbreak is looming just around the corner.