Security Experts:

long dotted

NEWS & INDUSTRY UPDATES

The Washington DC police department suffered a massive leak of internal information after refusing to meet the blackmail demands of Russian-speaking ransomware syndicate. Experts say it’s the worst known ransomware attack ever to hit a U.S. police department. [Read More]
Ireland’s health service shut down its IT systems on Friday after being targeted in what it called a “significant ransomware attack.” [Read More]
Researchers find and document a way to leverage Apple’s Find My's Offline Finding network to upload arbitrary data to the Internet. [Read More]
The attackers use a new loader to deliver RevengeRAT or AsyncRAT and other tools for data harvesting and exfiltration. [Read More]
Norway-based green energy solutions provider Volue has been working on restoring systems after being hit by the Ryuk ransomware. [Read More]
Panaseer banks $26.5 million in Series B funding to build out a Continuous Controls Monitoring (CCM) platform to help organizations identify assets and manage security controls. [Read More]
At least five Russian speaking threat actors have been identified as affiliates with the DarkSide RaaS. [Read More]
Industry professionals comment on the highly disruptive ransomware attack that hit Colonial Pipeline, the largest refined products pipeline in the United States. [Read More]
Cycode, an Israeli startup focused on securing DevOps tools, has raised $20 million in Series A funding. [Read More]
Adobe warns that a "priority 1" security flaw has been exploited in the wild in “limited attacks targeting Adobe Reader users on Windows.” [Read More]

FEATURES, INSIGHTS // Malware

rss icon

Derek Manky's picture
Each side of the public-private collaboration has resources and capabilities that shore up the other and increase effectiveness in combatting cybercrime.
Tim Bandos's picture
The ransomware threat could still become more pervasive over the next two to three years, not because ransomware is effective in and of itself but because of other players in the game continue to fan the flames.
Derek Manky's picture
2020 has taught us to revisit the practice of inspecting encrypted traffic. These are all standard security protocols to step up in light of what cybercriminals are doing now.
Joshua Goldfarb's picture
Playing whack-a-mole with malicious code infections, phishing sites, and compromised credentials won’t help an enterprise reduce losses due to fraud.
Torsten George's picture
Ransomware is just one of many tactics, techniques, and procedures (TTPs) that threat actors are using to attack organizations by compromising remote user devices.
John Maddison's picture
Intent-based segmentation, deception technology, and an integrated security fabric are essential tools in beating malware designed to avoid detection and analysis.
Justin Fier's picture
The origin story of Mimikatz — a post-exploitation module that has enabled criminals to steal millions of passwords around the world — reads like an over-the-top spy thriller.
Siggi Stefnisson's picture
The truth is that quite a lot of malware is developed by an organization—an actual office of people that show up and spend their working day writing malware for a paycheck.
Erin O’Malley's picture
When ransomware strikes, there aren’t many options for response and recovery. Essentially, you can choose your own adventure and hope for the best.
Siggi Stefnisson's picture
History shows that, in security, the next big thing isn’t always an entirely new thing. We have precedents—macro malware existed for decades before it really became a “thing.”