Security Experts:
LATEST SECURITY NEWS HEADLINES
NEWS & INDUSTRY UPDATES
Olympic Destroyer, the malware used in a campaign targeting the recent Olympic Winter Games, has now been used in attacks aimed at bio-chemical threat research organizations in Germany, France, the Netherlands, Switzerland and Ukraine [Read More]
The Betabot Trojan is being spread in a multi-stage attack that starts with malicious Office documents attempting to exploit a 17-year old vulnerability. [Read More]
DHS and FBI publish another report describing a piece of malware allegedly used by the North Korean government. The malware is tracked as 'Typeframe' [Read More]
Chinese threat actor known as APT15, Ke3chang, Mirage, Vixen Panda and Playful Dragon creates new MirageFox malware, and researchers have found similarities to the first malware used by the group [Read More]
Trend Micro analyzes new campaign that appears to be linked to MuddyWater espionage [Read More]
New Android banking Trojan named MysteryBot, which researchers linked to LokiBot, leverages some interesting techniques for phishing and logging keystrokes [Read More]
China-linked cyber espionage group known as LuckyMouse, Emissary Panda and APT27 targets national data center in Central Asia, likely in an effort to conduct watering hole attacks on government sites [Read More]
Cryptocurrency miner malware PyRoMineIoT uses NSA-linked exploit to spread and leverages infected machines to scan for vulnerable IoT devices [Read More]
The popularity of cryptocurrency mining malware has been skyrocketing over the past year, and the segment appears to have been highly lucrative for cybercriminals [Read More]
ActiveX zero-day vulnerability discovered recently on the website of a South Korean think tank focused on national security has been abused by North Korea’s Lazarus group [Read More]
- 1 of 163
- ››
FEATURES, INSIGHTS // Malware
History shows that, in security, the next big thing isn’t always an entirely new thing. We have precedents—macro malware existed for decades before it really became a “thing.”
The FUD crypter service industry is giving a second life to a lot of old and kind-of-old malware, which can be pulled off the shelf by just about anybody with confused ethics and a Bitcoin account.
Cryptojacking malware grew from impacting 13% of all organizations in Q4 of 2017 to 28% of companies in Q1 of 2018, more than doubling its footprint.
A study found that over 98 percent of malware making it to the sandbox array uses at least one evasive tactic, and 32 percent of malware samples making it to this stage could be classified as “hyper-evasive".
The cost of electricity has led some to take shortcuts in the search for power sources - individuals and organizations are now being breached by cyber-criminals seeking to take advantage of corporate infrastructures.
Historical patterns and recent activity indicate that another major Necurs malware outbreak is looming just around the corner.
It remains to be seen whether more legitimate web operations will embrace the approach, but you can count on illegitimate and malicious use of cryptomining to grow robustly.
Take a step back and realize that cryptocurrency mining is really just another form of malware, which is something you should be good at finding already.
There are several mitigation measures and best practices that you can adopt to improve your organization’s security posture and reduce the risk of supply chain infections.
In the cat-and-mouse game between security providers and malware authors, cybercriminals keep innovating and experimenting – a dynamic seen in the recent resurgence of the Locky ransomware.
- 1 of 13
- ››
SecurityWeek Daily Briefing
- Oracle Patches New Spectre, Meltdown Vulnerabilities
- Tesla Breach: Malicious Insider Revenge or Whistleblowing?
- "Wavethrough" Bug in Microsoft Edge Leaks Sensitive Information
- New Encrypted Downloader Delivers Metasploit Backdoor
- Watch Out for Fileless Ransomware
- How to Shed the Security Operations Doldrums
- Hidden Tunnels: A Favored Tactic to Evade Strong Access Controls
- Hackers Exploit Drupal Flaw for Monero Mining
- Red Alert Android Trojan for Rent at $500 Per Month
- Cisco Patches Critical Flaws in NX-OS Software
Copyright © 2018 Wired Business Media. All Rights Reserved. Privacy Policy