Security Experts:

long dotted

NEWS & INDUSTRY UPDATES

The Valak information stealer is being distributed in ongoing campaigns aimed at enterprises in North America, South America, Europe and likely other regions. [Read More]
The threat actor behind the Sodinokibi (REvil) ransomware is demanding a $14 million ransom from Brazilian-based electrical energy company Light S.A. [Read More]
Researchers have discovered ThiefQuest, a new Mac malware that acts like a piece of ransomware, but also allows its operators to steal data and take full control of an infected device. [Read More]
The operators of the Maze ransomware claim they hacked printing giant Xerox and they are threatening to leak data stolen from the company unless it pays up. [Read More]
Within days after a report detailing the GoldenSpy malware operation targeting organizations doing business in China, an uninstaller was pushed to affected systems to completely remove the infection. [Read More]
Recent attacks associated with the StrongPity threat actor appear to focus on the Kurdish community in Turkey and Syria. [Read More]
University of California San Francisco (UCSF) revealed that it paid roughly $1.14 million to cybercriminals to recover data encrypted during a ransomware attack earlier this month. [Read More]
At least 31 organizations in the United States have been targeted with the recently detailed WastedLocker ransomware. [Read More]
A recently identified piece of cryptojacking malware includes the necessary functionality to launch DDoS attacks. [Read More]
A group of cybercriminals managed to hide their web skimmer in the EXIF metadata of an image that was then surreptitiously loaded by compromised online stores. [Read More]

FEATURES, INSIGHTS // Malware

rss icon

John Maddison's picture
Intent-based segmentation, deception technology, and an integrated security fabric are essential tools in beating malware designed to avoid detection and analysis.
Justin Fier's picture
The origin story of Mimikatz — a post-exploitation module that has enabled criminals to steal millions of passwords around the world — reads like an over-the-top spy thriller.
Siggi Stefnisson's picture
The truth is that quite a lot of malware is developed by an organization—an actual office of people that show up and spend their working day writing malware for a paycheck.
Erin O’Malley's picture
When ransomware strikes, there aren’t many options for response and recovery. Essentially, you can choose your own adventure and hope for the best.
Siggi Stefnisson's picture
History shows that, in security, the next big thing isn’t always an entirely new thing. We have precedents—macro malware existed for decades before it really became a “thing.”
Siggi Stefnisson's picture
The FUD crypter service industry is giving a second life to a lot of old and kind-of-old malware, which can be pulled off the shelf by just about anybody with confused ethics and a Bitcoin account.
John Maddison's picture
Cryptojacking malware grew from impacting 13% of all organizations in Q4 of 2017 to 28% of companies in Q1 of 2018, more than doubling its footprint.
Siggi Stefnisson's picture
A study found that over 98 percent of malware making it to the sandbox array uses at least one evasive tactic, and 32 percent of malware samples making it to this stage could be classified as “hyper-evasive".
Justin Fier's picture
The cost of electricity has led some to take shortcuts in the search for power sources - individuals and organizations are now being breached by cyber-criminals seeking to take advantage of corporate infrastructures.
Siggi Stefnisson's picture
Historical patterns and recent activity indicate that another major Necurs malware outbreak is looming just around the corner.