Security Experts:

long dotted

NEWS & INDUSTRY UPDATES

The modular surveillanceware is likely developed by Italian vendor RCS Lab, which operates in the same market as Pegasus developer NSO Group Technologies and FinFisher creator Gamma Group. [Read More]
Researchers have discovered a functionality within Office 365 that could allow attackers to ransom files stored on SharePoint and OneDrive. [Read More]
Radian Capital leads a $15 million Series A investment in threat intelligence startup GreyNoise. [Read More]
An Israeli startup promising technology to help developers simplify security has banked an eye-opening $38.5 million in seed-stage funding. [Read More]
Adobe warned of “critical” code execution flaws that expose both Windows and macOS users to malicious hacker attacks. [Read More]
L3 Technologies, a U.S. government contractor that sells aerospace and defense technology, has emerged as a "leading candidate" to acquire Israeli exploit merchant NSO Group. [Read More]
Based on the Adore-Ng rootkit, a new, under-development Linux rootkit dubbed Syslogk is hiding the Rekoobe backdoor on infected systems. [Read More]
China-linked Gallium (aka Softcell) has been observed using new malware in attacks targeting telecoms, financial institutions, and government entities. [Read More]
A pair of high-risk flaws in a third-party library exposes Drupal-powered websites to remote takeover attacks. [Read More]
Backup-as-a-service firm HYCU has raised $53 million in a Series B funding round led by Acrew Capital. [Read More]

FEATURES, INSIGHTS // Malware

rss icon

Joshua Goldfarb's picture
Playing whack-a-mole with malicious code infections, phishing sites, and compromised credentials won’t help an enterprise reduce losses due to fraud.
Torsten George's picture
Ransomware is just one of many tactics, techniques, and procedures (TTPs) that threat actors are using to attack organizations by compromising remote user devices.
John Maddison's picture
Intent-based segmentation, deception technology, and an integrated security fabric are essential tools in beating malware designed to avoid detection and analysis.
Justin Fier's picture
The origin story of Mimikatz — a post-exploitation module that has enabled criminals to steal millions of passwords around the world — reads like an over-the-top spy thriller.
Siggi Stefnisson's picture
The truth is that quite a lot of malware is developed by an organization—an actual office of people that show up and spend their working day writing malware for a paycheck.
Erin O’Malley's picture
When ransomware strikes, there aren’t many options for response and recovery. Essentially, you can choose your own adventure and hope for the best.
Siggi Stefnisson's picture
History shows that, in security, the next big thing isn’t always an entirely new thing. We have precedents—macro malware existed for decades before it really became a “thing.”
Siggi Stefnisson's picture
The FUD crypter service industry is giving a second life to a lot of old and kind-of-old malware, which can be pulled off the shelf by just about anybody with confused ethics and a Bitcoin account.
John Maddison's picture
Cryptojacking malware grew from impacting 13% of all organizations in Q4 of 2017 to 28% of companies in Q1 of 2018, more than doubling its footprint.
Siggi Stefnisson's picture
A study found that over 98 percent of malware making it to the sandbox array uses at least one evasive tactic, and 32 percent of malware samples making it to this stage could be classified as “hyper-evasive".