Security Experts:

long dotted

NEWS & INDUSTRY UPDATES

GhostMiner crypto-mining malware has adopted the most effective techniques used by other malware families, including fileless infection attacks. [Read More]
A recently discovered malware family written using the Golang (Go) programming language is targeting Linux servers and uses a different binary for each attack, Talos warns. [Read More]
While threats to machine learning (ML) already exist, criminals and nation-state actors will begin to use their own ML capabilities to increase the speed and accuracy of attacks against ML defenses. [Read More]
In recently observed attacks, the jRAT backdoor was using crypter services hosted on the dark web to evade detection, Trustwave security researchers have discovered. [Read More]
A newly discovered Microsoft Office document exploit builder kit has been used for the distribution of a variety of malicious payloads. [Read More]
Ukrainian national suspected of being the mastermind of a gang that used Carbanak malware to steal more than €1 billion from banks arrested in Spain [Read More]
One year after researchers saw the first attempts to exploit the CVE-2017-5638 Apache Struts 2 flaw, hackers continue to scan the Web for vulnerable servers [Read More]
A recently observed variant of the TrickBot banking Trojan has added a new module that can lock a victim’s computer for extortion purposes, Webroot reports. [Read More]
An Iran-linked cyber-espionage group has been using new malware and data exfiltration techniques in recent attacks, security firm Nyotron has discovered. [Read More]
A newly discovered Android Trojan is abusing Telegram’s Bot API to communicate with the command and control (C&C) server and to exfiltrate data. [Read More]

FEATURES, INSIGHTS // Malware

rss icon

Scott Simkin's picture
When implemented in series, common malware analysis environments allow security teams to handle the vast majority of threats automatically, freeing up team resources to actively hunt more advanced threats.
Scott Simkin's picture
When implemented as part of a natively-engineered security platform, these malware identification and prevention practices can reduce the operational burden put on security teams.
Jack Danahy's picture
Identifying malicious software by recognizing that it just damaged the system or exfiltrated some amount of information is no longer defense, but detection.
Adam Meyer's picture
While malicious actors demanding ransoms is not new, the surge of organizations being targeted with fake extortion demands and empty threats is. Let’s look at how extortion campaigns are carried out through the “avenue of approach” lens.
Jack Danahy's picture
Protection against the effects of ransomware starts with a clear understanding of all of the means that attackers will use to implant that first malicious package.
Scott Simkin's picture
Attackers have developed anti-VM analysis techniques to allow the malware to recognize when it is being run on a virtual machine and fail to execute, meaning the system or threat analytics cannot make a verdict determination or extract intelligence from the sample.
Jack Danahy's picture
The impact of ransomware has expanded from an IT nuisance to attacks that can shut down and potentially ruin the businesses they infect.
Alastair Paterson's picture
Although ransomware and DDoS attacks have captured the attention of the security industry of late, a surge in trojan variants targeting banks across geographies is catching many by surprise.
Ashley Arbuckle's picture
With good security hygiene and a few basic measures you’ll be able to more effectively block, contain, and negate the impact of ransomware.
Wade Williamson's picture
There are computers within our computers that are largely beyond the scope of security, yet control everything we think we know about the device.