Security Experts:

long dotted

NEWS & INDUSTRY UPDATES

Microsoft's Patch Tuesday rollout included fixes for multiple high-severity vulnerabilities in Azure Site Recovery. [Read More]
Redmond's Salus tool works across platforms including Windows, Linux, and Mac to generate SBOMs based on the SPDX specification. [Read More]
Microsoft issues an urgent Patch Tuesday bulletin to warn of in-the-wild zero-day exploitation of a privilege escalation flaw in the Windows operating system. [Read More]
Adobe rolls out a major security update for its flagship Acrobat and Reader products to fix at least 22 documented security vulnerabilities. [Read More]
Emsisoft has released free decryptors for the AstraLocker ransomware variants to help victims recover data. [Read More]
Spreading via removable drives or ISO files, the malware uses LNK shortcuts containing Windows shell commands as lures. [Read More]
The open source group rates this a "high-severity" issue and urged users to upgrade to OpenSSL 3.0.5. [Read More]
US government agencies have issued a joint advisory on North Korean hackers using Maui ransomware in attacks targeting healthcare and public health organizations. [Read More]
Apple plans to add a new ‘Lockdown Mode’ that significantly reduces attack surface and adds technical roadblocks to limit sophisticated software exploits. [Read More]
Researchers at ReversingLabs and Checkmarx release separate warnings about software supply chain attacks targeting the open source NPM ecosystem. [Read More]

FEATURES, INSIGHTS // Malware

rss icon

Jennifer Blatnik's picture
If the WannaCry incident taught us anything, it’s that global, widespread ransomware can and will impact organizations without any notice. The time to prepare is now.
Lance Cottrell's picture
Investigating nefarious actors online can be dangerous, as the places hunters go are likely to be full of malware and people actively monitoring for outsiders.
Scott Simkin's picture
When implemented in series, common malware analysis environments allow security teams to handle the vast majority of threats automatically, freeing up team resources to actively hunt more advanced threats.
Scott Simkin's picture
When implemented as part of a natively-engineered security platform, these malware identification and prevention practices can reduce the operational burden put on security teams.
Jack Danahy's picture
Identifying malicious software by recognizing that it just damaged the system or exfiltrated some amount of information is no longer defense, but detection.
Adam Meyer's picture
While malicious actors demanding ransoms is not new, the surge of organizations being targeted with fake extortion demands and empty threats is. Let’s look at how extortion campaigns are carried out through the “avenue of approach” lens.
Jack Danahy's picture
Protection against the effects of ransomware starts with a clear understanding of all of the means that attackers will use to implant that first malicious package.
Scott Simkin's picture
Attackers have developed anti-VM analysis techniques to allow the malware to recognize when it is being run on a virtual machine and fail to execute, meaning the system or threat analytics cannot make a verdict determination or extract intelligence from the sample.
Jack Danahy's picture
The impact of ransomware has expanded from an IT nuisance to attacks that can shut down and potentially ruin the businesses they infect.
Alastair Paterson's picture
Although ransomware and DDoS attacks have captured the attention of the security industry of late, a surge in trojan variants targeting banks across geographies is catching many by surprise.