Security Experts:
LATEST SECURITY NEWS HEADLINES
NEWS & INDUSTRY UPDATES
Flash Player zero-day vulnerability CVE-2018-15982 used to target hospital of the Russian presidential administration. Attack possibly related to the recent Kerch Strait incident involving Russia and Ukraine. [Read More]
Cybercriminals have adapted their methodology by seeking to 'fly under the radar' of defense systems, and to add persistence to their infiltrations. [Read More]
A recently discovered malware dropper has the ability to use nearly a dozen decoy document file formats to drop various payloads, Palo Alto Networks security researchers warn. [Read More]
A new campaign delivering various remote access Trojans (RATs) is likely the work of a known Dridex/Locky operator, Morphisec security researchers warn. [Read More]
Hackers are looking to compromise millions of machines behind the vulnerable routers by leveraging the NSA-linked EternalBlue (CVE-2017-0144) and EternalRed (CVE-2017-7494) exploits. [Read More]
A recently discovered PowerShell-based backdoor is strikingly similar to malware employed by the MuddyWater threat actor, Trend Micro reports. [Read More]
A detailed analysis from security researchers shows how Brazilian financial malware is spreading beyond national boundaries to attack banks in Spanish-speaking countries through South and Latin America, and Portugal and Spain in Europe. [Read More]
Trend Micro security researchers have discovered an AutoIt-compiled worm that infects removable drives to spread the njRAT backdoor to other machines. [Read More]
A previously undocumented threat actor has been targeting entities in the Middle East with new malware and DNS redirections, Cisco’s Talos security researchers reveal. [Read More]
Law enforcement, cybersecurity companies, Google and other tech firms work together on dismantling sophisticated 3ve ad fraud scheme that earned its operators tens of millions of dollars [Read More]
- 1 of 174
- ››
FEATURES, INSIGHTS // Malware
The truth is that quite a lot of malware is developed by an organization—an actual office of people that show up and spend their working day writing malware for a paycheck.
When ransomware strikes, there aren’t many options for response and recovery. Essentially, you can choose your own adventure and hope for the best.
History shows that, in security, the next big thing isn’t always an entirely new thing. We have precedents—macro malware existed for decades before it really became a “thing.”
The FUD crypter service industry is giving a second life to a lot of old and kind-of-old malware, which can be pulled off the shelf by just about anybody with confused ethics and a Bitcoin account.
Cryptojacking malware grew from impacting 13% of all organizations in Q4 of 2017 to 28% of companies in Q1 of 2018, more than doubling its footprint.
A study found that over 98 percent of malware making it to the sandbox array uses at least one evasive tactic, and 32 percent of malware samples making it to this stage could be classified as “hyper-evasive".
The cost of electricity has led some to take shortcuts in the search for power sources - individuals and organizations are now being breached by cyber-criminals seeking to take advantage of corporate infrastructures.
Historical patterns and recent activity indicate that another major Necurs malware outbreak is looming just around the corner.
It remains to be seen whether more legitimate web operations will embrace the approach, but you can count on illegitimate and malicious use of cryptomining to grow robustly.
Take a step back and realize that cryptocurrency mining is really just another form of malware, which is something you should be good at finding already.
- 1 of 13
- ››
SecurityWeek Daily Briefing
- Arctic Wolf Acquires Risk Assessment Firm RootSecure
- Kubernetes Security Firm Tigera Raises $30 Million
- Russia-Linked Phishing Attacks Hit Government Agencies on Four Continents
- "Operation Sharpshooter" Hits Global Defense, Critical Infrastructure Firms
- Several Vulnerabilities Patched With Release of WordPress 5.0.1
- GitLab Launches Public Bug Bounty Program
- What You Need to Know About PCI DSS Compliance this Holiday Season
- France's Travel Alert Registry Hacked
- How Well Are You Protecting Your Brand from Digital Risk?
- Rhode Island Sues Alphabet Over Google+ Security Incidents
Copyright © 2018 Wired Business Media. All Rights Reserved. Privacy Policy