Security Experts:

long dotted

NEWS & INDUSTRY UPDATES

A ransomware attack hit 23 local government entities in Texas last week, the Texas Department of Information Resources (DIR) has revealed. [Read More]
A survey of over 2,000 Americans shows that cybersecurity has become a political issue and most believe that cybersecurity should be a top priority for the government. [Read More]
Cloud Atlas/Inception cyberspies continue targeting government organizations in Russia and other countries, and they are now using polymorphic malware. [Read More]
Security researchers from Zscaler have found a new remote access Trojan (RAT) for sale on the Dark Web that includes multiple functions and is able to spread via removable USB drives. [Read More]
Ransomware attackers are not looking to simply encrypt local files, but to find and encrypt network shares in order to inflict the greatest harm in the shortest time. [Read More]
A distributor of the Baldr malware declared that further development and support had ceased, contrary to what other cybercriminals were expecting. [Read More]
The newly identified "Lord" exploit kit is targeting vulnerable versions of Adobe's Flash Player, Malwarebytes security researchers say. [Read More]
Pakistani national Muhammad Fahd has been charged in the US for bribing AT&T employees to help him unlock phones and plant malware on the telecoms giant’s network. [Read More]
The threat actor behind the cyberespionage campaign dubbed Machete continues to be active and some of its most recent attacks targeted the military in Venezuela and Ecuador. [Read More]
A variant of the Mirai Internet of Things (IoT) malware is using a command and control (C&C) server on the Tor network, Trend Micro’s security researchers have discovered. [Read More]

FEATURES, INSIGHTS // Malware

rss icon

Justin Fier's picture
The origin story of Mimikatz — a post-exploitation module that has enabled criminals to steal millions of passwords around the world — reads like an over-the-top spy thriller.
Siggi Stefnisson's picture
The truth is that quite a lot of malware is developed by an organization—an actual office of people that show up and spend their working day writing malware for a paycheck.
Erin O’Malley's picture
When ransomware strikes, there aren’t many options for response and recovery. Essentially, you can choose your own adventure and hope for the best.
Siggi Stefnisson's picture
History shows that, in security, the next big thing isn’t always an entirely new thing. We have precedents—macro malware existed for decades before it really became a “thing.”
Siggi Stefnisson's picture
The FUD crypter service industry is giving a second life to a lot of old and kind-of-old malware, which can be pulled off the shelf by just about anybody with confused ethics and a Bitcoin account.
John Maddison's picture
Cryptojacking malware grew from impacting 13% of all organizations in Q4 of 2017 to 28% of companies in Q1 of 2018, more than doubling its footprint.
Siggi Stefnisson's picture
A study found that over 98 percent of malware making it to the sandbox array uses at least one evasive tactic, and 32 percent of malware samples making it to this stage could be classified as “hyper-evasive".
Justin Fier's picture
The cost of electricity has led some to take shortcuts in the search for power sources - individuals and organizations are now being breached by cyber-criminals seeking to take advantage of corporate infrastructures.
Siggi Stefnisson's picture
Historical patterns and recent activity indicate that another major Necurs malware outbreak is looming just around the corner.
Siggi Stefnisson's picture
It remains to be seen whether more legitimate web operations will embrace the approach, but you can count on illegitimate and malicious use of cryptomining to grow robustly.