Ransomware attacks took a heavy toll on the United States last year with more than 2,000 victims in government, education and health care, security researchers say in a new report. [Read More]
Symantec researchers have uncovered another piece of malware used in the SolarWinds attack, namely Raindrop, which has been used for lateral movement and payload deployment. [Read More]
In one attack, the cybercriminals found an employee via the company’s chatroom and then convinced them to log into a fake VPN page to reveal their credentials. [Read More]
2020 has taught us to revisit the practice of inspecting encrypted traffic. These are all standard security protocols to step up in light of what cybercriminals are doing now.
Ransomware is just one of many tactics, techniques, and procedures (TTPs) that threat actors are using to attack organizations by compromising remote user devices.
Intent-based segmentation, deception technology, and an integrated security fabric are essential tools in beating malware designed to avoid detection and analysis.
The origin story of Mimikatz — a post-exploitation module that has enabled criminals to steal millions of passwords around the world — reads like an over-the-top spy thriller.
The truth is that quite a lot of malware is developed by an organization—an actual office of people that show up and spend their working day writing malware for a paycheck.
History shows that, in security, the next big thing isn’t always an entirely new thing. We have precedents—macro malware existed for decades before it really became a “thing.”
The FUD crypter service industry is giving a second life to a lot of old and kind-of-old malware, which can be pulled off the shelf by just about anybody with confused ethics and a Bitcoin account.