Security Experts:

long dotted

NEWS & INDUSTRY UPDATES

CISA has issued an alert on the Conti ransomware, just as a second major U.S. farming cooperative confirmed being hit by ransomware. [Read More]
Netgear warns that an attacker on the same network as a vulnerable device could intercept and manipulate router traffic to execute code as root. [Read More]
VMware releases an urgent security patch for a flaw in its vCenter Server product and warned users to expect public exploit code within minutes of disclosure. [Read More]
Cisco Talos researchers say the backdoor is installed as a service and constantly contacts its command and control (C&C) to receive commands. [Read More]
Microsoft says it has been seeing various attempts to exploit the remote code execution vulnerability in the Open Management Infrastructure (OMI) framework. [Read More]
The iOS 15 makeover also includes patches for at least 22 documented security vulnerabilities, some serious enough to expose iPhone and iPad users to arbitrary code execution attacks. [Read More]
Limited in scope, the incidents abuse the Windows Subsystem for Linux (WSL) feature to cross the boundaries between operating systems and avoid detection. [Read More]
The Mirai botnet has started exploiting the OMIGOD vulnerability just as Microsoft released more guidance on protections. [Read More]
Endpoint security platform Kolide gets a fresh round of capital from venture capital investors. [Read More]
Google announced plans to support the Open Source Technology Improvement Fund in launching its Managed Audit Program to review critical open source projects. [Read More]

FEATURES, INSIGHTS // Malware

rss icon

Derek Manky's picture
How can organizations fight ransomware? The best solution is always prevention. Here are three tactics toward that goal.
Idan Aharoni's picture
The fact that so many large and high-profile enterprises fall prey to ransomware attacks that in many cases does not pose any new technical challenge suggests that there are still many gaps that needs to be closed.
Gordon Lawson's picture
Threat hunting must be non-attributable, while maintaining a clear audit trail to satisfy legal and governance requirements.
Derek Manky's picture
Each side of the public-private collaboration has resources and capabilities that shore up the other and increase effectiveness in combatting cybercrime.
Tim Bandos's picture
The ransomware threat could still become more pervasive over the next two to three years, not because ransomware is effective in and of itself but because of other players in the game continue to fan the flames.
Derek Manky's picture
2020 has taught us to revisit the practice of inspecting encrypted traffic. These are all standard security protocols to step up in light of what cybercriminals are doing now.
Joshua Goldfarb's picture
Playing whack-a-mole with malicious code infections, phishing sites, and compromised credentials won’t help an enterprise reduce losses due to fraud.
Torsten George's picture
Ransomware is just one of many tactics, techniques, and procedures (TTPs) that threat actors are using to attack organizations by compromising remote user devices.
John Maddison's picture
Intent-based segmentation, deception technology, and an integrated security fabric are essential tools in beating malware designed to avoid detection and analysis.
Justin Fier's picture
The origin story of Mimikatz — a post-exploitation module that has enabled criminals to steal millions of passwords around the world — reads like an over-the-top spy thriller.