Security Experts:

long dotted


Eight new malware samples were recorded every second during the final three months of 2017. The use of fileless attacks, primarily via PowerShell, grew; and there was a surge in cryptocurrency hijacking malware. [Read More]
Recent infection campaigns conducted by the Patchwork cyberespionage group have revealed the use of an EPS exploit and an updated backdoor, Palo Alto Networks reports. [Read More]
A China-linked cyber espionage group used new backdoors in an attack aimed at a company that provides services to the UK government [Read More]
Attacks carried out by the Russian group Sofacy (Fancy Bear/APT28) overlap with campaigns conducted by Turla and actors linked to China and the U.S. [Read More]
Slingshot is a sophisticated cyber espionage campaign that targets entities in the Middle East and Africa via routers, and the group behind the operation apparently speaks English [Read More]
Microsoft's Windows Defender blocked more than 80,000 instances of several new variants of the Dofoil (aka Smoke Loader) downloader. [Read More]
Investigation into the September 2017 CCleaner incident reveals what appears to be a stage 3 payload that attackers supposedly intended to deliver to infected users [Read More]
The hackers behind the recent Olympic Destroyer attack planted sophisticated false flags inside their malware in an effort to confuse investigators [Read More]
Analysis of NSA tools leaked by Shadow Brokers provides a glimpse into the methods used by the agency to detect the presence of other state-sponsored actors on devices it hacked [Read More]
A newly discovered piece of malware is capable of stealing a variety of crypto-coins from its victims by replacing legitimate wallet addresses with that of the attacker. [Read More]


rss icon

Siggi Stefnisson's picture
It remains to be seen whether more legitimate web operations will embrace the approach, but you can count on illegitimate and malicious use of cryptomining to grow robustly.
David Holmes's picture
Take a step back and realize that cryptocurrency mining is really just another form of malware, which is something you should be good at finding already.
Alastair Paterson's picture
There are several mitigation measures and best practices that you can adopt to improve your organization’s security posture and reduce the risk of supply chain infections.
Siggi Stefnisson's picture
In the cat-and-mouse game between security providers and malware authors, cybercriminals keep innovating and experimenting – a dynamic seen in the recent resurgence of the Locky ransomware.
Jack Danahy's picture
While devastating to the victims, the recent rash of ransomware has been helpful in putting an objective and quantifiable face on modern threats associated in cybersecurity.
Travis Greene's picture
To reduce exposure to malware, security teams need to learn the DevOps techniques that are being adopted across the rest of the IT organization.
Justin Fier's picture
The early indicators of the WannaCry attack were evident, but it spread too quickly for human security teams to react before it spread across the world like wildfire.
Jennifer Blatnik's picture
If the WannaCry incident taught us anything, it’s that global, widespread ransomware can and will impact organizations without any notice. The time to prepare is now.
Lance Cottrell's picture
Investigating nefarious actors online can be dangerous, as the places hunters go are likely to be full of malware and people actively monitoring for outsiders.
Scott Simkin's picture
When implemented in series, common malware analysis environments allow security teams to handle the vast majority of threats automatically, freeing up team resources to actively hunt more advanced threats.