Security Experts:

long dotted

NEWS & INDUSTRY UPDATES

A recently discovered Android banking Trojan features a bot and command and control panel fully written from scratch, SfyLabs has discovered. [Read More]
The server distributing a version of PC utility CCleaner infected with malware might have been compromised in early July, Avast revealed. [Read More]
A newly detailed attack method leverages Microsoft Word documents to gather information on users, but doesn’t use macros, exploits or any other active content to do so. [Read More]
More than 2 million users are estimated to have downloaded a maliciously modified version of a software utility owned by antivirus firm Avast. [Read More]
A newly discovered Android malware that managed to infect at least 50 applications in Google Play has been downloaded between 1 million and 4.2 million times, Check Point researchers warn. [Read More]
A recently malware attack has been leveraging the Hangul Word Processor (HWP) word processing application and its ability to run PostScript code. [Read More]
Content delivery networks (CDNs) are being increasingly abused to spread malware, courtesy of standards that allow the download and execution of payloads on the victims’ computers, ESET warns. [Read More]
Kedi RAT is a newly discovered remote access Trojan (RAT) capable of evading security scanners communicates with its command and control (C&C) server via Gmail. [Read More]
A new Windows 10 feature that makes the popular Linux bash terminal available for Microsoft’s operating system could allow for more malware families to target the operating system, Check Point researchers claim. [Read More]
Microsoft patches .NET zero-day vulnerability exploited to deliver FinFisher spyware to Russian users [Read More]

FEATURES, INSIGHTS // Malware

rss icon

Travis Greene's picture
To reduce exposure to malware, security teams need to learn the DevOps techniques that are being adopted across the rest of the IT organization.
Justin Fier's picture
The early indicators of the WannaCry attack were evident, but it spread too quickly for human security teams to react before it spread across the world like wildfire.
Jennifer Blatnik's picture
If the WannaCry incident taught us anything, it’s that global, widespread ransomware can and will impact organizations without any notice. The time to prepare is now.
Lance Cottrell's picture
Investigating nefarious actors online can be dangerous, as the places hunters go are likely to be full of malware and people actively monitoring for outsiders.
Scott Simkin's picture
When implemented in series, common malware analysis environments allow security teams to handle the vast majority of threats automatically, freeing up team resources to actively hunt more advanced threats.
Scott Simkin's picture
When implemented as part of a natively-engineered security platform, these malware identification and prevention practices can reduce the operational burden put on security teams.
Jack Danahy's picture
Identifying malicious software by recognizing that it just damaged the system or exfiltrated some amount of information is no longer defense, but detection.
Adam Meyer's picture
While malicious actors demanding ransoms is not new, the surge of organizations being targeted with fake extortion demands and empty threats is. Let’s look at how extortion campaigns are carried out through the “avenue of approach” lens.
Jack Danahy's picture
Protection against the effects of ransomware starts with a clear understanding of all of the means that attackers will use to implant that first malicious package.
Scott Simkin's picture
Attackers have developed anti-VM analysis techniques to allow the malware to recognize when it is being run on a virtual machine and fail to execute, meaning the system or threat analytics cannot make a verdict determination or extract intelligence from the sample.