Security Experts:

long dotted

NEWS & INDUSTRY UPDATES

Newly observed ransomware campaigns are leveraging installer files from the Nullsoft Scriptable Install System (NSIS) to hide malicious code, Microsoft says. [Read More]
New Trojan dubbed Acronym is possibly linked to the malware family used in the Potao Express campaign [Read More]
Newly discovered "MajikPOS" point-of-sale (PoS) malware features a modular approach in execution is currently targeting businesses in North America. [Read More]
A newly observed ransomware family is leveraging the well-known Petya ransomware to encrypt user data, but modifies the malware “on the fly” to control its execution, Kaspersky Lab researchers discovered. [Read More]
macOS users who had their systems infected with the FindZip ransomware can now use a decryption tool to restore their files without paying the ransom. [Read More]
A recent spam campaign impersonating UK-based banking giant HSBC is attempting to distribute malware masquerading as a fake security application, Symantec researchers warn. [Read More]
Financially motivated attackers have become just as sophisticated as state-sponsored actors, says FireEye in 2017 M-Trends report [Read More]
A command and control (C&C) server used for operating the CryptoBlock ransomware family has also been hosting stolen user credentials and other malware families, researchers say. [Read More]
Cybercriminals have been stealing payment card data from Magento stores by hijacking a payments extension [Read More]
The number of new malware variants that emerged in February 2017 was three times higher compared to January, nearly reaching the record-high levels registered in October 2016, Symantec reports. [Read More]

FEATURES, INSIGHTS // Malware

rss icon

Alastair Paterson's picture
Cyber situational awareness can give you greater insights into the tools and processes used by actors that employ DDoS-based extortion and compromised data release extortion.
David Holmes's picture
A cyber espionage attack against Swiss defense firm RUAG was carried out by the Russia-linked hackers according to a report commissioned by the Swiss government.
Wade Williamson's picture
Behavioral detection models can focus in on what the attacker actually does, instead of relying on a set of signatures or known indicators of compromise that often lag behind attackers.
Jack Danahy's picture
Typical lockdown or encryption of a system happens within a minute or two of the ransomware’s execution. At that point, there are only two choices left: pay or start cleaning up.
Torsten George's picture
What do enterprises need to know about ransomware attacks and what can they do to minimize the risk of being victimized?
Jennifer Blatnik's picture
It is critical for business leadership to address the growing threat of ransomware as a business risk rather than a siloed IT issue.
Wade Williamson's picture
The evolution of ransomware from simple malware to more persistent attacks has a major impact on the way enterprise security teams have to think about mitigation.
Scott Gainey's picture
By monitoring for and detecting the underlying and shared behaviors of malware we can effectively stop ransomware infections before they can cause damage.
Shlomo Kramer's picture
Mid-market enterprises with limited resources and weak defenses are a particularly good target for ransomware attacks: they have just enough assets worth paying for, and the capital to do so.
Scott Gainey's picture
Companies need educate employees about ransomware, and the techniques criminals use to launch attacks such as phishing emails or distribution through social media channels.