Security Experts:

long dotted

NEWS & INDUSTRY UPDATES

The North Korea-linked Lazarus hacking group is "highly likely" to be responsible for the global "WannaCry" ransomware attacks, Symantec says. [Read More]
Russian authorities dismantle cybercrime gang responsible for infecting 1 million Android phones with a banking Trojan and stealing nearly $900,000 [Read More]
Most of the computers affected by the WannaCry ransomware outbreak were running Windows 7, security researchers have revealed. [Read More]
Recent changes made to the Terror exploit kit (EK) allow it to fingerprint victims and target specific vulnerabilities instead of carpet bombing the victims with many exploits at the same time, Talos researchers discovered. [Read More]
In the aftermath the WannaCry ransomware outbreak, security researchers discovered numerous attacks that have been abusing the same EternalBlue exploit for malware delivery over the past several weeks. [Read More]
After receiving multiple updates, the Stegano exploit kit (EK) recently adopted the Diffie-Hellman algorithm to hinder analysis, according to Trend Micro security researchers. [Read More]
Medical devices also infected with WannaCry ransomware. Several manufacturers release security advisories [Read More]
Microsoft held back from distributing a free security update that could have protected computers from the WannaCry global cyber attack, the Financial Times reported. [Read More]
More than 200 Brooks Brothers stores hit by payment card breach. Hackers had access to payment processing systems for nearly a year [Read More]
Cybercriminals leveraged the EternalBlue exploit to install a cryptocurrency miner called Adylkuzz, Proofpoint says. [Read More]

FEATURES, INSIGHTS // Malware

rss icon

Justin Fier's picture
The early indicators of the WannaCry attack were evident, but it spread too quickly for human security teams to react before it spread across the world like wildfire.
Jennifer Blatnik's picture
If the WannaCry incident taught us anything, it’s that global, widespread ransomware can and will impact organizations without any notice. The time to prepare is now.
Lance Cottrell's picture
Investigating nefarious actors online can be dangerous, as the places hunters go are likely to be full of malware and people actively monitoring for outsiders.
Scott Simkin's picture
When implemented in series, common malware analysis environments allow security teams to handle the vast majority of threats automatically, freeing up team resources to actively hunt more advanced threats.
Scott Simkin's picture
When implemented as part of a natively-engineered security platform, these malware identification and prevention practices can reduce the operational burden put on security teams.
Jack Danahy's picture
Identifying malicious software by recognizing that it just damaged the system or exfiltrated some amount of information is no longer defense, but detection.
Adam Meyer's picture
While malicious actors demanding ransoms is not new, the surge of organizations being targeted with fake extortion demands and empty threats is. Let’s look at how extortion campaigns are carried out through the “avenue of approach” lens.
Jack Danahy's picture
Protection against the effects of ransomware starts with a clear understanding of all of the means that attackers will use to implant that first malicious package.
Scott Simkin's picture
Attackers have developed anti-VM analysis techniques to allow the malware to recognize when it is being run on a virtual machine and fail to execute, meaning the system or threat analytics cannot make a verdict determination or extract intelligence from the sample.
Jack Danahy's picture
The impact of ransomware has expanded from an IT nuisance to attacks that can shut down and potentially ruin the businesses they infect.