Security Experts:

long dotted

NEWS & INDUSTRY UPDATES

Hackers breached the archive server for the Pale Moon open source web browser and infected all .exe files with malware. [Read More]
One of the Windows zero-days patched by Microsoft with its July 2019 updates, CVE-2019-1132, was used by the Buhtrap group to target a government organization in Eastern Europe. [Read More]
The QNAPCrypt ransomware is targeting Linux-based file storage systems (NAS servers) made by QNAP, Intezer’s security researchers reveal. [Read More]
Microsoft says it recently detected and stopped a fileless campaign looking to deliver the Astaroth Trojan to unsuspecting victims. [Read More]
Iran-linked malware uploaded to VirusTotal last week by United States Cyber Command (USCYBERCOM) was first observed in Dec 2016 and Jan 2017, according to security firm Kaspersky. [Read More]
Laboratory testing services giant Eurofins Scientific reportedly paid the ransom in response to a ransomware attack that led to many systems and servers being taken offline. [Read More]
A recently uncovered cryptomining campaign is delivering a new Golang malware to target Linux-based servers. [Read More]
Researchers have discovered that multiple Chinese groups have updated an RTF weaponizer to exploit the Microsoft Equation Editor vulnerability CVE-2018-0798. [Read More]
The threat actor best known for operating the Dridex banking Trojan and the Locky ransomware has started using a new downloader in June. [Read More]
USCYBERCOM warns that malicious actors are still using CVE-2017-11774, a Microsoft Outlook vulnerability known to have been exploited by Iranian groups. [Read More]

FEATURES, INSIGHTS // Malware

rss icon

Justin Fier's picture
The origin story of Mimikatz — a post-exploitation module that has enabled criminals to steal millions of passwords around the world — reads like an over-the-top spy thriller.
Siggi Stefnisson's picture
The truth is that quite a lot of malware is developed by an organization—an actual office of people that show up and spend their working day writing malware for a paycheck.
Erin O’Malley's picture
When ransomware strikes, there aren’t many options for response and recovery. Essentially, you can choose your own adventure and hope for the best.
Siggi Stefnisson's picture
History shows that, in security, the next big thing isn’t always an entirely new thing. We have precedents—macro malware existed for decades before it really became a “thing.”
Siggi Stefnisson's picture
The FUD crypter service industry is giving a second life to a lot of old and kind-of-old malware, which can be pulled off the shelf by just about anybody with confused ethics and a Bitcoin account.
John Maddison's picture
Cryptojacking malware grew from impacting 13% of all organizations in Q4 of 2017 to 28% of companies in Q1 of 2018, more than doubling its footprint.
Siggi Stefnisson's picture
A study found that over 98 percent of malware making it to the sandbox array uses at least one evasive tactic, and 32 percent of malware samples making it to this stage could be classified as “hyper-evasive".
Justin Fier's picture
The cost of electricity has led some to take shortcuts in the search for power sources - individuals and organizations are now being breached by cyber-criminals seeking to take advantage of corporate infrastructures.
Siggi Stefnisson's picture
Historical patterns and recent activity indicate that another major Necurs malware outbreak is looming just around the corner.
Siggi Stefnisson's picture
It remains to be seen whether more legitimate web operations will embrace the approach, but you can count on illegitimate and malicious use of cryptomining to grow robustly.