Security Experts:

long dotted

NEWS & INDUSTRY UPDATES

The disruption of Maryland’s reporting of COVID-19 data last month was caused by a ransomware attack. [Read More]
Adversarial AI – or the use of artificial intelligence and machine learning within offensive cyber activity – comes in two flavors: attacks that use AI and attacks against AI. [Read More]
CYBERCOM shares details and malware attributed to the Iran-linked threat actor MuddyWater. [Read More]
Apple ships iOS fix for a persistent HomeKit denial-of-service flaw but only after an independent researcher publicly criticized the company for ignoring his discovery. [Read More]
Mozilla fixes multiple high-severity vulnerabilities with the release of Firefox 96, Firefox ESR 91.5, and Thunderbird 91.5. [Read More]
Microsoft’s first batch of patches for 2022 cover at least 97 security flaws, including a critical HTTP Protocol Stack bug described as “wormable.” [Read More]
Celebrated cryptographer Moxie Marlinspike is stepping down as chief executive at Signal, the encrypted messaging app he created more than a decade ago. [Read More]
The non-profit group says companies that ship open-source code should do much more to help with security audits and fixes. [Read More]
Cyber Insights 2022 is a series of articles examining the potential evolution of threats over the new year and beyond. In this installment, we focus on the ransomware threat. [Read More]
Patchwork APT targets molecular medicine and biology scientists with a new version of the BADNEWS RAT. [Read More]

FEATURES, INSIGHTS // Malware

rss icon

Derek Manky's picture
Botnets are becoming more malicious, sometimes able to create hundreds of thousands of drones that can attack a variety of machines, including Mac systems, Linux, Windows systems, edge devices, IoT devices, and so on.
Derek Manky's picture
How can organizations fight ransomware? The best solution is always prevention. Here are three tactics toward that goal.
Idan Aharoni's picture
The fact that so many large and high-profile enterprises fall prey to ransomware attacks that in many cases does not pose any new technical challenge suggests that there are still many gaps that needs to be closed.
Gordon Lawson's picture
Threat hunting must be non-attributable, while maintaining a clear audit trail to satisfy legal and governance requirements.
Derek Manky's picture
Each side of the public-private collaboration has resources and capabilities that shore up the other and increase effectiveness in combatting cybercrime.
Tim Bandos's picture
The ransomware threat could still become more pervasive over the next two to three years, not because ransomware is effective in and of itself but because of other players in the game continue to fan the flames.
Derek Manky's picture
2020 has taught us to revisit the practice of inspecting encrypted traffic. These are all standard security protocols to step up in light of what cybercriminals are doing now.
Joshua Goldfarb's picture
Playing whack-a-mole with malicious code infections, phishing sites, and compromised credentials won’t help an enterprise reduce losses due to fraud.
Torsten George's picture
Ransomware is just one of many tactics, techniques, and procedures (TTPs) that threat actors are using to attack organizations by compromising remote user devices.
John Maddison's picture
Intent-based segmentation, deception technology, and an integrated security fabric are essential tools in beating malware designed to avoid detection and analysis.