Security Experts:

Virus & Threats
long dotted

NEWS & INDUSTRY UPDATES

Microsoft has unveiled Project Freta, a free service that allows users to find rootkits and other sophisticated malware in OS volatile memory snapshots. [Read More]
There are more than 3,000 BIG-IP installations vulnerable to attacks exploiting CVE-2020-5902 and hackers have been using the flaw to deliver DDoS malware. [Read More]
G Data security researchers have identified a new ransomware family that attempts to spread using infected USB drives. [Read More]
Hackers linked to the North Korean government are believed to be behind the Magecart attacks on Claire’s and other online stores. [Read More]
USCYBERCOM is advising BIG-IP users to patch CVE-2020-5902, a vulnerability that allows an attacker to take complete control of a system and which has already been exploited in attacks. [Read More]
Recent fires and explosions at Iranian facilities, including the Natanz nuclear site targeted by the notorious Stuxnet malware, may have been caused deliberately as part of an operation that involved cyberattacks. [Read More]
Remote code execution and information disclosure vulnerabilities addressed in Apache Guacamole can be highly useful to threat actors targeting enterprises. [Read More]
ICS-targeting Snake/EKANS ransomware manipulates the firewall to isolate infected systems before initiating the file encryption process. [Read More]
In an alert published this week, CISA and the FBI warned enterprises about the use of Tor in cyberattacks. [Read More]
Cisco Talos has disclosed the details of a remote code execution vulnerability in Chrome and an information disclosure flaw affecting Firefox. [Read More]

FEATURES, INSIGHTS // Virus & Threats

rss icon

Alastair Paterson's picture
Organizations may not be able to mitigate BEC scams entirely; however, tightening up processes will ensure data exposure is kept to a minimum.
Ashley Arbuckle's picture
By learning from the past there are many steps we can take to strength our approach to security as attackers continue to turn to email to help accomplish their mission.
Siggi Stefnisson's picture
“Evasive phishing" is not a term much heard, but we all will—and need to—start talking a lot more about it than we have in the past.
Alastair Paterson's picture
BEC is becoming increasingly profitable for threat actors as organizations are making it easy for adversaries to gain access to the valuable information that sits within these inboxes.
Siggi Stefnisson's picture
We should be thinking about how users work, what they do and how it affects the security posture of the business, but does security really start with them?
Torsten George's picture
By implementing these measures organizations can limit their exposure to remote access-based cyber threats, while supporting agile business models such as remote work and outsourced IT.
Marc Solomon's picture
Recalculating and reevaluating priorities based on a continuous flow of new data, learnings and your risk profile, helps to ensure you’re staying focused on what matters in a highly dynamic environment.
Josh Lefkowitz's picture
Proper evaluation of business risk requires insight into the likelihood that a vulnerability will be exploited, and if exploited, how that vulnerability could impact the company on a macro level.
Siggi Stefnisson's picture
Ninety percent of breaches may begin with an email, but today most of the action happens well after an inbound email has been scanned and delivered.
Torsten George's picture
Application Programming Interfaces (APIs) provide hackers with multiple venues to access an organization’s data and can even be used to cause massive business disruptions.