What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2020-12-18 02:00:00 | What is typosquatting? A simple but effective attack technique (lien direct) | Typosquatting definition A typosquatting attack, also known as a URL hijacking, a sting site, or a fake URL, is a type of social engineering where threat actors impersonate legitimate domains for malicious purposes such as fraud or malware spreading. They register domain names that are similar to legitimate domains of targeted, trusted entities in the hope of fooling victims into believing they are interacting with the real organization.[ Learn 12 tips for effectively presenting cybersecurity to the board and 6 steps for building a robust incident response plan. | Sign up for CSO newsletters. ] How typosquatting works Threat actors can impersonate domains using: | Malware Threat | ||
|
2020-12-03 03:00:00 | TrickBot gets new UEFI attack capability that makes recovery incredibly hard (lien direct) | Researchers have seen a worrying development recently in TrickBot, a botnet that serves as an access gateway into enterprise networks for sophisticated ransomware and other cybercriminal groups. A new module enables the malware to scan for vulnerable UEFI configurations on infected systems and could enable attackers to brick systems or deploy low-level backdoors that are incredibly hard to remove. [ How well do you know these 9 types of malware and how to recognize them. | Sign up for CSO newsletters! ] | Malware | ||
|
2020-10-09 03:00:00 | Elusive hacker-for-hire group Bahamut linked to historical attack campaigns (lien direct) | Attack attribution is one of the most difficult aspects of malware research and it's not uncommon for different security companies to attribute attack campaigns to different threat actors only to later discover that they were the work of the same group. However, a new paper by researchers at Blackberry stands out by exposing an elusive group dubbed Bahamut as responsible for a spider web of carefully constructed and carried out phishing and malware attacks. [ How much does a cyber attack really cost? Take a look at the numbers.. | Get the latest from CSO by signing up for our newsletters. ] | Malware Threat | Bahamut | |
|
2020-10-08 03:00:00 | How SilentFade group steals millions from Facebook ad spend accounts (lien direct) | Facebook is a magnet for scammers, thieves and other bad actors looking to swindle and manipulate the social media giant's vast pool of users. One group discovered by Facebook's in-house researchers took such a sophisticated approach to bilking Facebook users that it walked away with $4 million in an elaborate ad fraud scheme that went undetected by its victims.Sachit Karve, speaking both for himself and fellow Facebook security researcher Jennifer Urgilez, offered more details about this scheme at the VB 2020 conference last week. Facebook insiders call the group behind it SilentFade and discovered that it came from a Chinese malware ecosystem that used different types of malware in its cybercrime sprees. | Malware | ||
|
2020-10-06 03:00:00 | Alien malware a rising threat to mobile banking users (lien direct) | For over a decade, computer users have been plagued by malicious programs designed to steal their online banking credentials and initiate fraudulent transactions from their accounts. As mobile banking gained more adoption over the years, these programs followed the trend and jumped from computers to smartphones. One of the most widely used Android banking Trojans was abandoned by its creators last month, but the gap left in the cybercrime ecosystem is rapidly being filled by an even more potent one dubbed Alien. | Malware Threat | ||
|
2020-09-29 06:05:00 | BrandPost: How to Defend Against Today\'s Top 5 Cyber Threats (lien direct) | Cyber threats are constantly evolving. As recently as 2016, Trojan malware accounted for nearly 50% of all breaches. Today, they are responsible for less than 7%.That's not to say that Trojans are any less harmful. According to the 2020 Verizon Data Breach Investigations Report (DBIR), their backdoor and remote-control capabilities are still used by advanced threat actors to conduct sophisticated attacks.Staying ahead of evolving threats is a challenge that keeps many IT professionals awake at night. Understanding today's most important cyber threats is the first step toward protecting any organization from attack. | Data Breach Malware Threat | ||
|
2020-09-11 03:00:00 | 11 types of hackers and how they will harm you (lien direct) | Hackers-and the malware they build and use-have grown up in the last couple of decades. When computers were big putty-colored boxes, hackers were just learning to walk and their pranks were juvenile - maybe they would create a bit of silly malware that did little more than flash “Legalize Marijuana!” or play Yankee Doodle across your screen. As computers have evolved into an economy of their own, hackers, too, have evolved out of those wide-eyed nerds into an audacious army of criminals. | Malware | ||
|
2020-09-03 08:32:00 | Evilnum group targets FinTech firms with new Python-based RAT (lien direct) | Evilnum, a group known for targeting financial technology companies, has added new malware and infection tricks to its arsenal, researchers warn. The group is suspected of offering APT-style hacker-for-hire services to other entities, a growing and worrying trend that's changing the threat landscape.[ Keep up with 8 hot cyber security trends (and 4 going cold). Give your career a boost with top security certifications: Who they're for, what they cost, and which you need. | Sign up for CSO newsletters. ] Evilnum appeared on the radar of security companies in 2018 when it started targeting FinTech companies throughout Europe with spear-phishing emails that try to pass malicious files as scans of credit cards, utility bills, ID cards, drivers licenses and other identity verification documents required by know-your-customer (KYC) regulations in the financial sector. | Malware Threat | ★★★★★ | |
|
2020-09-03 03:00:00 | How to choose the right security training provider for your team (lien direct) | Your enterprise's security team is entrusted with a critical mission: protecting systems, resources and users from phishing, ransomware, denial-of-service attacks, data theft, malware infection and assorted other attacks. Staying on top of emerging and evolving threats requires constant vigilance and, most importantly, a well-trained team. | Malware | ||
|
2020-08-27 06:38:00 | After a decade, Qbot Trojan malware gains new, dangerous tricks (lien direct) | The Qbot Trojan has been plaguing computer users and businesses for over a decade and the cybercriminals behind it are still coming up with new tricks that keep it one of the most prevalent and successful malware threats. The latest technique observed by security researchers involves the malware inserting itself into the legitimate email threads of their victims to spread. [ How well do you know these 9 types of malware and how to recognize them. | Sign up for CSO newsletters! ] | Malware | ||
|
2020-07-29 10:00:00 | Linux GRUB2 bootloader flaw breaks Secure Boot on most computers and servers (lien direct) | Operating system maintainers, computer manufacturers, security and virtualization software vendors have worked together over the past few months to coordinate a unified response to a vulnerability that allows attackers to bypass boot process integrity verification, one of the key security features of modern computers. The flaw is located in the GRUB2 Linux bootloader, but because of how Secure Boot is implemented, it can be used to compromise the booting process of Windows and other systems as well.[ Keep up with 8 hot cyber security trends (and 4 going cold). Give your career a boost with top security certifications: Who they're for, what they cost, and which you need. | Sign up for CSO newsletters. ] Getting the patches that were announced today installed on all impacted computers and devices will require manual testing and deployment and will likely take a long time. It's reasonable to expect that some systems will never be updated and will remain vulnerable to boot-level malware and rogue firmware modifications. | Malware Vulnerability | ||
|
2020-07-24 03:00:00 | Microsoft Office the most targeted platform to carry out attacks (lien direct) | In 2019, Microsoft Office became cybercriminals' preferred platform when carrying out attacks, and the number of incidents keeps increasing, according to Kaspersky Lab researchers. Boris Larin, Vlad Stolyarov and Alexander Liskin showed at the company's Security Analyst Summit that the threat landscape has changed in the past two years and urged users to keep their software up-to-date and to avoid opening files that come from untrusted sources to reduce the risk of infection. [ Learn how to identify, block and remove malware from Windows PCs. | Get the latest from CSO by signing up for our newsletters. ] | Malware Threat | ||
|
2020-05-21 06:39:00 | BrandPost: Real Time Matters in Endpoint Protection (lien direct) | Given the speed and potentially devastating impact of malware targeting your end users and devices (think ransomware these days), if your endpoint security isn't able to react immediately, the fight is over – and you will have lost. Sodinbiki ransomware, for example, starts encrypting files in seconds and can complete its job on an entire disk in as little as 5 minutes (depending on disk volume). From there, it can easily spread to network drives as well as throughout the organization. | Ransomware Malware | ||
|
2020-05-13 03:00:00 | 9 tips to detect and prevent web shell attacks on Windows networks (lien direct) | One tool that bad guys use to go after your web servers is a web shell. A web shell is a malicious script that masquerades as a legitimate file and provides a backdoor into your server. Recent guidance from the US National Security Agency (NSA) and the Australian Signals Directorate (ASD) offers techniques to detect and prevent web shell malware from affecting web servers. The NSA document describes web shell malware as a long-standing, pervasive threat that continues to evade many security tools. | Malware Tool Threat | ||
|
2020-05-12 12:59:00 | 10 tips for a secure browsing experience (lien direct) | Your browser is one of the easiest ways for malware to penetrate your network. Here are 10 ways to practice safe surfing in Google Chrome, Microsoft Edge and Mozilla Firefox. | Malware | ||
|
2020-05-04 06:00:00 | COVID-19 attack campaigns target hardest hit regions, research shows (lien direct) | Attackers continue to exploit people's fears about the COVID-19 pandemic to increase the success rate of their malicious campaigns, including in the enterprise space. New research from security companies shows that cybercriminals are focusing their attacks on countries and regions that were hit hardest by the coronavirus and on industry verticals that are under major economic pressure. [ How well do you know these 9 types of malware and how to recognize them. | Sign up for CSO newsletters! ] | Malware | ||
|
2020-04-23 03:00:00 | Legions of cybersecurity volunteers rally to protect hospitals during COVID-19 crisis (lien direct) | Last month, some of the usual cast of online scammers and malware miscreants promised to refrain from attacking healthcare organizations or exploiting them during the COVID-19 crisis, showing a sense of honor unexpected from ransomware attackers and cryptocurrency thieves.However, this ceasefire turned out to be a head-fake. Within a week of those vows, malware purveyors and con artists rushed to send out phishing emails while masquerading as healthcare organizations and even launched attacks against hospitals and other critical facilities. Last week, Google alone was blocking 18 million COVID-19 phishing or malware-delivery emails per day. | Malware | ||
|
2020-04-16 06:00:00 | RubyGems typosquatting attack hits Ruby developers with trojanized packages (lien direct) | Over 700 malicious packages with names similar to legitimate ones have been uploaded to RubyGems, a popular repository of third-party components for the Ruby programming language. The upload took place over the course of a week in February, researchers report. The rogue packages contained a malicious script that, when executed on Windows computers, hijacked cryptocurrency transactions by replacing the recipient's wallet address with one controlled by the attacker. [ How well do you know these 9 types of malware and how to recognize them. | Sign up for CSO newsletters! ] | Malware | ||
|
2020-04-09 11:01:00 | 16 real-world phishing examples - and how to recognize them (lien direct) | You think you know phishing? Image by ThinkstockEven though computer users are getting smarter, and the anti-phishing tools they use as protection are more accurate than ever, the scammers are still succeeding. Lured with promises of monetary gain or threats of financial or physical danger, people are being scammed out of tens of thousands of dollars. Corporations lose even more - tens of millions. |
Malware Hack | ||
|
2020-04-02 03:48:00 | Weakness in Zoom for macOS allows local attackers to hijack camera and microphone (lien direct) | The Zoom video conferencing client for macOS does not take full advantage of the application hardening features the operating system offers, which could allow local malware to elevate its privileges or access the camera and microphone without the user's knowledge. The issues, which stem from insecure use of system APIs, were revealed Wednesday by security researcher Patrick Wardle on his blog. Wardle has a long history of macOS security research, which includes finding vulnerabilities, analyzing malware and writing security tools for Apple's platform.[ Keep up with 8 hot cyber security trends (and 4 going cold). Give your career a boost with top security certifications: Who they're for, what they cost, and which you need. | Sign up for CSO newsletters. ] Exploiting the two flaws requires attackers to already have local code execution access on the machine, but this does not mean they're not serious issues, since local code execution with limited user privileges can be achieved in a variety of ways. Furthermore, Wardle believes the problems could have been easily avoided by Zoom because the attack techniques have been documented by himself and other researchers in the past in blog posts and at security conferences. | Malware | ||
|
2020-03-25 03:00:00 | Securing Windows and Office in a time of COVID-19: update policies, remote options (lien direct) | The stay-at-home alerts for many large cities, US states, and countries is putting information technology and security professionals on the forefront of the battle to keep businesses up and running with most employees working remotely. Technology has risen to the challenge in some ways, but for some things there's just too much on our plates to deal with right now. Here's how the COVID-19 pandemic is impacting our Windows security in that regard: [ Learn how to identify, block and remove malware from Windows PCs. | Get the latest from CSO by signing up for our newsletters. ] | Malware | ||
|
2020-03-19 14:14:00 | The 14 biggest data breaches of the 21st century (lien direct) | Not long ago, a breach that compromised the data of a few million people would have been big news. Now, breaches that affect hundreds of millions or even billions of people are far too common. About 3.5 billion people saw their personal data stolen in the top two of 14 biggest breaches of this century alone. The smallest incident on this list involved the data of a mere 134 million people. [ How well do you know these 9 types of malware and how to recognize them. | Sign up for CSO newsletters! ] | Malware | ||
|
2020-03-09 10:15:00 | BrandPost: The Evolution of Linux Threats (lien direct) | 2019 was the year of Linux threats. Our research team observed a significant increase in the number of cyber attacks targeting Linux systems, evidenced by the discoveries of HiddenWasp, QNAPCrypt and EvilGnome.Sadly, the antivirus industry continues to be plagued by low Linux threat detection rates.It's important to understand that in an open-source ecosystem like Linux, there is a large amount of publicly available code that can be quickly copied by attackers to produce their own malware. At the time of its discovery, for example, HiddenWasp contained large portions of code from previously leaked and/or open-sourced threats Mirai and the Azazel rootkit. While Mirai is not a highly complex malware, its code was leaked in 2016. We now see its code being reused often by adversaries to develop their own malware instances within the Linux operating system. | Malware Threat | ||
|
2020-03-09 03:00:00 | Top cybersecurity facts, figures and statistics for 2020 (lien direct) | Looking for hard numbers to back up your sense of what's happening in the cybersecurity world? We dug into studies and surveys of the industry's landscape to get a sense of the lay of the land-both in terms of what's happening and how security leaders are reacting to it. If you want data on what systems are most vulnerable, what malware is topping the charts, and how much people are getting paid to deal with it all, read on.9 key cybersecurity statistics at-a-glance 94% of malware is delivered via email Phishing attacks account for more than 80% of reported security incidents $17,700 is lost every minute due to phishing attacks 60 percent of breaches involved vulnerabilities for which a patch was available but not applied 63 percent of companies said their data was potentially compromised within the last twelve months due to a hardware- or silicon-level security breach Attacks on IoT devices tripled in the first half of 2019. fileless attacks grew by 256 percent over the first half of 2019 Data breaches cost enterprises an average of $3.92 million 40 percent of IT leaders say cybersecurity jobs are the most difficult to fill The year in vulnerabilities Let's start by getting basic: no matter how many new and exotic vulnerabilities you'll hear about, in this article and others on cybersecurity, there's one that towers over all the rest. In an examination of thousands of security incidents, Verizon found that almost all malware arrived on computers via email: this was true in 94 percent of cases. In not unrelated news, the number one type of social engineering attack, accounting for more than 80 percent of reported incidents, is phishing-the end goal of which is often to convince users to install malware. So if you want to improve your security posture, you know where to start. (And before you think of phishing as some kind of sinister Eastern European or Nigerian scam, know that 40 percent of phishing command and control servers are in the US.) | Malware Studies Guideline | ||
|
2020-03-02 08:49:00 | BrandPost: The Understated Link Between Linux Threats and Cloud Security (lien direct) | In the antivirus industry, a large emphasis is placed on protecting Windows endpoints. Windows desktop users comprise nearly 87% of the total desktop market share, in comparison to the 2% share held by Linux desktop users. Because of this disparity, and the fact that we rarely see malware targeting Linux end users, some people argue that Linux is the safest and most secure operating system.When discussing threats to the Linux platform, however, we must consider that Linux accounts for nearly 90% of all cloud servers. Even among Microsoft's Azure Cloud, Linux is the most popular operating system. The industry's quick migration to the cloud, coupled with a lack of awareness surrounding Linux threats, has contributed to 1) low detection rates reported by the majority of security vendors, and 2) the increase of attackers' appetite to target Linux systems.Mitigation RecommendationsOrganizations can implement the following security best practices to mitigate cyber threats targeting Linux systems: | Malware | ||
|
2020-02-12 03:00:00 | How to fight hidden malware on Windows networks (lien direct) | If I listed the names of services on your Windows systems, would you be able to determine which ones were real and which ones were fake? Attackers often use fake services designed to act and look like real Windows services but contain malicious files. Is Windows Updates a true Windows service, or is it called “Windows Update” on your computer? Have you taken the time to become aware of what services and processes are normal on the computers in your network? | Malware | ||
|
2020-01-27 13:16:00 | Magecart-related arrests made in Indonesia (lien direct) | Three members of a group that infected hundreds of websites from around the world with payment card stealing malware were arrested in Indonesia, the International Criminal Police Organization (INTERPOL) announced Tuesday. The arrests are the result of a larger multi-national law enforcement investigation that continues in other countries from the Southeast Asia region. [ How well do you know these 9 types of malware and how to recognize them. | Sign up for CSO newsletters! ] | Malware | ||
|
2019-12-19 00:00:00 | Macy\'s breach is a game-changing Magecart attack (lien direct) | The payment card breach that hit Macy's online store in October was the result of a highly targeted and custom-built Magecart attack that could set the trend for web skimmers going forward, researchers believe. [ How well do you know these 9 types of malware and how to recognize them. | Sign up for CSO newsletters! ] On November 14, US department store chain Macy's alerted customers of a security breach discovered in October on its website that led to the compromise of payment card details and customer information, including full names, addresses, telephone numbers and email addresses. At the time, the company described the breach as consisting of highly specific unauthorized code injected into the checkout and wallet pages on Macys.com with the goal of capturing information submitted by customers -- in other words what the security industry calls a web skimming attack. | Malware | ||
|
2019-12-17 12:18:00 | Hackers use free tools in new APT campaign against industrial sector firms (lien direct) | Researchers have recently detected an advanced persistent threat (APT) campaign that targets critical infrastructure equipment manufacturers by using industry-sector-themed spear-phishing emails and a combination of free tools. This tactic fits into the “living off the land” trend of cyberespionage actors reducing their reliance on custom and unique malware programs that could be attributed to them in favor of dual-use tools that are publicly available. [ How well do you know these 9 types of malware and how to recognize them. | Sign up for CSO newsletters! ] | Malware Threat | ||
|
2019-12-10 09:00:00 | Cryptominers and fileless PowerShell techniques make for a dangerous combo (lien direct) | Along with ransomware, cryptocurrency mining malware is one of the most common threats to enterprise systems. Just like with ransomware, the sophistication of cryptominers has grown over the years, incorporating attack vectors and techniques such as fileless execution, run-time compilation and reflective code injection that were once associated with advanced persistent threats (APTs). [ How well do you know these 9 types of malware and how to recognize them. | Sign up for CSO newsletters! ] | Malware | ||
|
2019-11-25 07:21:00 | BrandPost: Using AI to Level the Cyber Playing Field (lien direct) | Imagine what you would have done differently in your network if you could have just seen a few years into the future. Would you have been quicker to embrace the cloud? What about the time and money spent on technologies that you now don't really use? Every wiring closet has a number of expensive “boat anchors” sitting on a shelf somewhere gathering dust. Of course, if your organization has ever been the victim of a serious breach, it's easy to guess how you may have prepared differently for that.Predicting the FutureThe truth is, that last one isn't really just wishful thinking. Cybersecurity professionals, myself included, have been warning organizations about the threats just around the corner for years. Some requires years of experience to understand threat actor trends and malware trajectories. But others just stare you in the face. For example, much of the recent success of the cybercriminal community has been due to their ability to successfully exploit the expanding attack surface and the resulting security gaps resulting from digital transformation that are not being properly closed. This shouldn't be news to anyone. | Malware Threat | ||
|
2019-11-21 03:11:00 | Emergent Android banking Trojan shows app overlay attacks are still effective (lien direct) | Researchers are tracking an Android Trojan that's been rapidly improving over the past several months. It uses overlay attacks to steal login credentials and payment card details from users of banking and other applications. [ How well do you know these 9 types of malware and how to recognize them. | Sign up for CSO newsletters! ] Dubbed Ginp, the Trojan was first spotted in October 2019, but has been in the wild since at least June, according to researchers from Dutch cybersecurity company ThreatFabric. During the past five months, the malware has received numerous improvements, including some features borrowed from an older commercial banking Trojan called Anubis. | Malware | ||
|
2019-11-20 10:07:00 | Best new Windows 10 security features: Longer support, easier deployment (lien direct) | With the new era of Windows as a service, Microsoft is rolling out changes to the operating system twice a year. Many of those changes will allow you to improve your security posture and offer more security choices. You no longer have to wait for a new operating system to deploy new security features. [ Learn how to identify, block and remove malware from Windows PCs. | Get the latest from CSO by signing up for our newsletters. ] Windows 10 1909 Microsoft's 1909 version of Windows 10 will have the fewest changes from prior versions. Several feature releases haven't been as uneventful as they could have been, so 1909 is making a drastic change in how it rolls out. | Malware | ||
|
2019-11-13 07:58:00 | BrandPost: Addressing New Challenges Starts with Resilience (lien direct) | The third quarter of 2019 saw a number of new cyberthreat trends emerge or expand, and organizations need to be aware of these trends if they wish to stay ahead of cybercriminal strategies. One of the most effective attacks strategies does not require cybercriminals to build new malware, but simply change their tactics.Cybercriminals are Focusing on Vulnerable Edge Services Phishing attacks are top of mind across all industries. That's because over 90% of all malware is still delivered using compromised email attachments. As a result, organizations are aggressively training users on how to identify malicious email, report them to the Help Desk team, and never click on unexpected email attachments. They are also reviewing and updating their secure email gateway solutions to more effectively filter out unwanted and malicious email. But over-rotating on a single attack vector can leave an organization exposed to threats that target other, potentially neglected systems. | Malware | ||
|
2019-11-12 03:00:00 | How to lock down enterprise web browsers (lien direct) | Browsers. You can't use the Internet without them, but they introduce insecurity and instability to the computing environment. Browsers are the operating system of cloud computing and protecting them will become more and more important. [ Learn how to identify, block and remove malware from Windows PCs. | Get the latest from CSO by signing up for our newsletters. ] Just last week, Google came out with patches to fix zero-day vulnerabilities with Chrome. As Kaspersky noted in its blog, “The attack leverages a waterhole-style injection on a Korean-language news portal. A malicious JavaScript code was inserted in the main page, which in turn loads a profiling script from a remote site.” The attack determined what browser version and operating system the victim is running. Like many attacks, the goal was to gain persistence on the computer. In this case the malware installs tasks in Windows Task Scheduler. | Malware | ||
|
2019-10-29 10:19:00 | BrandPost: Five critical elements for any cyber security awareness program (lien direct) | While nearly 9 in 10 companies not only allow, but actually rely on their employees to access critical business apps using their personal devices, according to a recent Fortinet Threat Landscape Report, Android-based malware now represents 14% of all cyberthreats. And in addition to direct attacks, the number of compromised web sites, email phishing campaigns, and malicious access points continue to grow exponentially, infecting unsuspecting users – regardless of their devices –with spyware, malware, compromised applications, and even ransomware. | Malware Threat | ||
|
2019-10-16 03:00:00 | Top Linux antivirus software (lien direct) | The last several years have seen a startling increase in malware that targets Linux. Some estimates suggest that Linux malware account for more than a third of the known attacks. In 2019, for example, new Linux-specific attacks included the Silex worm, GoLang malware, the Zombieload side-channel attack, the Hiddenwasp Trojan, the EvilGnome spyware and Lilocked ransomware. The volume and severity of attacks against Linux are clearly on the rise. | Malware | ||
|
2019-08-06 03:00:00 | What is a computer worm? How this self-spreading malware wreaks havoc (lien direct) | Worm definition A worm is a form of malware (malicious software) that operates as a self-contained application and can transfer and copy itself from computer to computer.It's this ability to operate autonomously, without the need for a host file or to hijack code on the host computer, that distinguishes worms from other forms of malware. [ Get inside the mind of a hacker, learn their motives and their malware. | Sign up for CSO newsletters! ] | Malware | ||
|
2019-07-25 03:00:00 | 15 signs you\'ve been hacked -- and how to fight back (lien direct) | In today's threatscape, antimalware software provides little peace of mind. In fact, antimalware scanners are horrifically inaccurate, especially with exploits less than 24 hours old. Malicious hackers and malware can change their tactics at will. Swap a few bytes around, and a previously recognized malware program becomes unrecognizable. All you have to do is drop off any suspected malware file at Google's VirusTotal, which has over 60 different antimalware scanners, to see that detection rates aren't all as advertised. | Malware | ||
|
2019-07-18 08:57:00 | Network traffic analysis tools must include these 6 capabilities (lien direct) | When it comes to threat detection and response, understanding network behavior really matters. According to ESG research, 87% of organizations use network traffic analysis (NTA) tools for threat detection and response, and 43% say NTA is a “first line of defense” for detecting and responding to threats. (Note: I am an ESG employee.) As cybersecurity professionals often state, “the network doesn't lie.” Since cyber attacks use network communications for malware distribution, command and control, and data exfiltration, trained professionals should be able to spot malicious activity with the right tools, time, and oversight. [ Also read: Must-have features in a modern network security architecture | Get the latest from CSO: Sign up for our newsletters ] | Malware Threat | ||
|
2019-07-03 11:56:00 | IDG Contributor Network: Of mice and malware (lien direct) | I'm often asked what kinds of “unexpected” skills are helpful to succeed in a job in computer security. My answer usually includes qualities like “empathy,” “curiosity,” or “communication,” but there's a whole other skillset – or perhaps it's a mindset – that is often equally important but difficult to describe in a single word. And that skillset can often be found in a seemingly unrelated discipline: biology.Blind men and an elephant There's a popular parable in which a group of blind men come across an elephant for the first time. Each man tries to conceptualize and describe this animal, while feeling only one specific part of the elephant's body. Based on this limited experience, each explanation of what the elephant is like is completely different from the others. There are many interpretations of the meaning or moral of this parable, but I found it to be relevant in a slightly different area of my life. | Malware | ||
|
2019-06-28 13:12:00 | BrandPost: Sharing Infrastructure: Insights and Strategies from the Latest Global Threat Landscape Report (lien direct) | Cyber threats are evolving so rapidly that they now require constant monitoring. Attacks observed during the first quarter of 2019 make it clear that cybercriminals are not only increasing the sophistication of their methods and tools, but that they are also diversifying. Recent attacks use a wide range of attack strategies, from targeted ransomware, custom coding, living-off-the-land (LoTL) strategies, and exploiting pre-installed tools to move laterally and stealthily across a network to launch or extend an attack.Another interesting trend is that threat actors are increasingly leveraging existing malware components, such as those offered on Dark Web sites either as open code or as Malware as a Service (MaaS). We are also learning that many attacks leverage common infrastructures, such as domains from which they launch attacks or run C2 services. For instance, nearly 60% of threats shared at least one domain from a handful of web service providers, indicating the majority of botnets not only leverage established infrastructure for distribution, but gravitate towards the same resources. | Malware Threat | ★★ | |
|
2019-06-20 03:00:00 | What is a Trojan horse? How this tricky malware works (lien direct) | Trojan horse definition A Trojan or Trojan horse is a variety of malware that disguises itself as something you want in order to trick you into letting it through your defenses.Like other types of malware, a Trojan is deployed by attackers to damage or take control of your computer. Its name comes from the method by which it infects your computer: it disguises itself as something you want in order to trick you into letting it through your defenses. [ Get inside the mind of a hacker, learn their motives and their malware. | Sign up for CSO newsletters! ] | Malware | ||
|
2019-06-10 03:00:00 | 6 ways malware can bypass endpoint protection (lien direct) | Sixty-three percent of IT security professionals say the frequency of attacks has gone up over the past 12 months, according to Ponemon's 2018 State of Endpoint Security Risk report - and 52% of respondents say all attacks cannot be realistically stopped. Their antivirus solutions are blocking only 43% of attacks. Sixty-four percent of respondents said that their organizations had experienced one or more endpoint attacks that resulted in a data breach. | Malware | ||
|
2019-05-30 11:36:00 | (Déjà vu) Best new Windows 10 security features: Windows Sandbox, more update options (lien direct) | With the new era of Windows as a service, Microsoft is rolling out changes to the operating system twice a year. Many of those changes will allow you to improve your security posture and offer more security choices. You no longer have to wait for a new operating system to deploy new security features. [ Learn how to identify, block and remove malware from Windows PCs. | Get the latest from CSO by signing up for our newsletters. ] Below is a summary of all the new security features and options in Windows 10 version 1903, which features Windows Defender Advanced Threat Protection (ATP) enhancements, more options for enterprises to defer updates, and Windows Sandbox, which provides a safe area to run untrusted software. Bookmark this article, because we will be adding new security features as Microsoft releases future Windows updates. | Malware Threat | ||
|
2019-05-20 03:00:00 | Review: How Awake Security uncovers malicious intent (lien direct) | Good cybersecurity these days is more complicated than just matching signatures against known malware. In fact, many of the most devastating attacks made against enterprises may not involve malware at all, instead relying on social engineering, insider threats, and tools and processes already approved for use within a network that are hijacked for a malicious purpose. | Malware | ||
|
2019-05-17 03:00:00 | What is malware? How to prevent, detect and recover from it (lien direct) | Malware definition Malware, short for malicious software, is a blanket term for viruses, worms, trojans and other harmful computer programs hackers use to wreak destruction and gain access to sensitive information. As Microsoft puts it, "[malware] is a catch-all term to refer to any software designed to cause damage to a single computer, server, or computer network." In other words, software is identified as malware based on its intended use, rather than a particular technique or technology used to build it. [ Get inside the mind of a hacker, learn their motives and their malware.. | Sign up for CSO newsletters! ] | Malware | ||
|
2019-05-15 09:46:00 | Microsoft urges Windows customers to patch wormable RDP flaw (lien direct) | Microsoft has fixed a critical vulnerability in some versions of Windows that can be exploited to create a powerful worm. The company even took the unusual step of releasing patches for Windows XP and Windows Server 2003, which haven't been supported in years, because it believes the threat to be very high. [ Learn how to identify, block and remove malware from Windows PCs. | Get the latest from CSO by signing up for our newsletters. ] The vulnerability, tracked as CVE-2019-0708, is located in Remote Desktop Services, formerly known as Terminal Services. This component handles connections over the Remote Desktop Protocol (RDP), a widely used protocol for remotely managing Windows systems on corporate networks. | Malware Vulnerability Threat | ||
|
2019-05-07 03:00:00 | How to get started using Ghidra, the free reverse engineering tool (lien direct) | The National Security Agency (NSA), the same agency that brought you blockbuster malware Stuxnet, has now released Ghidra, an open-source reverse engineering framework, to grow the number of reverse engineers studying malware. The move disrupts the reverse engineering market, which top dog IDA Pro has long dominated, and enables more people to learn how to reverse engineer without having to pay for an IDA Pro license, which can be prohibitively expensive for most newcomers to the field. | Malware Tool | ||
|
2019-05-01 06:32:00 | (Déjà vu) 9 types of malware and how to recognize them (lien direct) | People tend to play fast and loose with security terminology. However, it's important to get your malware classifications straight because knowing how various types of malware spread is vital to containing and removing them.This concise malware bestiary will help you get your malware terms right when you hang out with geeks. [ Get inside the mind of a hacker, learn their motives and their malware. | Sign up for CSO newsletters! ] | Malware |
To see everything:
Our RSS (filtrered)
