Malware

A Close Call Prompts Security Reassessment
Having worked in the industry for over 10 years, I consider myself a veteran cybersecurity professional. Still, that didn’t protect me against (almost) becoming a victim of malware-based credential theft. What looked ...
MalwareTech, WannaCry and Kronos – Understanding the Connections
As Marcus Hutchins was on his way home to the UK after attending Def Con and Black Hat in Las Vegas, NV, the FBI arrested him. This event sparked immediate internet outcry, ...

Trojan Spyware and BEC Attacks
When it comes to an organization’s security, business email compromise (BEC) attacks are a big problem. One primary reason impacts are so significant is that attacks often use a human victim to ...
Ursnif Banking Trojan Claims More Victims | Avast
Recently, Avast Threat Labs researchers were able to obtain information on possible victims of Ursnif malware ...
Mysterious Macintosh Malware
This is weird: Once an hour, infected Macs check a control server to see if there are any new commands the malware should run or binaries to execute. So far, however, researchers ...

Twitter Removes Russian Disinformation Accounts
On Feb. 23, Twitter booted a gaggle of accounts from its platform, including those determined to be associated with the Russian government and the well-known disinformation machine Internet Research Agency (IRA). Twitter ...

Survey Finds Low Confidence in Medical Device Security
As more medical devices connect to the Internet, the role of cybersecurity in the health care sector has never been more critical. Unfortunately, a survey of 50 senior executives at U.S. Fortune ...

Card Skimmers Powered by Chip Cards, Silver Sparrow Mac Malware, Accellion Zero-Days
This week co-host Kevin Johnson joins Tom Eston to discuss new card skimmers found in the wild, the Accellion zero-days, and a new type of Mac malware called “Silver Sparrow”. ** Links ...

SQL Triggers in Website Backdoors
Over the past year, there’s been an increasing trend of WordPress malware using SQL triggers to hide malicious SQL queries within compromised databases. These queries inject an admin level user into the ...

Hacking for Dollars: North Korean Cybercrime
In mid-February 2021, the Department of Justice shared the content of what had been a sealed indictment charging three North Korean (DPRK) hacking “operatives” with a plethora of cybercrimes, including “cyber heists ...