Threat Intelligence

Outsourcing Cybersecurity to Foreign-Based Firms
Cybersecurity Data Security Industry Spotlight Security Boulevard (Original) Threat Intelligence 

The Danger in Outsourcing Cybersecurity to Foreign-Based Firms

Andy Jordan by Andy Jordan on April 25, 2018
Sending cybersecurity work offshore isn’t just a bad idea for individual organizations; it can be a security issue. Facing a severe shortage of qualified cybersecurity workers—the InfoSec unemployment rate is expected to be zero until at least 2021—many organizations have no choice but to outsource at least some of their cybersecurity functions. Security services are..
Read more
Security Patches Move Faster
Cybersecurity Data Security Featured Security Boulevard (Original) Spotlight Threat Intelligence Vulnerabilities 

Security Patches: Move Faster to Keep Up With the Bad Guys

Scot Finnie by Scot Finnie on April 17, 2018
You’re tired of hearing it. Most security pundits are tired of saying it. Applying and testing security patches with alacrity is one of the keys to avoiding data breaches. And it looks like that could become even more imperative. A new Ponemon Institute study, commissioned by ServiceNow, concludes that cybercriminals and hackers have responded more..
Read more
Sophistication in Hackers
Cybersecurity Featured Security Boulevard (Original) Spotlight Threat Intelligence Threats & Breaches 

2018 Emerging Threats Show New Sophistication in Hackers

Sue Poremba by Sue Poremba on April 3, 2018
One of the problems with threat prevention is that we get too hung up on yesterday’s threats. Security systems are designed for the types of attacks we’ve seen in the past. That’s necessary, of course, because we know bad guys use the methods proven effective. We also know that cybercriminals don’t rest on their laurels...
Read more
Malware Security Bloggers Network Threat Intelligence Threats & Breaches 

An in-depth malware analysis of QuantLoader

by Malwarebytes Labs on March 28, 2018
QuantLoader is a Trojan downloader that has been used in campaigns serving a range of malware, including ransomware, Banking Trojans, and RATs. In this post, we'll take a high-level look at the campaign flow, as well as a deep dive into how the malware executes. Categories: Malware Threat analysis Tags: backdoormalware analysisQuantLoaderQuantLoader Trojantrojan (Read more...) The post An in-depth malware analysis...
Read more
Endpoint Malware Security Bloggers Network Threat Intelligence Threats & Breaches 

Encryption 101: Decryptor’s thought process

by Vasilios Hioureas on March 27, 2018
In the previous parts 1, 2 and 3 of this series, we covered the basics of encryption, walked through a live example of a ransomware in detail, and talked about encryption weaknesses. In this part of the encryption 101 series, we will begin wrapping it up by going into detail on a ransomware with weak... Categories: Malware Threat analysis Tags: break encryptiondecryptorencrpytion functionalityencryptionPrincessLockerransomware (Read more...) The post
Read more
Digital Currency Security Bloggers Network Threat Intelligence 

Malicious cryptomining and the blacklist conundrum

by Jérôme Segura on March 26, 2018
When threat actors take to free and disposable cloud services, the battle against malicious cryptomining becomes a lot more difficult. Categories: Cryptomining Threat analysis Tags: adblockersblacklistcoinhivecryptominerscryptominingGitHub (Read more...) The post Malicious cryptomining and the blacklist conundrum appeared first on Malwarebytes Labs.
Read more
Malware Security Bloggers Network Threat Intelligence 

SANNY Malware Delivery Method Updated in Recently Observed Attacks

by Nick Harbour on March 23, 2018
Introduction In the third week of March 2018, through FireEye’s Dynamic Threat Intelligence, FireEye discovered malicious macro-based Microsoft Word documents distributing SANNY malware to multiple governments worldwide. Each malicious document lure was crafted in regard to relevant regional geopolitical issues. FireEye has tracked the SANNY malware family since 2012 and believes that it is unique to a group focused on Korean Peninsula issues. This group has consistently targeted diplomatic entities worldwide, primarily using lure documents written in English and Russian. As part of these recently observed attacks, the threat actor has ...
Read more
Nation State Cyberespionage
Cybersecurity Featured Security Awareness Security Boulevard (Original) Spotlight Threat Intelligence 

Nation State Cyberespionage: Iran and North Korea

by Christopher Burgess on March 23, 2018
The nation state threat posed by Iran and North Korea is very real. Both have evolved into formidable adversaries for both government and industry. When confronted with the knowledge that either of these country’s intelligence apparatus has their crosshairs ranged in on a country or company, there isn’t an infosec team that doesn’t belt themselves..
Read more
Security Bloggers Network Threat Intelligence 

DOSfuscation: Exploring the Depths of Cmd.exe Obfuscation and Detection Techniques

by Nick Harbour on March 22, 2018
Skilled attackers continually seek out new attack vectors, while employing evasion techniques to maintain the effectiveness of old vectors, in an ever-changing defensive landscape. Many of these threat actors employ obfuscation frameworks for common scripting languages such as JavaScript and PowerShell to thwart signature-based detections of common offensive tradecraft written in these languages. However, as defenders' visibility into these popular scripting languages increases through better logging and defensive tooling, some stealthy attackers have shifted their tradecraft to languages that do not support this additional visibility. At a minimum, determined attackers...
Read more
Page 1 of 3612345...102030...Last »