Malware
Malware | News, how-tos, features, reviews, and videos
CISA kicks off ransomware vulnerability pilot to help spot ransomware-exploitable flaws
The CISA pilot program will notify organizations of vulnerabilities that can lead to ransomware attacks, with small organizations the primary beneficiaries.
BianLian ransomware group shifts focus to extortion
The shift in the operating model comes as a result of Avast’s release of a decryption tool that allowed a victim of the BianLian ransomware gang to decrypt and recover their files without paying the ransom.
Cybercriminals target SVB customers with BEC and cryptocurrency scams
Security researchers have found that threat actors have already registered domains and pages to carry out the attacks.
DNS data shows one in 10 organizations have malware traffic on their networks
Akamai report highlights how widespread malware threats remain, noting the dangers of threats specific to DNS infrastructure.
Universities and colleges cope silently with ransomware attacks
Ransomware gangs like Vice Society target colleges and universities like every other sector, but they try hard to keep that information quiet.
Amazon-owned Ring reportedly suffers ransomware attack
The Russia-linked ALPHV ransomware gang has threatened to leak stolen data if Ring refuses to pay ransom.
Blackbaud penalized $3M for not disclosing the full scope of ransomware attack
The company detected unauthorized access to its systems in May 2020 that impacted 13,000 customers.
New variant of the IceFire ransomware targets Linux enterprise systems
Traditionally known to target only Windows systems, the new Linux version of the IceFire ransomware exploits an IBM Aspera Faspex file-sharing vulnerability, according to SentinelLabs.
Attacks on SonicWall appliances linked to Chinese campaign: Mandiant
The technique used in the attack on SonicWall devices are consistent with earlier attacks from a Chinese campaign.
Stolen credentials increasingly empower the cybercrime underground
New research shows that criminal gangs are focusing more on acquiring stolen credentials to bypass security measures.
Attack campaign uses PHP-based infostealer to target Facebook business accounts
The threat actor uses the malware to target critical government infrastructure employees, manufacturing companies, and others.
Iron Tiger updates malware to target Linux platform
Researchers predict the APT will expand capabilities to target other platforms and apps in the future.
BlackLotus bootkit can bypass Windows 11 Secure Boot: ESET
Researchers found BlackLotus uses year old vulnerability and can run even on fully up-to-date Windows 11 systems with UEFI Secure Boot enabled.
New cyberattack tactics rise up as ransomware payouts increase
Although threat actors continue to use phishing, brand impersonation, and business email compromise (BEC) as common tactics, use of less familiar attack methods to infiltrate global organizations have picked up, Proofpoint says.
5 top threats from 2022 most likely to strike in 2023
Study and prepare for these five threats and you will be well on your way to protecting your network, assets, and employees.
Backdoor deployment overtakes ransomware as top attacker action
Thanks to the availability of malware such as Emotet, deploying backdoors on victims' networks is becoming easier and more lucrative for cybercriminals.
Malware authors leverage more attack techniques that enable lateral movement
Malware authors and cybercriminal groups are making sophisticated techniques practical for threat actors to use more widely, changing threat models.
Attacks on industrial infrastructure on the rise, defenses struggle to keep up
A Dragos report shows threat actors new and old have the potential to cause major disruptions of critical infrastructure.