Expert insights. Personalized for you.
Malware exists even there - and it spreads fast. And like any system with a physical backend, the cloud can easily be subject to a wide range of vulnerabilities - including malware. But malware on the cloud is a very real, and very present threat. The problem is that the malware components aren’t identifiable through traditional scanning simply because they aren’t assembled as malware until the moment of attack.Some exploits appear to be benign.”. MORE
So, what is malware analysis and why should I care? With the commercialization of cybercrime, malware variations continue to increase at an alarming rate, and this is putting many a defender on their back foot. Malware analysis — the basis for understanding the inner workings and intentions of malicious programs — has grown into a complex mix of technologies in data science and human interpretation. MORE
Cyber and malware analysts have a critical role in detecting and mitigating cyberattacks. In this post, we show you how to build a malware detection model using the largest known dataset, SOREL-20M (Sophos/ReversingLabs-20 Million). Malware Use Case. SoReL-20M Malware Data. MORE
Internet-facing RDP servers are an increasingly common vector of compromise. This blog explains how one RDP infection nearly led to the creation of a botnet, had Darktrace AI not alerted the security team as soon as the attack began MORE
Phones branded “ Tecno ” —made by Shenzhen Transsion Holdings—appear to be preinstalled with malware. Smartphone users in emerging markets are being ripped off by suspiciously cheap handsets. Security, Information Security, Security Blogwatch, Privacy MORE
Over two-thirds of malware detected in the first three months of the year was hidden in HTTPS encrypted tunnels in a bid to evade traditional AV, according to Watchguard. The security […]. MORE
Mobile malware dubbed Agent Smith has infected about 25 million devices, mainly in India and other Asian countries, but other countries have also been affected, including the UK and US, according to security researchers at Check Point Software Technologies. Disguised as a Google-related application, the malware exploits known Android vulnerabilities and automatically replaces installed apps […]. MORE
The Unit 42 cybersecurity consulting group published research on the first known malware targeting Windows containers, which was discovered by Unit 42 researcher Daniel Prizmant and named Siloscape. MORE
This malware sample may unlock your variable naming writer’s block. The post Cryptojacking Malware Gets Creative with Variable Names appeared first on Lacework. Have you ever tried using your favorite foods? We hadn’t either until we came across this one. This Bash script was seen following the Confluence exploits we recently blogged about. The unique variable naming isn’t the only thing that caught our eye. The script uses [.]. Read More. MORE
Grimes explain 9 types of malware and how they can affect you on CSO Online : People tend to play fast and loose with security terminology. However, it’s important to get your malware classifications straight because knowing how various types of malware spread is vital to containing and removing them. This concise malware […]. Read Roger A. MORE
Microsoft security engineers detailed today a new malware strain that has been infecting Windows computers since October 2018 to hijack their resources to mine cryptocurrency and generate revenue for the attackers. Named Dexphot, this malware reached its peak in mid-June this year, when its botnet reached almost 80,000 infected computers. MORE
A new variant of a skimmer has revealed the increasingly muddy waters associated with tracking groups involved in Magecart-style attacks. On Wednesday, researchers from RiskIQ described how a new Grelos […]. News RiskIQ MORE
During a month that’s seen Android malware new and old plague the world’s most popular mobile operating system, Google says its Play Store is becoming more civilized and less like the Wild West. You have a lower probability of being infected by malware from Play than being hit by lightning,” Ahn says. A Google representative says the company detects “most” malware successfully uploaded to Google Play “within a day.” Ahn adds that Android malware is becoming more advanced. MORE
SGX-based malware may not be as troublesome as believed. We'll explain why that is and how Symantec is ready to deal with such malware if they were to appear MORE
The risks of malware. The harsh reality is that malware doesn’t only threaten data security – it can also have a direct impact on sustainability initiatives and impede enterprise climate targets. Malware can damage these checkpoints, making them unreliable and ineffective. MORE
Cobalt Strike and Metasploit, two penetration testing toolkits usually employed by security researchers, have been used to host more than a quarter of all the malware command and control (C&C) […]. MORE
It was only a matter of time before cybercriminals turned their attention to one of the most common activities on the internet— a Google search. The latest trick is using […]. News Balbix Balbix Inc MORE
Sucuri researchers discovered that the campaign sent out malicious emails masquerading as a confirmation for a recent transaction. Digital attackers deployed this disguise in the hopes that employees at the targeted bank would click on a link to a malicious PHP file out of alarm. That file was responsible for loading a fake 404 error […]. Cyber Security News MORE
The post Cryptomining Malware Using NSA Hacking Code is Spreading Rapidly appeared first on Lacework. Blog bitcoin cloud threats malwareThe combination of an anonymous currency and leaked government security exploits have led to a rising new threat for system administrators. While cybercriminals have long featured an assortment of ideologically driven activists or rising stars hoping to make a name for themselves with their peers, the vast majority of them are motivated by money. MORE
Trojan malware attacks against business targets have rocketed in the last year, as cybercriminals alter their tactics away from short-term gain and in-your-face ransomware attacks towards more subtle, long-term campaigns with the aim of stealing information including banking information, personal data, and even intellectual property. MORE
The video below explores DDP Protected Workspace and uniquely addresses healthcare regulations related to malware prevention. The evolution of malware has gone from low sophistication, such as script kiddies, to nation states (tier 1), who are more skilled and who specifically target individuals, or industries with data they intend to infiltrate. The malware is from external agents. Malware is all new, and we need to focus on containment and isolation. MORE
Now, Tracee is much more than just a system call tracer , it’s a powerful tool that can be used to perform forensic investigations and dynamic analysis of binaries – both are incredibly useful when looking for hidden malware. MORE
A new strand of malware uses Word files with macros to download a PowerShell script from GitHub. This PowerShell script further downloads a legitimate image file from image hosting service Imgur […]. News GitHub MORE
The video at this link and embedded below provides an overview of conclusions from CTOvision research into ways to automate the removal of cyber threats (including malware) from your enterprise. Analysis Big Data Cloud Computing CTO Cyber Security DoD and IC Strategy The Future Trends Video Automation Chief information security officer CISO Computer security Malware By Bob Gourley. MORE
First Published: April 4, 2017, By Mark McCullough?—?Technical Technical Consultant Former Mozilla developer, Robert O’Callahan recently joined the growing chorus of those openly stating that anti-virus products cause more security harm than they prevent. He’s right, but that’s not the only security product that should have the harsh glare of security shined on it. It’s time for information security to eat its own dog food. MORE
From misinformation spread by your Facebook friends, through malware distribution, to the DDoS’ing of health agencies. The novel coronavirus is affecting the world of infosec. Security, Information Security, Security Blogwatch MORE
With an ever-evolving threat landscape, bad actors increasingly target container infrastructure, installing sophisticated malware into images that changes its behavior to evade detection. MORE
The complexity of different types of malware continues to grow and zero-day malware is often missed by traditional security solutions. Netskope customers have deployed our unified, cloud-native platform to enforce policies across SaaS, IaaS, and the web to block and quarantine zero-day malware in the cloud as well as other critical use cases. Here’s use case #19: Block and quarantine zero-day malware in the cloud. Support quarantine workflows that are malware-centric. MORE
HP on Tuesday announced a bevy of PC updates and new features, as well as the formal release of HP Sure Sense, the company’s new software that uses AI to prevent and block malware in near-real-time, including ransomware and previously unknown malware. MORE
Cyber AI discovered an extensive crypto-mining campaign in cardboard boxes in a disused warehouse. This blog discusses the rise in cryptocurrency farms and what this signals for the international cyber-threat landscape MORE
Container Vulnerability Cloud Native Security Malware AttacksLately we’ve been witnessing a rise in the number of attacks that target container environments. We’ve been tracking an organized attack campaign that targets misconfigured open Docker Daemon API ports. MORE
In hindsight, the blog post should have been titled “Are you ready for state-sponsored zombie malware attacks?” Zombie malware combines the most deadly aspects of malware and zombie computers into one horrible mess. Typically malware gets […]. Artificial Intelligence CTO Cyber Security Cyber Threats Internet of Things News Robots Cybersecurity Malware MORE
Cybersecurity firm Symantec has uncovered an additional piece of malware used in the SolarWinds attacks, becoming the fourth piece of malware associated with the wide-ranging compromise of the popular IT […]. News SolarWinds Symantec Symantec Endpoint Protection MORE
With cyber-attacks on the IoT devices becoming increasingly prevalent, this blog post details how Darktrace’s AI identified the Mirai malware in an Internet-connected CCTV camera, breaking down each stage of the attack life cycle MORE
So, what is malware analysis and why should I care? With the commercialization of cybercrime, malware variations continue to increase at an alarming rate, and this is putting many a defender on their back foot. Malware analysis — the basis for understanding the inner workings and intentions of malicious programs — has grown into a complex mix of technologies in data science and human interpretation. MORE
Our cyber research team detected a new type of attack that executes and runs malware straight from memory in containers, thus evading common defenses and static scanning. We found four container images in Docker Hub designed to execute fileless malware attacks. MORE
An AppleScript feature designed to compress scripts into pre-compiled form has allowed bad actors to evade security researchers for years. This cryptominer Trojan spread unchecked for some five years. Security, Information Security, Security Blogwatch MORE
The book Cybersecurity Threats, Malware Trends and Strategies by Tim Rains provides a overview of the threat landscape over a twenty year period. It provides insights and solutions that can be used to develop an effective cybersecurity strategy and improve vulnerability management. MORE
Three Questions on Automated Malware Removal with Bob Gourley, Cognitio Corp and CTOVision. While there’s still an emphasis – and related spending – on malware detection, most incident response teams are actually overwhelmed by vast number of security alerts they receive. Effective malware detection is important, but only paired with response and removal can companies effectively prevent the malware that will enter the system from doing damage. By Bob Gourley. MORE
5 Ways Advanced Malware Evades the Sandbox Five Techniques You Can Do To Prepare for Evasive Advanced Malware Learn the five ways advanced malware evades detection and recommended techniques you can do to prepare for them. Fundamentals MORE
In previous crypto-mining attacks, we observed hackers investing little to no effort in hiding their malicious activities. They just ran the malicious container with all of its scripts and configuration files in clear text. This made the analysis of their malicious intent fairly easy. Container Security Image Vulnerability Scanning MORE
Malware Related Topics Aqua Security
DECEMBER 2, 2020
Our cyber research team detected a new type of attack that executes and runs malware straight from memory in containers, thus evading common defenses and static scanning. We found four container images in Docker Hub designed to execute fileless malware attacks.
Aqua Security
APRIL 3, 2020
Container Vulnerability Cloud Native Security Malware AttacksLately we’ve been witnessing a rise in the number of attacks that target container environments. We’ve been tracking an organized attack campaign that targets misconfigured open Docker Daemon API ports.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Aqua Security
AUGUST 17, 2020
Now, Tracee is much more than just a system call tracer , it’s a powerful tool that can be used to perform forensic investigations and dynamic analysis of binaries – both are incredibly useful when looking for hidden malware.
CTOvision
DECEMBER 30, 2020
A new strand of malware uses Word files with macros to download a PowerShell script from GitHub. This PowerShell script further downloads a legitimate image file from image hosting service Imgur […]. News GitHub
CTOvision
JANUARY 25, 2021
Cybersecurity firm Symantec has uncovered an additional piece of malware used in the SolarWinds attacks, becoming the fourth piece of malware associated with the wide-ranging compromise of the popular IT […]. News SolarWinds Symantec Symantec Endpoint Protection
The Parallax
JANUARY 30, 2018
During a month that’s seen Android malware new and old plague the world’s most popular mobile operating system, Google says its Play Store is becoming more civilized and less like the Wild West. You have a lower probability of being infected by malware from Play than being hit by lightning,” Ahn says. A Google representative says the company detects “most” malware successfully uploaded to Google Play “within a day.” Ahn adds that Android malware is becoming more advanced.
DataRobot
JULY 20, 2021
Cyber and malware analysts have a critical role in detecting and mitigating cyberattacks. In this post, we show you how to build a malware detection model using the largest known dataset, SOREL-20M (Sophos/ReversingLabs-20 Million). Malware Use Case. SoReL-20M Malware Data.
CTOvision
MAY 1, 2019
Grimes explain 9 types of malware and how they can affect you on CSO Online : People tend to play fast and loose with security terminology. However, it’s important to get your malware classifications straight because knowing how various types of malware spread is vital to containing and removing them. This concise malware […]. Read Roger A.
Symantec
APRIL 28, 2019
SGX-based malware may not be as troublesome as believed. We'll explain why that is and how Symantec is ready to deal with such malware if they were to appear
CTOvision
JULY 29, 2014
Three Questions on Automated Malware Removal with Bob Gourley, Cognitio Corp and CTOVision. While there’s still an emphasis – and related spending – on malware detection, most incident response teams are actually overwhelmed by vast number of security alerts they receive. Effective malware detection is important, but only paired with response and removal can companies effectively prevent the malware that will enter the system from doing damage. By Bob Gourley.
CTOvision
AUGUST 21, 2017
In hindsight, the blog post should have been titled “Are you ready for state-sponsored zombie malware attacks?” Zombie malware combines the most deadly aspects of malware and zombie computers into one horrible mess. Typically malware gets […]. Artificial Intelligence CTO Cyber Security Cyber Threats Internet of Things News Robots Cybersecurity Malware
|
CTOvision
NOVEMBER 14, 2014
The video below explores DDP Protected Workspace and uniquely addresses healthcare regulations related to malware prevention. The evolution of malware has gone from low sophistication, such as script kiddies, to nation states (tier 1), who are more skilled and who specifically target individuals, or industries with data they intend to infiltrate. The malware is from external agents. Malware is all new, and we need to focus on containment and isolation.
TechBeacon
AUGUST 27, 2020
Phones branded “ Tecno ” —made by Shenzhen Transsion Holdings—appear to be preinstalled with malware. Smartphone users in emerging markets are being ripped off by suspiciously cheap handsets. Security, Information Security, Security Blogwatch, Privacy
CTOvision
JUNE 24, 2020
Over two-thirds of malware detected in the first three months of the year was hidden in HTTPS encrypted tunnels in a bid to evade traditional AV, according to Watchguard. The security […].
CTOvision
JANUARY 11, 2021
Cobalt Strike and Metasploit, two penetration testing toolkits usually employed by security researchers, have been used to host more than a quarter of all the malware command and control (C&C) […].
CTOvision
JULY 10, 2019
Mobile malware dubbed Agent Smith has infected about 25 million devices, mainly in India and other Asian countries, but other countries have also been affected, including the UK and US, according to security researchers at Check Point Software Technologies. Disguised as a Google-related application, the malware exploits known Android vulnerabilities and automatically replaces installed apps […].
TechBeacon
MARCH 19, 2020
From misinformation spread by your Facebook friends, through malware distribution, to the DDoS’ing of health agencies. The novel coronavirus is affecting the world of infosec. Security, Information Security, Security Blogwatch
Darktrace
APRIL 8, 2021
Cyber AI discovered an extensive crypto-mining campaign in cardboard boxes in a disused warehouse. This blog discusses the rise in cryptocurrency farms and what this signals for the international cyber-threat landscape
Darktrace
JUNE 30, 2020
With cyber-attacks on the IoT devices becoming increasingly prevalent, this blog post details how Darktrace’s AI identified the Mirai malware in an Internet-connected CCTV camera, breaking down each stage of the attack life cycle
Aqua Security
NOVEMBER 30, 2020
With an ever-evolving threat landscape, bad actors increasingly target container infrastructure, installing sophisticated malware into images that changes its behavior to evade detection.
CTOvision
DECEMBER 2, 2019
Microsoft security engineers detailed today a new malware strain that has been infecting Windows computers since October 2018 to hijack their resources to mine cryptocurrency and generate revenue for the attackers. Named Dexphot, this malware reached its peak in mid-June this year, when its botnet reached almost 80,000 infected computers.
Darktrace
MARCH 15, 2021
Internet-facing RDP servers are an increasingly common vector of compromise. This blog explains how one RDP infection nearly led to the creation of a botnet, had Darktrace AI not alerted the security team as soon as the attack began
CTOvision
MARCH 18, 2021
It was only a matter of time before cybercriminals turned their attention to one of the most common activities on the internet— a Google search. The latest trick is using […]. News Balbix Balbix Inc
CTOvision
JUNE 21, 2014
The video at this link and embedded below provides an overview of conclusions from CTOvision research into ways to automate the removal of cyber threats (including malware) from your enterprise. Analysis Big Data Cloud Computing CTO Cyber Security DoD and IC Strategy The Future Trends Video Automation Chief information security officer CISO Computer security Malware By Bob Gourley.
Palo Alto Networks
JUNE 7, 2021
The Unit 42 cybersecurity consulting group published research on the first known malware targeting Windows containers, which was discovered by Unit 42 researcher Daniel Prizmant and named Siloscape.
CTOvision
FEBRUARY 27, 2019
Sucuri researchers discovered that the campaign sent out malicious emails masquerading as a confirmation for a recent transaction. Digital attackers deployed this disguise in the hopes that employees at the targeted bank would click on a link to a malicious PHP file out of alarm. That file was responsible for loading a fake 404 error […]. Cyber Security News
CTOvision
APRIL 23, 2019
HP on Tuesday announced a bevy of PC updates and new features, as well as the formal release of HP Sure Sense, the company’s new software that uses AI to prevent and block malware in near-real-time, including ransomware and previously unknown malware.
Aqua Security
JULY 8, 2019
In previous crypto-mining attacks, we observed hackers investing little to no effort in hiding their malicious activities. They just ran the malicious container with all of its scripts and configuration files in clear text. This made the analysis of their malicious intent fairly easy. Container Security Image Vulnerability Scanning
CTOvision
NOVEMBER 21, 2016
Malware exists even there - and it spreads fast. And like any system with a physical backend, the cloud can easily be subject to a wide range of vulnerabilities - including malware. But malware on the cloud is a very real, and very present threat. The problem is that the malware components aren’t identifiable through traditional scanning simply because they aren’t assembled as malware until the moment of attack.Some exploits appear to be benign.”.
TechBeacon
JANUARY 21, 2021
An AppleScript feature designed to compress scripts into pre-compiled form has allowed bad actors to evade security researchers for years. This cryptominer Trojan spread unchecked for some five years. Security, Information Security, Security Blogwatch
SecureWorks
OCTOBER 20, 2019
5 Ways Advanced Malware Evades the Sandbox Five Techniques You Can Do To Prepare for Evasive Advanced Malware Learn the five ways advanced malware evades detection and recommended techniques you can do to prepare for them. Fundamentals
CTOvision
NOVEMBER 23, 2020
A new variant of a skimmer has revealed the increasingly muddy waters associated with tracking groups involved in Magecart-style attacks. On Wednesday, researchers from RiskIQ described how a new Grelos […]. News RiskIQ
CTOvision
JANUARY 23, 2019
Trojan malware attacks against business targets have rocketed in the last year, as cybercriminals alter their tactics away from short-term gain and in-your-face ransomware attacks towards more subtle, long-term campaigns with the aim of stealing information including banking information, personal data, and even intellectual property.
Netskope
JULY 18, 2018
The complexity of different types of malware continues to grow and zero-day malware is often missed by traditional security solutions. Netskope customers have deployed our unified, cloud-native platform to enforce policies across SaaS, IaaS, and the web to block and quarantine zero-day malware in the cloud as well as other critical use cases. Here’s use case #19: Block and quarantine zero-day malware in the cloud. Support quarantine workflows that are malware-centric.
AlienVault
JULY 9, 2019
So, what is malware analysis and why should I care? With the commercialization of cybercrime, malware variations continue to increase at an alarming rate, and this is putting many a defender on their back foot. Malware analysis — the basis for understanding the inner workings and intentions of malicious programs — has grown into a complex mix of technologies in data science and human interpretation.
AlienVault
JULY 9, 2019
So, what is malware analysis and why should I care? With the commercialization of cybercrime, malware variations continue to increase at an alarming rate, and this is putting many a defender on their back foot. Malware analysis — the basis for understanding the inner workings and intentions of malicious programs — has grown into a complex mix of technologies in data science and human interpretation.
InfoQ Articles
DECEMBER 7, 2020
The book Cybersecurity Threats, Malware Trends and Strategies by Tim Rains provides a overview of the threat landscape over a twenty year period. It provides insights and solutions that can be used to develop an effective cybersecurity strategy and improve vulnerability management.
Lacework
AUGUST 26, 2019
The post Cryptomining Malware Using NSA Hacking Code is Spreading Rapidly appeared first on Lacework. Blog bitcoin cloud threats malwareThe combination of an anonymous currency and leaked government security exploits have led to a rising new threat for system administrators. While cybercriminals have long featured an assortment of ideologically driven activists or rising stars hoping to make a name for themselves with their peers, the vast majority of them are motivated by money.
taos
OCTOBER 14, 2019
First Published: April 4, 2017, By Mark McCullough?—?Technical Technical Consultant Former Mozilla developer, Robert O’Callahan recently joined the growing chorus of those openly stating that anti-virus products cause more security harm than they prevent. He’s right, but that’s not the only security product that should have the harsh glare of security shined on it. It’s time for information security to eat its own dog food.
Lacework
JULY 3, 2019
This malware sample may unlock your variable naming writer’s block. The post Cryptojacking Malware Gets Creative with Variable Names appeared first on Lacework. Have you ever tried using your favorite foods? We hadn’t either until we came across this one. This Bash script was seen following the Confluence exploits we recently blogged about. The unique variable naming isn’t the only thing that caught our eye. The script uses [.]. Read More.
102 
Let's personalize your content