Meet ‘misinfosec’: Fighting fake news like it’s malware

The Parallax

Researcher Sara-Jayne Terp shows in her misinformation pyramid how attackers and defenders follow similar patterns to malware campaigns. Whether attackers are trying to spread malware or disinformation, they have to study the people they’re targeting.

Protecting Hadoop Clusters From Malware Attacks

Cloudera Engineering

Two new strains of malware– XBash and DemonBot –are targeting Apache Hadoop servers for Bitcoin mining and DDOS purposes. This blog post describes the mechanism this malware uses and offers specific actions to protect your Hadoop-based clusters. A History of Hadoop Malware.

Dispelling Myths Around SGX Malware


SGX-based malware may not be as troublesome as believed. We'll explain why that is and how Symantec is ready to deal with such malware if they were to appear

Google Play is an ‘order of magnitude’ better at blocking malware

The Parallax

During a month that’s seen Android malware new and old plague the world’s most popular mobile operating system, Google says its Play Store is becoming more civilized and less like the Wild West. Ahn adds that Android malware is becoming more advanced.

Crypto-Mining Malware Outsmarting Image Scanners

Aqua Security

In previous crypto-mining attacks, we observed hackers investing little to no effort in hiding their malicious activities. They just ran the malicious container with all of its scripts and configuration files in clear text. This made the analysis of their malicious intent fairly easy.

Hacks, cracks, and malware attacks – July 2019 


Each month, we’ll take a look at what’s happening on the front lines of the battle against various types of cyber-attacks, new variants of malicious software, phishing and other scams, vulnerability exploits, and other threats to the security of your networks, systems, and data.

Cryptojacking Malware Gets Creative with Variable Names


This malware sample may unlock your variable naming writer’s block. The post Cryptojacking Malware Gets Creative with Variable Names appeared first on Lacework. Have you ever tried using your favorite foods? We hadn’t either until we came across this one.

9 types of malware and how to recognize them


Grimes explain 9 types of malware and how they can affect you on CSO Online : People tend to play fast and loose with security terminology. However, it’s important to get your malware classifications straight because knowing how various types of malware spread is vital to containing and removing them. This concise malware […]. Read Roger A.

A peek into malware analysis tools


So, what is malware analysis and why should I care? With the commercialization of cybercrime, malware variations continue to increase at an alarming rate, and this is putting many a defender on their back foot.

Interview on Automated Malware Removal


Three Questions on Automated Malware Removal with Bob Gourley, Cognitio Corp and CTOVision. While there’s still an emphasis – and related spending – on malware detection, most incident response teams are actually overwhelmed by vast number of security alerts they receive.

Anti-spam/malware for Public folders


hello, does anyone know of any product (in-built default or purchased) from Microsoft that will provide anti-spam/malware/phishing for mail-enabled public folders in office 365/Exchange Online? thanks in advance. office 365

Dell Data Protection Protected Workspace & Malware Prevention


The video below explores DDP Protected Workspace and uniquely addresses healthcare regulations related to malware prevention. Individuals take malware and obtain the characteristics pertaining to the individual and find ways to get around the malware inspections in place.

Tales From the SOC: Hunting for Persistent Malware

Palo Alto Networks

Here’s an exclusive preview of how we’ve used Cortex XDR to hunt, identify, and remediate a piece of persistent malware. How to hunt for persistent malware. In the below screenshot, oMO.exe is identified as malware, which is why it shows up in red.

Are you ready for state-sponsored zombie malware attacks?


In hindsight, the blog post should have been titled “Are you ready for state-sponsored zombie malware attacks?” Zombie malware combines the most deadly aspects of malware and zombie computers into one horrible mess. Typically malware gets […]. Artificial Intelligence CTO Cyber Security Cyber Threats Internet of Things News Robots Cybersecurity Malware

Sharepoint Online "Malware detected" remove block?


Is there any way to whitelist the files it flags as malware? Our customer is running Office 365 Business Essential and have their files in Office 365 groups. They write there own program and it seems like Sharepoint Online is flagging some.jar files as virus. This makes the backup throw warnings and cannot backup thise files. It does not report anything in Security and Compliance>Threat Managment>Review. We do not have the ATP subscription. . office 365

SecureAge Integrates Artificial Intelligence Powered APEX Anti-Malware Engine in VirusTotal

The post SecureAge Integrates Artificial Intelligence Powered APEX Anti-Malware Engine in VirusTotal appeared first on

HP aims to secure its PC portfolio with Sure Sense malware blocker


HP on Tuesday announced a bevy of PC updates and new features, as well as the formal release of HP Sure Sense, the company’s new software that uses AI to prevent and block malware in near-real-time, including ransomware and previously unknown malware.

Phishing Campaign Uses Fake Google reCAPTCHA to Distribute Malware


Sucuri researchers discovered that the campaign sent out malicious emails masquerading as a confirmation for a recent transaction. Digital attackers deployed this disguise in the hopes that employees at the targeted bank would click on a link to a malicious PHP file out of alarm. That file was responsible for loading a fake 404 error […]. Cyber Security News

Smart Cloud Security: Block and Quarantine Zero-day Malware in the Cloud


The complexity of different types of malware continues to grow and zero-day malware is often missed by traditional security solutions. Here’s use case #19: Block and quarantine zero-day malware in the cloud. Support quarantine workflows that are malware-centric.

New Video: Automating Your Cyber Defenses Including Malware Removal


The video at this link and embedded below provides an overview of conclusions from CTOvision research into ways to automate the removal of cyber threats (including malware) from your enterprise. By Bob Gourley.

Trojan malware is back and it’s the biggest hacking threat to your business


Trojan malware attacks against business targets have rocketed in the last year, as cybercriminals alter their tactics away from short-term gain and in-your-face ransomware attacks towards more subtle, long-term campaigns with the aim of stealing information including banking information, personal data, and even intellectual property.

Malware Analysis using Osquery | Part 3


In part 1 of this blog series, we analyzed malware behaviour, and, in part 2 , we learned how to detect persistence tricks used in malware attacks. Imagine your company is being targeted by one of the latest threats and you want to detect the activity the malware is performing.

Malware Analysis using Osquery Part 2


In the first part of this series, we saw how you can use Osquery to analyze and extract valuable information about malware’s behavior. In this post, we are going to see another common technique that malware uses persistence. Here is an example of OilRig malware.

Malware Analysis using Osquery Part 1


In this blog series, we’ll analyze different malware families, looking at the types of events generated on the endpoint and how we can use Osquery to detect them. The dropper spreads through email phishing and downloads the malware using a malicious Office macro.

Cloud Workload Protection Products at Risk with New Cyber Attack


What happens, then, when a cyber attack, namely malware, is used to uninstall security software designed specifically to prevent public cloud infrastructure compromise? This is precisely what happened with a new malware variant discovered by Palo Alto Networks’ Unit 42.

Linux 83

What Can You Do About Malware In The Cloud?


Malware exists even there - and it spreads fast. And like any system with a physical backend, the cloud can easily be subject to a wide range of vulnerabilities - including malware. But malware on the cloud is a very real, and very present threat. The problem is that the malware components aren’t identifiable through traditional scanning simply because they aren’t assembled as malware until the moment of attack.Some exploits appear to be benign.”.

IT firms, telcos among dozens hacked in new info-stealing malware attack


A cyber espionage group is deploying a new type of trojan malware against telecommunications, information technology, and government organisations. Dubbed Seedworm, the group has been operating since at least 2017, and although it predominantly looks to infiltrate organisations in the Middle East, organisations based in Europe and North America have also been targets. The hacking operation — […].

Shining a light on Shamoon 3: What cyber AI revealed about the data-wiping malware


During an extended trial in the network of a global company, Darktrace observed a Shamoon-powered cyber-attack

Millions of Android users beware: Alibaba’s UC Browser can be used to deliver malware


UC Browser, a hugely popular mobile browser from Alibaba-owned UCWeb, has a design flaw that allows attackers to swap out downloads from the company’s servers with files from any server on the internet, according to researchers at Russian security firm Dr. Web. The company has raised an alarm over the mobile browser because it can download […]. Cyber Security News

White Paper: Automating Your Cyber Defenses Including Malware Removal


We believe this is the only way to reduce the impact of malware and breaches in a cost effective way. By Bob Gourley. Threat actors are increasingly automating their attacks, making defense harder and overwhelming incident response teams.

PcTechmate: Automating repair of malware ridden systems


Signature based solutions are being bypassed by malware every day. The pervasiveness and sophistication of modern malware is damaging computers to a point where expert int. Problem: Everyone is in agreement that today’s antivirus software alone is no longer a viable solution by itself. The most recent reports from Symantec and McAfee have publicly said “Do not rely solely on our products to protect your computer.” Face it, the bad guys are winning.

Nearly 500,000 routers infected by Russian malware, Apple’s privacy portal, New LocationSmart scandal


Cyber firms, Ukraine warn of planned Russian attack Cisco's Talos cyber intelligence unit says 500K+ routers in dozens of countries have been infected by Russia-linked malware and could be used to attack Ukraine. Cisco Systems Inc warned on Wednesday that hackers have infected at least 500,000 routers and storage devices in dozens of countries with [.]. CTO Cyber Security Cyber War News

Gallmaker: New Attack Group Eschews Malware to Live off the Land


A new attack group is targeting government, military, and defense sectors in what appears to be a classic espionage campaign

How profitable is crypto-mining malware?


Darktrace regularly detects crypto-mining attempts the moment they occur on a network

Lastline: Stop Evasive Malware, Persistent Threats and Zero Days


Lastline Enterprise and Analyst deliver protection against targeted attacks, advanced persistent threats (APTs), zero-day exploits, and other advanced malware that bypass traditional signature-based controls and sandbox-based analysis systems. A video overview is at this link and embedded below: [link]. Easy to deploy and simple to administer, Lastline’s solutions are universal to Web, email, file, To read more please log in. Not a member yet? We would love to have you onboard.