Threats

Tapping global threat intelligence to secure enterprise networks

On July 9, 2014, the Cybersecurity Information Sharing Act (CISA) passed the Senate Intelligence Committee in a 12-3 vote. The legislation encourages threat information sharing between government and the private sector

Researchers observe more than a hundred connections to 'Backoff' sinkhole

By

Researchers with Kaspersky Lab were able to sinkhole two command-and-control servers used by certain Backoff point-of-sale malware samples.

Security foundation also warns of Netis router backdoor

By

Trend Micro first alerted the public to the backdoor affecting Netis and Netcore brand routers.

Smart defense: A talk with industry veteran Gene Fredriksen

Smart defense: A talk with industry veteran Gene Fredriksen

By

Today's CISO must stay ahead of attackers, says Gene Fredriksen, CISO at PSCU. Teri Robinson talks one on one with the industry veteran.

News briefs: The latest on Sony, Android, Backoff malware and more.

News briefs: The latest on Sony, Android, Backoff malware and more.

By

This month's news briefs cover a preliminary settlement Sony will bear for the exposure of 77 million customers, and more.

Threat of the month: SVPENG

Threat of the month: SVPENG

We take a closer look at SVPENG, malware that's capable of launching two different types of attacks.

Catching up to the insider

Catching up to the insider

By

Have effective changes been instituted to protect organizations from other Snowdens or negligent employees?

In search of intelligence...

In search of intelligence...

By

The interruption of the cyberattack kill chain through the use of intelligence-driven security has been touted as the better way forward.

Protecting email both ways

Protecting email both ways

By

Protecting your organization from attacks brought into the system by email is an ongoing challenge, says Peter Stephenson, technology editor.

CryptoWall surpasses CryptoLocker in infection rates

CryptoWall surpasses CryptoLocker in infection rates

By

A threat analysis from Dell SecureWorks CTU says that CryptoWall has picked up where its famous sibling left off.

Syrian Malware Team makes use of enhanced BlackWorm RAT

Syrian Malware Team makes use of enhanced BlackWorm RAT

By

FireEye analyzed the hacking group's use of the malware, dubbed the "Dark Edition" of BlackWorm.

Malicious ads impact Java.com, TMZ and Photobucket site visitors, firm finds

Malicious ads impact Java.com, TMZ and Photobucket site visitors, firm finds

By

Several high-profile websites were impacted by a malvertising campaign, which Fox-IT helped dismantle.

At 10 years old, NetTraveler works much the same, few changes

By

Researchers at Kaspersky Labs analyzed the evolution, slight as it might be, of the NetTraveler toolkit.

PCI Council urges retailers to defend against Backoff POS attacks

By

The warning comes soon after the Secret Service and DHS issues a warning on the threat.

Ground system for weather satellites contains thousands of 'high-risk' bugs

Ground system for weather satellites contains thousands of 'high-risk' bugs

By

An audit of the Joint Polar Satellite System ground system revealed thousands of vulnerabilities, most of which will be addressed in two years when the next version of the system is released.

Threat report on Swedish firms shows 93 percent were breached

By

The study by KPMG and FireEye also found that 49 percent of detected malware was unknown.

Nearly 70 percent of IT pros target of weekly phishing attacks, HP finds

Nearly 70 percent of IT pros target of weekly phishing attacks, HP finds

By

On Wednesday, HP TippingPoint released its State of Network Security survey which polled hundreds of professionals.

Hackers deliver Kelihos to users sympathetic to Russian 'cause'

Hackers deliver Kelihos to users sympathetic to Russian 'cause'

By

Playing off the Ukraine conflict, a Kelihos campaign promises victims software to help the Russian cause but delivers malware instead.

Study shows how attackers make use of websites existing for less than 24 hours

Study shows how attackers make use of websites existing for less than 24 hours

By

Looking at the top 50 of parent domains that produced websites existing for less than 24 hours, researchers with Blue Coat Security Labs observed that 22 percent were malicious.

Researchers warn of backdoor in Netis, Netcore routers

By

The routers are sold in China under the Netcore brand name, and elsewhere as Netis products.

New variants of POS malware 'Backoff' found as infections expand

New variants of POS malware 'Backoff' found as infections expand

By

The Secret Service said that over 1,000 U.S. businesses have been infected with the malware.

PlayStation Network downed by DDoS attack, other gaming networks hit too

PlayStation Network downed by DDoS attack, other gaming networks hit too

By

Gamers were unable to use the PlayStation Network for most of Sunday due to a DDoS attack, and other gaming networks also suffered from similar problems throughout the weekend.

Who is lurking on your network? The various forms of the insider threat

Who is lurking on your network? The various forms of the insider threat

It is important to understand that there are various types of insider threats and that each one requires a different approach from an information security standpoint.

Reveton packaged with password stealer impacts users in U.S.

Reveton packaged with password stealer impacts users in U.S.

By

Users in the U.S. have been impacted by a variant of ransomware known as Reveton, which has been upgraded to include a powerful password stealer.

JPMorgan Chase customers targeted in massive phishing campaign

JPMorgan Chase customers targeted in massive phishing campaign

By

Roughly 500,000 emails have been sent out so far as part of a massive multifaceted phishing campaign targeting customers of JPMorgan Chase.

Study: Organizations lack training, budget to thwart insider threats

Study: Organizations lack training, budget to thwart insider threats

By

Of the 355 IT and security professionals surveyed, a majority indicated that they were ill-equipped to thwart a possible insider threat.

FireEye examines popular Google Play apps, 68 percent have SSL flaws

FireEye examines popular Google Play apps, 68 percent have SSL flaws

By

The firm analyzed 1,000 free apps in Google Play which were most downloaded by users.

Carbon Grabber crimeware kit being distributed in spam campaign

By

A spam campaign involving the Carbon Grabber crimeware kit is ongoing against the automotive industry in Europe, according to Symantec.

Errors in ZeroLocker means paying ransom may not decrypt files

By

A piece of ransomware known as ZeroLocker contains various errors that may prevent files from being decrypted even if the ransom is paid.

Study: Most higher ed malware infections attributed to 'Flashback'

Study: Most higher ed malware infections attributed to 'Flashback'

By

Flashback caused a stir in 2012 when some 650,000 Macs were infected with the malware.

Sign up to our newsletters

POLL