The latest edition of the ISMG Security Report describes vulnerabilities found in popular password generator apps. Plus, the evolution of blockchain as a utility and a new decryptor for GandCrab ransomware.
A rush by some media outlets to attribute a late-2018 alleged Ryuk ransomware infection at Tribune Publishing to North Korean attackers appears to have been erroneous, as many security experts warned at the time. Rather, cybercrime gangs appear to be using Ryuk, according to researchers at McAfee and Coveware.
The good news for security leaders: Because of SSL/TLS, nearly every bit of web data in transit is now encrypted. The bad news: Threat actors are now masking their attacks inside of encrypted traffic.
Download this eBook transcript of a recent interview with Kevin Stewart of F5 Networks on SSL visibility and learn...
The good news for security leaders: Because of SSL/TLS, nearly every bit of web data in transit is now encrypted. The bad news: Threat actors are now masking their attacks inside of encrypted traffic. Kevin Stewart of F5 Networks explains why network visibility is not enough to detect these attacks.
Email is still the #1 attack vector the bad guys use. A whopping 91% of cyberattacks start with a phishing email, but email hacking is much more than phishing and launching malware!
Join Roger A. Grimes, KnowBe4's Data-Driven Defense Evangelist and security expert with over 30-years of experience, for this webinar...
Sophos is out with new reports on Matrix and Emotet,
two types of cyberattacks that are hitting enterprise
Matrix is a targeted ransomware, an emerging type of attack Sophos expects to gain
prominence, and Emotet is malware that has evolved over the years into an opportunistic,
polymorphic threat that...
Sophos is out with new reports on Matrix and Emotet, two different types of cyberattacks that are hitting enterprise defenses. Matrix is a targeted ransomware, an emerging type of attack Sophos expects to gain prominence, and Emotet is malware that has evolved over the years into an opportunistic, polymorphic threat...
Cybercrime outfits appeared to take a vacation around the December holidays. But attacks involving Emotet, Hancitor and Trickbot have resurged following their December slowdown, as has the Fallout exploit kit, lately serving GandCrab ransomware.
Our goal with this report has always been to track the ever-shifting contours of the cyber-threat landscape and communicate what
we're seeing to our readers.
Generally speaking, the TLI is based on the premise that if organizations are seeing more threats more frequently, then things are
getting worse. If the...
As the threat landscape evolves, it becomes a game of
survival of the fittest. Only the best attacks and attackers
remain standing, and the result is a series of targeted
ransomware attacks that now cost global enterprises
millions of dollars per year. This is among the important
findings of the Sophos 2019...
A new, free decryptor has been released for "aggressive" crypto-locking ransomware called GandCrab. Researchers say GandCrab has come to dominate the ransomware-as-a-service market, earning its development team an estimated $120,000 per month.
No matter how much security technology we purchase, we still face a fundamental security problem: people. This webinar will explore the different levers that social engineers and scam artists pull to make us more likely to do their bidding.
Join Perry Carpenter, Chief Evangelist and Strategy Officer at KnowBe4, as...
A slick ransomware-as-a-service operation called Kraken Cryptor has begun leveraging the Fallout exploit kit to help it score fresh victims, researchers from McAfee and Recorded Future warn. Absent offline backups, victims have little chance of recovering from its crypto-locking attacks.
Malware continues to increase in sophistication and routinely evades organizations' cyber defenses. It lurks inside networks waiting to execute attacks that can cause significant damage. Automated Static Analysis of binary files enables security teams to unlock an array of new threat intelligence, hunting, analysis,...
The lack of visibility into the millions of objects that move into an organization's network means threat hunters cannot adequately identify undetected malware they are hunting for.
Local Threat Intelligence combined with advanced malware hunting tools gives threat hunters a precise way to hunt the last mile...