Crypt0L0cker ransomware - originally tied to the Gameover Zeus gang - has returned, researchers warn, and in some cases is digitally signed to make it appear legitimate. Other attack campaigns are spreading Cerber and Sage Locker via spam emails sent via short-lived domain names.
The notion of "next-gen" is now promoted by some providers of endpoint security software as a way to improve the efficacy of protecting endpoints from compromise, given the prominent role endpoints play in cybersecurity attacks, the ways in which mobility and cloud apps have expanded the attack surface area, and the...
High-profile, targeted attacks from malicious actors now occur with frightening and increasing regularity. This evolution of advanced threats overwhelms both IT organizational bandwidth and the capabilities of legacy antivirus tactics, particularly as the increasing number of endpoint devices used by employees expands...
The security landscape changed dramatically with the maturation of crypto-ransomware in 2014. Not only did this new type of malware bring about a more lucrative business model for attackers, it also spurred the adoption of many so-called 'next-gen' endpoint security techniques.
While these techniques bring...
With Verizon's data breach investigations team finding that 90 percent of breaches trace to a phishing or other social engineering attack, lead investigator Chris Novak says that using multifactor authentication should be a no-brainer for all organizations.
To meet the increasing customer demands for effective solutions, security vendors must ensure their products work together well, says Dr. Mike Lloyd of RedSeal. This is particularly essential to achieving "digital resilience," the ability to promptly detect and respond to network intrusions, he says.
Déjà vu "smart toy" information security fail: Spiral Toys, maker of internet-connected CloudPets, is under fire for exposing 821,000 user records online - now being ransomed - as well as links to 2.2 million parents' and children's voice recordings.
Today's threat landscape constantly throws new problems at organizations already struggling to keep up with yesterday's issues. New malware, ransomware, botnets, and fileless attacks target a growing list of enterprise vulnerabilities with clever new exploits and social engineering tactics, and these attacks are...
While security teams continue to add to their threat protection arsenal, they are struggling to keep up with the threats. Security information and event management (SIEM) products, threat analytics platforms, advanced endpoint protection (AEP) products, user entity behavior analytics (UEBA) tools, and incident...
CISOs and security analysts alike complain that security information and event management (SIEM) technology has not fully lived up to its promises. Even with SIEM systems in place, enterprises still suffer from alert fatigue, and security teams armed with SIEM event and flow data still miss untold numbers of attack...
Our objective, as the industry's largest global media organization, is to bring you the most important bits from the conference, whether you attended the event or are experiencing the content now for the first time. Call this the Best of RSA Conference 2017.
Attackers are increasingly targeting mobile channels, driving banks to seek better ways of verifying the authenticity and integrity of not just users, but also mobile devices and transactions, says John Gunn of cybersecurity technology firm Vasco Data Security.
Paid breach notification site LeakedSource has disappeared. Given the site's business model - selling access to stolen credentials to any potential buyer - breach notification expert Troy Hunt says the site's demise is no surprise.
New ransomware circulating via BitTorrent is disguised as software that purports to allow Mac users to crack popular Adobe and Microsoft applications. Separately, new ransomware calling itself Trump Locker appears to be the previously spotted VenusLocker ransomware in disguise.
Emerging insider threats have quickly proven that the proverbial "walled garden" is not so walled after all, and without true end-to-end encryption, insiders and outsiders can compromise sensitive data, says Dr. Phillip Hallam-Baker of Comodo Group.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.