Looking for a UEBA Solution? Here Are Some Key Considerations Before You Buy
As you begin mapping out your security defense strategy for 2017, you’ve undoubtedly seen a relatively new acronym on your radar—UEBA, or User and Entity Behavior Analytics. This game-changing innovation promises to connect the dots of an attack to provide advanced levels of detection and to unify security. UEBA solutions accomplish this by taking into […] more…Digital Wallets: Safety tips from an industry leader
As digitization gains traction and we move towards a cashless economy, it will be of great help to know how to carry out online transactions securely. Many of us are digital immigrants and hesitate at the thought of using e-wallets. Will it be easy and will our money be safe? – We ask ourselves and […] more…MongoDB Databases Hit by Wave of Data Extortion
During the past couple of weeks an attacker with the alias Harak1r1 has gone after MongoDB databases connected to the cloud. These old database instances were not protected by an administrator password, and were non-firewalled. Therefore, the attacker logged onto these databases, downloaded the content, then removed the content, and left a note demanding 0.2 […] more…Analyzing KillDisk Ransomware, Part 1: Whitelisting
At McAfee Labs we recently analyzed the ransomware KillDisk. We will share our analysis in two parts: the first, this article, contains general information about the malware and its whitelisting technique; the second part will appear soon with an analysis of its variants and techniques, including how to unlock the locked screen in an infected […] more…In Review: 2016’s Mobile Threat Landscape Brings Diversity, Scale, and Scope
65 million: the number of times we’ve blocked mobile threats in 2016. By December 2016, the total number of unique samples of malicious Android apps we’ve collected and analyzed hit the 19.2 million mark—a huge leap from the 10.7 million samples collected in 2015. Indeed, the ubiquity of mobile devices among individual users and organizations, […] more…Practical Android Debugging Via KGDB
Kernel debugging gives security researchers a tool to monitor and control a device under analysis. On desktop platforms such as Windows, macOS, and Linux, this is easy to perform. However, it is more difficult to do kernel debugging on Android devices such as the Google Nexus 6P . In this post, I describe a method to […] more…New Free Software Promises to Help SMBs Fight Off Ransomware
You already know how ransomware works. Malware gets loaded on to a computer, and quietly encrypts everything of use. When it’s done, you see a message displayed on your screen demanding payment in Bitcoins, and you’re told that if you don’t pay up, you’ll never get your data back. For many companies, the only choice […] more…The “EyePyramid” attacks
On January 10, 2017, a court order was declassified by the Italian police, in regards to a chain of cyberattacks directed at top Italian government members and institutions. The attacks leveraged a malware named “EyePyramid” to target a dozen politicians, bankers, prominent freemasons and law enforcement personalities in Italy. These included Fabrizio Saccomanni, the former […] more…How to hunt for rare malware
At SAS 2017, on April 1st and 2nd on St. Maarten, Global Director of GReAT Costin Raiu and Principal Security Researchers Vitaly Kamluk and Sergey Mineev will provide YARA training for incident response specialists and malware researchers, who need an effective arsenal for finding malware. During the training, the experts will give participants access to […] more…Exposed MongoDB installs being erased, held for ransom
Security researcher Victor Gevers, co-founder of the GDI Foundation, a non-profit dedicated to making the internet safer, is urging administrators to check their MongoDB installations, after finding nearly two hundred of them wiped and being held for ransom. Currently, as of Monday morning, Gevers says he’s discovered 196 instances of a MongoDB installation exposed to […] more…Recent Spam Runs in Germany Show How Threats Intend to Stay in the Game
By Alice Decker, Jasen Sumalapao, and Gilber Sison In early December, GoldenEye ransomware (detected by Trend Micro as RANSOM_GOLDENEYE.A) was observed targeting German-speaking users—particularly those belonging to the human resource department. GoldenEye, a relabeled version of the Petya (RANSOM_PETYA) and Mischa (RANSOM_MISCHA) ransomware combo, GoldenEye not only kept to the James Bond theme of its earlier […] more…The banker that encrypted files
Many mobile bankers can block a device in order to extort money from its user. But we have discovered a modification of the mobile banking Trojan Trojan-Banker.AndroidOS.Faketoken that went even further – it can encrypt user data. In addition to that, this modification is attacking more than 2,000 financial apps around the world. We have […] more…Walking Dead can teach you valuable security lessons
Since early 19th century West Africa, the word “Zombie” has struck fear into the hearts of people. With the evolution of technology, and the rise of hit shows like “The Walking Dead,” zombies are more popular than ever, but the most terrifying thing about the world of The Walking Dead isn’t “Walkers”, it’s other people: […] more…Here’s some questions Congress should ask about the election-related hacks
Members of congress are demanding answers over claims that Russia attempted to influence the U.S. presidential election with several high-profile hacks. U.S. intelligence agencies are confident that the Kremlin was involved, but incoming president Donald Trump remains skeptical. As they prepare to investigate, here’s some questions lawmakers should be asking to help them understand […] more…Kaspersky Security Bulletin 2016. Review of the year. Overall statistics for 2016
Download Review of the year Download Overall statistics Download the consolidated Kaspersky Security Bulletin 2016 Introduction If they were asked to sum up 2016 in a single word, many people around the world – particularly those in Europe and the US – might choose the word ‘unpredictable’. On the face of it, the same could […] more…Cybersecurity skills aren’t taught in college
Cybersecurity is a growing concern across the globe and businesses are eager to build secure products and keep corporate data safe. The only problem is that cybersecurity is a relatively new skill, and there just aren’t enough qualified candidates to go around. When Intel and the Center for Strategic and International Studies (CSIS) surveyed 775 […] more…More information
- Thomson Reuters Terrorism Database Leaked Online
- 5 Facebook Home privacy facts
- Russia Jails Two Members of Notorious Hacker Group
- Microsoft DirectX DirectShow Filters Remote Code Execution Vulnerability
- U.S. agents ‘got lucky’ pursuing accused Russia master hackers
- Microsoft Internet Explorer CVE-2015-2483 Information Disclosure Vulnerability
- SSL Blacklist project exposes certificates used by malware
- Grindr being used to target and rob gay men
- Researchers find a way to shield quantum information from ‘noise’
- Super Tuesday Marks First Major Security Test of 2020