The Latest News in Cybersecurity Right to Your Inbox Thank you!
You will now be notified when a new blog post is published.
How Technically Accurate is Blackhat the Movie?
This weekend Michael Mann’s latest movie Blackhat, starring Chris Hemsworth, Tang Wei, Viola Davis, Holt McCallany, and Wang Leehom, was released. Given the high profile mainstream media coverage of attacks and data breaches over the past few years, it’s not surprising that Hollywood is capitalizing on cyber-crime trends. We were curious about how accurately the […]READ MORE
2015 Predictions Report: Hostage-Ware, OS X, Power Grids and More
Based on our predictive execution inspection technology, which monitors every process on machines it protects, we have unique visibility into advanced attacks. For example, earlier this year our researchers discovered and reported on government grade attack code being used to make ransomware invisible. As a result, we are regularly called upon by law enforcement and […]READ MORE
WireLurker Malware Targets iPhone and Mac
The news last week that malware had infected Apple phones and computers in China sent a shiver down the spine of Mac and iPhone users everywhere. The malware, called WireLurker, targets Apple mobile and desktop devices to steal personal information. So far, the campaign has only affected users in China, but it illustrates the new […]READ MORE
Unpatched Vulnerabilities Leave Apple Users at Risk
Apple has a long-standing reputation for silence when it comes to security. Whether it’s OS X or iOS, details around vulnerabilities, security patches and malware attacks are often obscured. This has led leading researchers and security vendors to reference the notorious idiom“security through obscurity” to describe Apple’s approach to threats. Whether this approach is effective or not, is up for […]READ MORE
Sandworm Demonstrates Why Patches aren’t Foolproof
Last week the security community was scrambling to update new AV signatures while continuing to patch systems against new variants of the “Sandworm” malware, which attacks Windows systems using a zero-day flaw that can enable attackers to take complete control of an infected system. The vulnerability used by Sandworm resides in a Windows component called […]READ MORE
Is Zero Day Java Exploit Detection Possible?
Java is an expansive, ubiquitous, platform agnostic infrastructure for delivering remote code to endpoint computers. That makes it a perfect malware distribution pipeline. It enables malware authors to take advantage of Java exploits to infect computers on a global scale. To make matters worse, security updates are not installed automatically when the Java updater launches, […]READ MORE
More Embedded Systems Havoc: ATM Hacks Target Endpoints Once Again
Recently, reports surfaced about new malware being used to hack ATM machines across the globe. The program, named Backdoor.MSIL.Tyupkin, creates a backdoor that bypasses the ATM’s security system and forces it to dispense cash. Though the hacks are primarily taking place in Russia and Europe, reports from the U.S., China, India, and Israel have also […]READ MORE
Why Anti-Exploitation Only Solves Part of the Endpoint Security Problem
In July Microsoft introduced an updated version of its Enhanced Mitigation Experience Toolkit (EMET), designed to protect against malicious and targeted attacks on its software. EMET aims to prevent software vulnerabilities from being successfully exploited. The most recent version employs Return-Oriented Programming protections (ROP), Export Address Filter (EAF) and EAF+ security, and Attack Surface Reduction […]READ MORE
Home Depot – Current Approach to Endpoint Security needs Major Renovation
Multiple sources are reporting that a targeted strain of malware has infiltrated the point-of-sale (PoS) systems of U.S. retailer Home Depot. It appears to be a very close variant of the Backoff malware that affected P.F. Chang’s last summer. Backoff itself was a variant of the malware the infiltrated Target’s systems in 2013. This latest […]READ MORE