New Research Finds Bugs in Every Anti-Malware Product Tested

Products from every vendor had issues that allowed attackers to elevate privileges on a system -- if they already were on it. A majority of security tools that organizations use to defend against malware attacks are themselves vulnerable to exploits that allow attackers to escalate privileges on a compromised system, a new CyberArk study has … Continue reading New Research Finds Bugs in Every Anti-Malware Product Tested

Phishing emails lure victims with inside info on Trumps health

A phishing campaign pushing a network-compromising backdoor pretends to have the inside scoop on President Trump's health after being infected with COVID-19. With the United States 2020 Presidential elections being hyper-partisan, people from different sides of the aisle have become obsessed with Trump's health for various reasons. To capitalize on this, the threat actors behind … Continue reading Phishing emails lure victims with inside info on Trumps health

New HEH Botnet Targets Exposed Telnet Services

Latest threat is one in a growing list of malware developed in the Go programming language. A potentially destructive peer-to-peer (P2P) botnet has surfaced and is targeting a broad variety of Internet of Things (IoT) devices with exposed or weakly protected telnet services. Researchers at China-based 360NetLab, who recently discovered the so-called HEH botnet this … Continue reading New HEH Botnet Targets Exposed Telnet Services

10 Years Since Stuxnet: Is Your Operational Technology Safe?

The destructive worm may have debuted a decade ago, but Stuxnet is still making its presence known. Here are steps you can take to stay safer from similar attacks. Around this time 10 years ago, the Stuxnet worm made its global debut. Unleashed with the intent to destroy the Iranian Bushehr nuclear power plant, the … Continue reading 10 Years Since Stuxnet: Is Your Operational Technology Safe?

Meet Egregor, a New Ransomware Family to Watch

Egregor's operators promise to decrypt victims' files and provide security recommendations in exchange for ransom payment. Researchers have been analyzing a new ransomware family that calls itself "Egregor." Attackers behind the malware, which has affected at least 13 companies, typically operate by breaking into organizations, stealing sensitive data, and running the malware to encrypt their … Continue reading Meet Egregor, a New Ransomware Family to Watch