Protecting your organization against cyber-crime means being ready for the unknown at all times. This week, researchers have uncovered two new malware campaigns that attack your infrastructure through something as innocent as a MS Word file. Both of the attacks use the Ursnif trojan that is known for stealing data, collecting keystrokes and deploying additional…
Once an infected file enters your network, the timer begins. From one breached machine, attackers can make lateral moves around your IT environment, moving to access critical infrastructure or assets such as customer databases. They can also escalate privileges by stealing user credentials to gain more and more control and visibility. In short, the longer…
As cyberthreats grow in both impact and reach year on year, the problems with traditional antivirus solutions are only becoming clearer. Many antivirus providers are continually adding improvements and functionality to their antivirus services, adding protection against new known threats that they hope will close the gaps and better protect their customers. Unfortunately, a solution…
As CISOs and other security professionals prepare to slam the door on 2018, the question, unfortunately, must be asked: what does 2019 likely have in store for organizations when it comes to cyberattacks? Trend #1: a rise in ‘cryptojacking’ and the infection of crypto-miners Sometimes called “cryptojacking,” we unfortunately predict a continued rise in infection…
There was a time when the organizations that got rocked by a zero day attack garnered great amounts of sympathy. After all, how could an organization be expected to deal with the rare occurrence of an unknown threat? That time has come, and it has very much gone, however. Zero day attacks are now common,…
CSV Formula injections have been known for a while now, with many security solutions handling these kinds of attacks. The most common way of dealing with this threat is by applying a regex rule to detect the specific pattern used by Excel in its formulas, the most famous tool (and open-source) is MSODDE of oletools.As…
With IT developing at such a breakneck pace, it almost seems unbelievable that a technology from 26 years ago could be posing a cybersecurity threat. But CISOs and other security professionals know it’s all too believable, with yet another unpatched vulnerability, unnecessary protocol or outdated technology from decades ago causing major problems. This is precisely…
With IT developing at such a breakneck pace, it almost seems unbelievable that a technology from 26 years ago could be posing a cybersecurity threat. But CISOs and other security professionals know it’s all too believable, with yet another unpatched vulnerability, unnecessary protocol or outdated technology from decades ago causing major problems. This is precisely…
An unknown or zero-day exploit is, by its very nature, mysterious. However, thanks to new research, what is now crystal clear is exactly how big a risk these attacks pose to organizations and how badly traditional security measures are failing in the face of them. The Ponemon Institute’s 2018 State of Endpoint Security Risk surveyed…