Articles about Malware

A new report and infographic released today by Elevate Security shows that a mere three percent of a company's internal users are to blame for 92 percent of malware incidents, while just four percent are responsible for 80 percent of phishing incidents.

The research, carried out for Elevate by the Cyentia Institute, also shows 12 percent of users are responsible for 71 percent of browsing incidents with one percent triggering 200 events every week.

Continue reading →

In 2021, there was a surge of attacks targeting Active Directory domain controllers in order to gain the privileges that are needed to install backdoors, change security policies, and distribute ransomware or malware.

In recent days there have also been attacks targeting organizations in the Ukraine using the HermeticWiper malware which is implanted via Active Directory to destroy data on the machine.

Continue reading →

The latest Cyber Threat Landscape Report out this week from Deep Instinct reveals that bad actors are clearly investing in anti-AI and adversarial attack techniques and integrating these methods into their larger evasion strategy.

It also highlights a change in the way attacks are carried out and says we are now witnessing some groups opting to inflict maximum impact over a shorter time span. These short duration attacks are carried out with the goal of damaging data (its confidentiality and availability), destabilizing a business, and impairing business continuity.

Continue reading →

Almost every organization is struggling with malware analysis according to a new report from infrastructure protection company OPSWAT.

The study finds 94 percent of organizations are finding it challenging to recruit, train, and retain malware analysis staff. In addition 93 percent of organizations are challenged by malware analysis tools that lack automation, integration, and accuracy. This leads to over 20 percent of organizations reporting they are unable to investigate and resolve a majority of their malicious files or alerts.

Continue reading →

Fake versions of popular games such as Temple Run and Subway Surfers are being used to distribute dangerous malware through the Microsoft Store to users of Windows 10 and Windows 11.

Security firm Check Point Research found that malicious versions of the titles were riddled with Electron Bot malware and have already infected thousands of computers in countries incuding Sweden, Bulgaria and Russia. The malware gives an attacker a backdoor into a victim's computer allowing for complete system control, as well as control of social media accounts.

Continue reading →

One of the more significant good news security stories of last year was the culmination of an international effort in January to take down the Emotet botnet.

Sadly it seems that you can't keep a bad botnet down for long. The latest Q4 and Year in Review Threat Report from Nuspire shows Emotet bouncing back, with steadily increasing levels of activity throughout December.

Continue reading →

Security researchers have managed to use the encryption algorithm used by the Hive ransomware to determine the master key needed to decrypt files for free.

Ordinarily, victims of a Hive ransomware attack would have to pay up to receive their individual decryption key. But a team of researchers from the Department of Financial Information Security, at Korea's Kookmin University, have been able to calculate the master key. This has then been used in what is believed to be the "first successful attempt at decrypting Hive ransomware"

Continue reading →

New data shows that while total perimeter malware detection volume has decreased, endpoint malware detections had already surpassed the total volume seen in 2020 by the third quarter of 2021.

The latest quarterly report from WatchGuard Technologies also shows a continuing trend for a significant percentage of malware to arrive over encrypted connections, the percentage delivered via TLS jumping from 31.6 percent to 47 percent.

Continue reading →

Over half (55 percent) of organizations see malware and ransomware as an 'extreme' threat and 75 percent believe it will get bigger over the next year.

This is among the findings of the 2021 Malware and Ransomware report from Bitglass (which was recently acquired by Forcepoint). A joint venture with Cybersecurity Insiders, the report is based on a survey of hundreds of cybersecurity professionals across industries to better understand how the growing malware and ransomware problem has changed the way they protect their organization.

Continue reading →

New analysis of more than 200,000 malware samples by Picus Security, a pioneer of Breach and Attack Simulation (BAS) technology, looks at attacker behavior over the last 12 months.

The 2021 Red Report highlights the top 10 most widely seen attack techniques and demonstrates how cybercriminals have shifted towards ransomware over the last year.

Continue reading →

Yes, you did read the headline correctly; security researchers have discovered a stealthy new remote access trojan (RAT) designed to attack Linux systems. Named CronRAT, the malware hides as a scheduled task and is configured to run on a non-existent date – February 31st.

Researchers from Sansec warn that CronRAT "enables server-side Magecart data theft which bypasses browser-based security solutions". This is something that is particularly concerning this Black Friday.

Continue reading →

A new javascript downloader named 'RATDispenser', distributing eight different Remote Access Trojans, keyloggers and information stealers has been uncovered by HP Wolf Security.

Most worrying is that RATDispenser is only detected by 11 percent of available anti-virus engines, meaning it's able to bypass detection tools and successfully deploy malware in the majority of cases.

Continue reading →

Security experts have spent years driving home the message that HTTPS connections are safer, but a new report released today reveals that 91.5 percent of malware arrived over encrypted connections in the second quarter of this year.

The quarterly internet security report from WatchGuard Technologies also shows alarming surges across fileless malware threats, dramatic growth in ransomware and a big increase in network attacks.

Continue reading →

Microsoft is set to begin rolling out Windows 11 next week. For the most part, any programs you run on Windows 10 should run just fine on the new OS, although there will be exceptions.

Antivirus and security solutions are not all certified yet and installing security software that hasn't been fully tested with the new operating system could prove disastrous. Don't worry though, as antivirus testing service AV-Comparatives has done the hard work for you and today releases a list of "approved" security software. Is yours on the list?

Continue reading →

Just how bulletproof is your security package? Sadly, even the most reputable names are occasionally caught flat-footed by a new threat. If you’re serious about protecting your computer, you’ll leap at the chance to add a secondary layer of protection that works in tandem with your main package to catch threats that are missed (or ignored).

The good news is that Malwarebytes 4.0 stands ready and waiting to answer the call for reinforcements. And we’ve got a mouth-watering deal that will enable you to protect up to five devices -- Windows, Mac and Android -- in your household for the next two years -- all for under $30!

Continue reading →