10 Threats Lurking on the Dark Web
Security pros can never rest. Even with the operation last year that took down AlphaBay and Hansa, industry experts say many groups continue to trade in malware, ransomware, and stolen credentials on the Dark Web, and that the criminals who were caught simply reorganized. “People need to understand that there’s an underground economy – a…
Do you need a paid antivirus for Android?
Many people think that Android devices do not need an antivirus solution at all, but countless kinds of malware exist for the mobile OS, some on official stores such as Google Play. In other words, antivirus software could actually come in very handy. So, which one should you choose? Which mobile antivirus? Of course, we…
WatchGuard launches AI-based antivirus to help defend against zero day malware
WatchGuard announced version 12.2 of its Fireware operating system for its Firebox Unified Security Platform appliances. Key to the update is IntelligentAV, a new antivirus scan service that uses an artificial intelligence (AI) engine to predict, detect and block evolving zero day malware. IntelligentAV joins Threat Detection and Response (TDR), Gateway AntiVirus, and APT Blocker…
Surge in Blended Attacks Stirs New Cyber Worries
Symantec, NH-ISAC partner on blended threat workshop series as healthcare industry deals with alarming rise in number of incidents. It sounds like a nightmare: A targeted piece of malware infects computers and devices, temporarily shutting down critical technologies used in the healthcare community. As the malware begins to become contained, a natural disaster hits the…
SamSam Ransomware: Patient, Persistent, Competent and Dangerous
The SamSam ransomware has always been a bit different. Unlike many ransomware infections, its victims are targeted rather than random — and the attacker establishes a presence on the victim network before beginning the encryption process. Victims this year include the City of Atlanta, Allscripts, Adams Memorial Hospital, Colorado Department of Transportation and the Mississippi…
How to Achieve Ransomware Recovery — Without Paying Ransom
Without a ransomware recovery strategy, companies sometimes end up paying to retrieve their data after an attack. At the same time, threat actors are growing more sophisticated in their ability to bypass both antivirus and anti-ransomware tools — thus, they’re also growing bolder. To stay ahead of the curve, organizations will need to develop more…
Why Artificial Intelligence Is Not a Silver Bullet for Cybersecurity
A recent Cisco survey found that 39% of CISOs say their organizations are reliant on automation for cybersecurity, another 34% say they are reliant on machine learning, and 32% report they are highly reliant on artificial intelligence (AI). I’m impressed by the optimism these CISOs have about AI, but good luck with that. I think…
Ransomware Attack Hits Health Firm LabCorp
LabCorp, a company that provides “diagnostic, drug development and technology-enabled solutions for more than 115 million patient encounters per year,” serves hundreds of thousands of customers nationwide and processes tests on more than 2.5 million patient specimens per week. With revenues that topped $10 billion last year, the health company operates a network of more…
Move Over, Ransomware: Why Cybercriminals Are Shifting Their Focus to Cryptojacking
According to the 2018 IBM X-Force Threat Intelligence Index, the frequency and sophistication of malicious cryptocurrency mining, also called “cryptojacking,” has increased drastically in the past year. This mining is changing malicious actors’ priorities: While they had previously targeted companies’ data and financial assets, they are now seeking to extract value from organizations’ computing resources….
The Aurora Power Grid Vulnerability and the BlackEnergy Trojan
At recent Industrial IoT security briefings, the Aurora vulnerability has come up repeatedly. Attendees ask, “Is our country’s power grid safe? How can we protect the grid? What is Aurora?” This post provides a look at Aurora, and the BlackEnergy attack that can exploit Aurora. In March 2007, the US Department of Energy demonstrated the…