Experts Find 2007 Variant of Malware Linked to French Intelligence
Researchers at Palo Alto Networks have come across a 2007 variant of Babar, a piece of malware believed to have been developed by a French intelligence agency. The activities of the cyber espionage group known as the Animal Farm came to light in March 2014, when a French publication released a series of slides from Edward Snowden….
Hacker Hijacks Police Radio Broadcast Until Cops Call Off Car Chase of Armed Robbers
A hacker hijacked a police radio broadcast, posing as cop, causing the police to call off a car chase of alleged armed robbery suspects. While the man and woman allegedly responsible for an attempted armed robbery in Australia are no Bonnie and Clyde, they had something the infamous outlaw couple didn’t … a little help…
How hackers have improved their BEC attack methods
Email is increasingly an integral part of global life, but business email compromise (BEC) attacks could place these communications at risk. Research by The Radicati Group found that 2.9 billion people worldwide will be using email portals by 2019. Each business user will send 126 messages daily by that time, compared to 122 emails sent and…
Just a Passing Fad? Fidget Spinners and the Malware Sandbox
This is the first installment in a three-part series about malware sandboxing. Stay tuned for more information. When the fidget spinner fad hit last year, my seventh grader was immediately on board and quickly became a fidget spinner snob, boasting about bearing quality and spin longevity. My fifth grader, however, eschewed fidget spinners with the…
Using a Free Online Malware Analysis Sandbox to Dig Into Malicious Code
The continuous advancement and sophistication of cyberthreats has gradually decreased the sufficiency of traditional gateway and endpoint security solutions for protection against malware. These approaches were sufficient when malware occurred in small numbers and it was easy to differentiate between good and bad applications. Nowadays, there’s a world of unknown code — a gap between…
Companies face legion of security operations challenges
After a week away from all things cybersecurity, I’m back at work and focusing on security analytics and operations again. Alarmingly, most organizations readily admit to problems in this area. For example, a recent ESG research survey of 412 cybersecurity and IT professionals identified some of the biggest security analytics and operations challenges. Some of…
Antivirus: From Stand-Alone Product to Endpoint Feature
Endpoint experts discuss the evolution of AV and its shift from stand-alone product to a feature in broader security tools. The endpoint security evolution is underway. Antivirus (AV) isn’t dead, but its nature is changing as enterprise threats become faster, more widespread, and more complex. “Antivirus has become, to me, more of a specific feature…
ROPEMAKER Attack Turns Benign Emails Hostile Post-Delivery
Just because an email is secure when it arrives in your inbox doesn’t mean that it cannot be maliciously modified later. The intersection of email and Web technologies in recent years has given attackers a way to undermine the security and non-repudiation of email, including those that are signed using PGP or SMIME, security vendor…
How ransomware is creating a data backup explosion
While the WannaCry ransomware and Petya – a wiper disguised as ransomware – are two of the most recent headline-grabbers in the security world, the truth is that we’ve been seeing this type of attack become more common over the past few years. Because data is the new oil in the digital economy, ransomware attacks…
Researchers Uncover Infrastructure Behind Chthonic, Nymaim Trojans
While analyzing malware that uses PowerShell for infection, Palo Alto Networks managed to uncover the infrastructure behind recent attacks that leveraged the Chthonic and Nymaim Trojans, along with other threats. The analysis kicked off from one malicious sample, but resulted in security researchers from Palo Alto Networks being able to identify 707 IPs and 2,611 domains supposedly…