endpoint security: amplified


Show Us the Way CryptoLocker!

Ransomware is a class of crimeware that locks down an infected system by preventing user’s access to their data stored locally or via accessible shared network drives. Access is only sometimes restored to the victim after a sum of money is transferred to a digitally remote blackmailer.

CryptoLocker is one of the latest variants in this family surfacing over the last few months has recently made some noise across the industry. Ransomware is one of the busiest (and most annoying) threats of 2013, and is experiencing another comeback tour so we decided it’s time to take a peek under the hood of the latest variant’s campaign to see what the author team is up to as of late and how different is the actual threat compared to the evasion techniques.

Read More

Topics: Cyber Crime, Cyber Security, malware, Cyber Attack, APT, cybersecurity, malware infection, malware analysis, Scout, Sentinel, endpoint security, CounterTack, Breaches, Zero-day Attack, in-progress attacks, Sean Bodmer

The Problem is the Detection Gap

The New York Times attack is all over the news this morning.  We’re lucky in some ways that this happened to the Times.  As their security beat reporter, Nicole Perlroth, noted in an interview on NPR this morning, as a media company, the NYT staff was more willing to talk publicly about what happened than most organizations would be.  We don’t often see coverage of advanced attacks in such detail, but the problem is widely known, if not widely understood. 

I applaud the Times for recognizing a possible threat, being proactive in starting to monitor its network, and following through with strong incident response.  However, the account noted that there was evidence that the attackers had been in the NYT network for months before perpetrating this attack.  Indeed, Perlroth reported that, “Investigators still do not know how hackers initially broke into The Times’ systems.” 

Read More

Topics: malware, Cyber Attack, Detection Gap

Dissecting Project Blitzkrieg

Reports of a massive, looming cyber attack – coined Project Blitzkrieg – has dominated headlines following the recent release of a new McAfee Labs study.

According to the report, malware has been lying dormant in 30 leading U.S. financial services organizations – including Fidelity, E*Trade, Charles Schwab, PayPal, Citibank, Wachovia, Wells Fargo, Capital One, Navy Federal Credit Union and others – and will be activated by the Spring of next year. The report goes on to say that “the project appears to be moving forward as planned.”

Read More

Topics: Cyber Crime, Cyber Security, malware, Cyber Attack, Research

Subscribe to Email Updates

Recent Posts

Posts by Topic

see all