Security | Threat Detection | Cyberattacks | DevSecOps | Compliance


CookieMiner malware targets Macs, steals passwords and SMS messages, mines for cryptocurrency

Security researchers at Palo Alto Networks have discovered a new malware threat that targets Macs in what appears to be a sophisticated attempt to raid cryptocurrency wallets. The malware, which researchers have dubbed CookieMiner, has a variety of weapons in its armory that could make it particularly worrisome for cryptocurrency investors.

10 of the Most Significant Ransomware Attacks of All Time

For years, ransomware actors have developed new families and attack campaigns in increasing frequency and numbers. Such activity peaked in 2017 but then fell in tandem with cryptocurrency miners’ rise. This development was short-lived, however. Between Q4 2018 and Q1 2019, Malwarebytes observed a 195 percent increase in ransomware detections involving business targets. The rate was even greater compared to Q1 2018 at 500 percent.

Ransomware experiences and why IT security professionals have a lot on their minds

Every year we survey visitors to our booth at Black Hat about trending topics. This year, we asked about ransomware and the ever-increasing complexity of our cybersecurity environment. The results are very interesting - things may be getting much better, or we may all be collectively in denial. Let's break it down.

Block newly-registered domains to reduce security threats in your organisation

It’s no secret that there are a lot of websites on the internet hosting malicious content whether they be phishing pages, scams or malware itself. Every day we hear of new attacks, there’s a common denominator of either a user having clicked on a link to a fraudulent website or a site having played host to code that pulled a malicious payload down from a third-party server.

Anatomy of a ransomware attack

Ransomware isn’t a new phenomenon, but it’s effects are starting to be felt more widely, and more deeply than ever before. Behemoths like Sony, Nissan, FedEx, Kraft Foods and Deutsche Bank have all been hit in recent years, and the list is growing. The ongoing saga of the ransomware attack in Baltimore, MD has left citizens unable to pay parking tickets or finalize property sales. American small businesses may bear the brunt of the impact of ransomware’s global spread.

Psychological Tricks of the Malware Trade

As a Professional Services Consultant, I have the pleasure of traveling all around the globe meeting clients and talking to a wide variety of IT security professionals who form the front line of defence against malware. One of my favorite topics is how people got their start in their careers in IT, but when I start discussing my own early years and touch upon my university studies, I’m often surprised by the number of people who do a double take when I share my chosen subject.

What's the Difference between Malware and Viruses?

If you’re not in the IT industry, all the technical terms for malicious attacks on computer network systems can be confusing. It’s also pretty easy to think you know what you’re talking about but actually have not got it right. In today’s blog post, we’re going to tackle viruses and malware, a couple of the most-used terms when talking about email threat protection, and figure out how you can address them.

Thousands of NHS computers are still running Windows XP from beyond the grave

Two years after the WannaCry ransomware outbreak shone a light on the computer security of the UK’s National Health Service, and five years after Microsoft said it would no longer release patches for Windows XP, the NHS still has 2300 PCs running the outdated operating system. The worrying statistic came to light in the response to a parliamentary question asked by shadow minister Jo Platt MP. The fact that 2,300 NHS computers are still running Windows XP is, obviously, not great news.

Newly identified StrongPity operations

Alien Labs has identified an unreported and ongoing malware campaign, which we attribute with high confidence to the adversary publicly reported as “StrongPity”. Based on compilation times, infrastructure, and public distribution of samples - we assess the campaign operated from the second half of 2018 into today (July 2019). This post details new malware and new infrastructure which is used to control compromised machines.