Recently I was asked by a customer how they can easily set up rollback capabilities on the endpoints in their corporate network. They had seen the marketing hype by various security technology providers that their products included rollback capabilities they could utilize if/when one of their workstations or servers was infected by malware. Having gotten this question more than once, I thought it would be a good subject to share with a broader audience. more
Efforts have been ongoing in the ICANN community to develop a better understanding of its role in the combat of abuse. This theme has been rising in prominence every year since 2018, and 2021 appears to be the tipping point, in which consensus has built around the idea that more can be accomplished in terms of reducing the impact of rogue actors using the Internet for malicious purposes. more
During the last week, Google says it has been seeing 18 million malware and phishing emails related to COVID-19 daily. This, the company reported today, "is in addition to more than 240 million COVID-related daily spam messages." more
Despite a recent Ninth Circuit decision denying immunity to malware detection software for targeting competitor's software, court holds that Section 230 protected Malwarebytes from liability for designating software driver program as potentially unwanted program. Plaintiff provided software that works in real-time in the background of the operating system to optimize processing and locate and install missing and outdated software drivers. more
As 2019 wrapped up, we took some time to reflect on some of the most impactful digital developments of the past decade and how they helped change our digital lives, including: the rise of mobile and tablet usage; the importance of mobile apps; the explosion of social media and online gaming; cloud computing; domain names, brand protection and the impact of GDP. Now that we've passed the New Year, it's time to look forward. more
"Three years after Mirai first appeared, and two years after WannaCry, it shows that we still haven't solved the problems leveraged in those outbreaks," said F-Secure Principal Researcher Jarno Niemela. more
A significant rise has been detected in the use of malware aimed at harvesting consumer data, known as password stealers. more
Lake City became the second Florida city to pay a substantial ransomware demand to hackers in less than a week. more
XENOTIME, the notorious group behind what is regarded as the most dangerous malware targetting industrial control systems has expanded its targeting beyond oil and gas to the electric utility sector. more
New research from the Global Cyber Alliance (GCA) released on Wednesday reports that the use of freely available DNS firewalls could prevent 33% of cybersecurity data breaches from occurring. more
On May 7, hackers breached parts of the computer systems that run Baltimore's government, taking down essential systems such as voice mail, email, a parking fines database, payment systems used for water bills, property taxes, real estate transactions and vehicle citations. more
Two years after the initial wave of WannaCry attack in May of 2017, security researchers say the ransomware continues to spread to vulnerable devices. WannaCry infection has affected close to 5 million devices to date. more
The US Department of Homeland Security (DHS) and the Federal Bureau of Investigation (FBI) this week issued a malware analysis report on Trojan malware variants linked to the North Korean government. more
Kim Zetter has a new story out describing a very serious attack. In fact, the implications are about as bad as possible. The attack has been dubbed ShadowHammer by Kaspersky Lab, which discovered it. Briefly, some crew of attackers -- I suspect an intelligence agency; more on that below -- has managed to abuse ASUS' update channel and private signing key to distribute bogus patches. more
Want to be a cybersleuth and track down hackers? It may sound ambitious considering that malevolent entities are extremely clever, and tracing them requires certain skills that may not be easy to build for the typical computer user. But then again, the best defense is offense. And learning the basics of sniffing out cybercriminals may not only be necessary nowadays, it has become essential for survival on the Web. So where can you begin? more