In this Threatpost op-ed, Dave Dittrich and Katherine Carpenter explain the dangers of conflating measurable events, or observables, with indicators of compromise, which require context and other constructs to provide true threat intelligence.
Browsing Category: Malware
Researchers at Endgame have found new versions of TeslaCrypt in the past few weeks that target a host of new and unusual file extensions, and deploy new obfuscation and evasion techniques.
Researcher Patrick Wardle has developed a utility called RansomWhere? that he released today that he says does generic ransomware detection on OS X.
Tibetans along with journalists and human rights workers in Hong Kong and Taiwan have been targeted in campaigns using phishing emails laced with Microsoft RTF attachments that exploit four vulnerabilities.
Cisco Talos said that 3.2 million servers are vulnerable to the JBoss flaw used as the initial point of compromise in the recent SamSam ransomware attacks.
Mike Mimoso and Chris Brook recap the news of the week, including the Badlock bust, encryption legislation, and cryptoworm ransomware. Mike also discusses last week’s Infiltrate Con.
“Double-headed beast” Trojan, GozNym, drains $4 million from banks in past two weeks.
Jigsaw ransomware makes big data-destructing threats to victims, but its bark may be worse than its bite now that security experts have found a way for victims to decrypt systems for free.
Researchers spot new wave of Qbot infections that can shape-shift every six hours to evade detection.
Atmos banking malware has perilous pedigree that includes Citadel and ZeuS.