Emotet is back after a summer break

By Colin Grady, William Largent, and Jaeson Schultz. Emotet is still evolving, five years after its debut as a banking trojan. It is one of the world's most dangerous botnets and malware droppers-for-hire. The malware payloads dropped by Emotet serve to more fully monetize their attacks, and ofte...

How To Handle Evolutions in Cybercrime

Cybercriminals are Evolving Attackers are constantly evolving their techniques—finding ways to evade your defenses and stay in your systems longer. Today, 68% of attacks remain undetected for months or more. Traditional antivirus AV can’t hold up against the modern hacker. New attacks, like...

5 Keys to Improve Your Cybersecurity

Cybersecurity isn't easy. If there was a product or service you could buy that would just magically solve all of your cybersecurity problems, everyone would buy that thing, and we could all rest easy. However, that is not the way it works. Technology continues to evolve. Cyber attackers adapt and...

5 Keys to Improve Your Cybersecurity

Cybersecurity isn't easy. If there was a product or service you could buy that would just magically solve all of your cybersecurity problems, everyone would buy that thing, and we could all rest easy. However, that is not the way it works. Technology continues to evolve. Cyber attackers adapt and...

The WannaCry Security Legacy and What’s to Come

May 12 will mark the second anniversary of the WannaCry ransomware cryptoworm attack. It was a troubling time: During the four-day long ordeal, the cryptoworm infected more than 300,000 endpoints among 200,000 separate victims throughout 150 countries. It propagated rapidly through the EternalBlu...

FBI: BEC Scam Losses Almost Double To Reach $1.2 Billion

Business email compromise BEC scams are squeezing more money than ever out of victims, with losses from the attacks almost doubling year-over-year in 2018 to reach $1.2 billion. That’s according to the FBI’s annual Internet Crime Report IC3 for 2018, which records the number of complaints, losses...

The language of InfoSec

As the cybersecurity industry has evolved, one dynamic has remained consistent: our industry-"speak". We use a language that is very unique, difficult for new folks to understand, and oftentimes just plain sensationalistic. While any industry has its own technical terms, our language can also be ...

Beauty Out of Chaos: Elevating Cybersecurity to an Art Form – Part 1

How many of you can remember what it was like managing IT security 10 years ago? How about two decades? The truth is that the landscape was so utterly different back then that any comparisons with today are a little unfair. Yet they’re useful in one key regard: to teach us just how complex and...

Podcast: Emotet Grows With Fast-Evolving Tactics

The Emotet banking trojan has been popping up in the news for years: It has a long history, starting with widespread malspam infections of banking German targets in 2014, all the way up to the crippling ransomware attack that hit the Onslow Water and Sewer Authority in October. And while the...

CISO series: Secure your privileged administrative accounts with a phased roadmap

In my role, I often meet with CISOs and security architects who are updating their security strategy to meet the challenges of continuously evolving attacker techniques and cloud platforms. A frequent topic is prioritizing security for their highest value assets, both the assets that have the mos...

Rapidly Evolving Ransomware Gandcrab Version

ARCHIVED STORY Ransomware GandCrab Version 5 Partners With Crypter Service for Obfuscation By Alexandre Mundo · October 10, 2018 The GandCrab ransomware, which first appeared in January, has been updated rapidly during its short life, with Version 5.0.2 appearing this month. In this post we will...

Announcing “Cb Threat Hunters,” Carbon Black’s First Skill-Based Program

Carbon Black is excited to announce “Cb Threat Hunters,” the company’s first skill-based program debuting at Cb Connect 2018. Cb Threat Hunters gives you the opportunity to develop your threat-hunting skills to stay ahead of evolving attacks. With this program, our expert team will arm you with t...

In the New “Wild West” Even “Small” Cryptocurrency Theft is Costing Billions

Over the weekend, another cryptocurrency exchange was breached. This time it was “only” $40 million” in cryptocurrency. However, as a result cryptocurrencies overall lost more than $40 billion in value following the attack. That’s not a typo - a $40 million heist cost the market more than $40...

A week in security (May 7 – May 13)

Last week on Labs, we looked at the case of a fake Android AV, an annoying adware that goes by the name of Kuik, the return of threat actors behind the Shopper Stop tech scam, a new Netflix phishing scam, the recent zero-day vulnerability in Internet Explorer, and the insufficiency of merely...

Getting Back on the Field

Growing up as a foreign service brat, I was obsessed with security. Living in Guatemala in the 80s you had to adapt and become resilient as child. As there was no TV in our household, 10-year-old Tom began to tinker with my father’s computer and soon it became my oasis from the stress of living i...

Infographic: Cyberattacks by the Numbers

As the calendar shifted from December 2016 to January 2017, the prospect of a large-scale cyberattack loomed. Questions over the possible hacking of the 2016 U.S. presidential election swirled and businesses faced a growing attack vector in ransomware. In 2016, ransomware was estimated to be an...

RAT Distributed Via Google Drive Targets East Asia

Researchers said that they are tracking a new remote access Trojan dubbed UBoatRAT that is targeting individuals or organizations linked to South Korea or the video game industry. While targets aren’t 100 percent clear, researchers at Palo Alto Networks Unit 42 said UBoatRAT threats are evolving...

Ransomware Roundup: Attacking Shadow Copies Featuring Cryptowall

Ransomware is innovating to spread faster, hit harder and increase its payout potential. New unknown variants pop up daily, and many leverage non-malware techniques to evade traditional defenses. Cryptowall is a perfect example of how modern ransomware is evolving, using new techniques to disable...

Academia's Role in Security Skills Gap Examined

LAS VEGAS—For a long time, there’s been a chorus from employers about the lacked of skilled security professionals to fill available openings. And while it would not be an illogical leap to think universities are adequately preparing tomorrow’s security admins and CISOs, quite the opposite may be...

US, Canada Issue Ransomware Advisory

Ransomware clearly has people on many fronts worried, so much so that the United States and Canada took an unprecedented step last week to issue a joint advisory on the threat posed by crypto-ransomware. The U.S. Cyber Emergency Response Team together with the Canadian Cyber Incident Response...