Hackers are increasingly turning to fileless attacks because they are 10 times more likely to succeed than file-based attacks.These fileless infections stand as proof of cybercriminals’ resourcefulness and creativity.
Personal data records belonging to more than 4 billion people were affected by the top 10 data breaches alone in the last decade1. Businesses are losing market capitalization, reputation and customers, besides costly legal consequences once these data breaches surface. And, statistics indicate cybercrime is here to stay and thrive. As business dependency on IT grows, so does cyber criminals’ interest in taking advantage of this trend. So, what can be done? How can enterprises around the globe effectively fight cybercrime and prevent costly data breaches?
Data exfiltration or destruction, IT service unavailability and performance drops due to cryptojacking are only the last stage of a much longer and normally complex chain of events, known as the attack kill-chain. Applying a methodical approach to manage security incidents is critical for effectively breaking the attack kill-chain and avoiding costly data breaches.
Learn how Incident Response teams can leverage EDR tools for effective incident management.
Many experts say that data, and not gold or oil, has become the most valuable commodity in the world in recent years. As the value of data increases, cyber-attacks become a threat that business leaders have no choice but to place at the top of their priority list. But how can organizations manage cyber risks and improve readiness for regulations like GDPR?
This whitepaper uncovers software vulnerabilities as a major risk exposure for organizations. It also shows how frameworks like NIST and patch management solutions can be of great help in eliminating vulnerabilities and manage cyber risk exposure.
The line between adware and spyware has become increasingly fuzzy during recent years as modern adware combines aggressive opt-outs with confusing legal and marketing terms as well as extremely sophisticated persistence mechanisms aimed at taking control away from the user.
This whitepaper details an extremely sophisticated piece of spyware that has been running covertly since early 2012, generating revenue for its operators and compromising the privacy of its victims.
Around February this year, we came across a piece of malware that had previously gone unnoticed. Buried in the malware zoo, the threat seems to have been operational since at least 2015, undocumented by the research community.
Our interest was stirred by its remote access capabilities, which include unfettered control of the compromised computer, lateral movement across the organization and rootkit-like detection-evasion mechanisms. Powered by a vast array of features, this RAT was used in targeted attacks aimed at exfiltrating information or monitoring victims in large networked organizations.
This whitepaper details on the technical capabilities of RadRAT, its complex lateral movement mechanisms and other particularities that make it an advanced threat.
More data records were lost or stolen in the fi rst half of 2017 than in all of 2016. And in 2017, Gartner found organizations were gravely underprepared for the European Union’s General Data Protection Regulation (GDPR). More than half of companies affected by the regulation will not be in full compliance when it takes effect in May, the group said.
With only two months to go before the regulation is enforced, studies show little has changed. Yet the pressure of complying with the upcoming law weighs more heavily on everyone’s shoulders by the day. Fortunately, solutions are readily available to businesses big and small seeking to ensure cyber resilience on their way to GDPR compliance.
Bitdefender researchers have uncovered an emerging botnet that uses advanced communication techniques to exploit victims and build its infrastructure. The bot, dubbed HNS, was intercepted by our IoT honeypot system following a credentials dictionary attack on the Telnet service.
The bot was first spotted on Jan. 10 then faded away in the following days, only to re-emerge on Jan. 20 in a significantly improved form.
This whitepaper tells the story of a custom-built piece of malware that we have been monitoring for several months as it wrought havoc in Asia.
Our threat intelligence systems picked up the first indicators of compromise in July last year, and we have kept an eye on the threat ever since.
This whitepaper takes an in-depth look at the the attack chain, the infrastructure used by the threat actors, the malware subdomains they control and the payloads delivered on the targeted systems, as well as other telltale signs about a possible return of the Iron Tiger APT.
This whitepaper is a technical analysis of the Terdot, a Banker Trojan that derives inspiration from the 2011 Zeus source code leak. Highly customized and sophisticated, Terdot can operate a MITM proxy, steal browsing information such as login credentials and stored credit card information, as well as inject HTML code in visited Web pages.
The DarkHotel threat actors have been known to operate for a decade now, targeting thousands of businesses across the world via Wi-Fi infrastructure in hotels.
This whitepaper covers a sample of a particular DarkHotel attack, known as Inexsmar. Unlike any other known DarkHotel campaigns, the isolated sample uses a new payload delivery mechanism rather than the consacrated zero-day exploitation techniques. Instead, the new campaign blends social engineering with a relatively complex Trojan to infect its selected pool of victims.
Ransomware, the most prolific cyber threat of the moment, gains foothold in organizations and companies via file-sharing networks, e-mail attachments, malicious links or compromised websites that allow direct downloads. The first quarter of 2016 saw 3,500% growth in the number of ransomware domains created, setting a new record.
VDI empowers employees and employers with many benefits, no matter the size of the organization. However, as with any environment, security should always play a pivotal role and should complement the business environment. With VDI it’s no different; security should be seamless, without any effect on the user experience.
Virtualization offers many benefits, but also raises additional performance issues in areas of security. This bodes the question: is virtualization security counterproductive? Moreover, do the currently-available security solutions impact some of the benefits offered by virtualization, creating bottlenecks and additional issues in virtualized environments as compared to physical server environments?
As virtualization projects continue to accelerate, organizations are discovering they have changed how datacenters are architected, built, and managed.
This white paper explores areas of security concern organizations must address as they move, ever-increasingly, to rely on virtualization.
To accelerate the business benefits enabled by virtualization, companies must not overlook security. However isolated and self-contained, virtual containers are still vulnerable to increasingly sophisticated malicious attacks carried out by dedicated networks of cybercriminals. The larger the virtualized environment, the more challenging it can become to efficiently secure virtual machines.
IT has evolved immensely over the past decade, always adapting to become faster, more agile, and more efficient. Unfortunately, security threats have evolved as well, and are more stealthy, more intelligent, and more malicious than ever before.
Virtual machines in a cloud environment are as susceptible to nefarious exploitation – where sensitive data is highly valuable – as physical machines. The same exposure profile exists regardless of the underlying platform (traditional physical, virtualized, private cloud or public cloud). Although traditional security can be used in the cloud, it is neither built, nor optimized for the cloud.
