News & Updates

We have seen events that point to the resurgence of Qakbot, a multi-component, information-stealing threat first discovered in 2007.

A phishing site was found using a spoofed Netflix page to harvest account information, credit card credentials, and other PII.

When it comes to cloud computing security, or simply, cloud security, what are the builders’ responsibilities? How can developers and administrators ensure cloud security? This primer discusses the key concepts of cloud security and which areas need to be protected using flexible and comprehensive security solutions. 

Through a thorough analysis of an actual smart manufacturing environment, our in-depth security research explores several attack vectors that could be used by threat actors to launch unconventional attacks on smart manufacturing systems.

A malicious cryptocurrency miner and Distributed Denial of Service (DDoS) bot that targets open Docker daemon ports.

A spam campaign using emails that have Excel file (.xls) attachments has been seen circulating and targeting users in Italy.

Cybercriminals are using credential phishing sites to trick users into entering their credentials into fake login pages of email and collaboration platforms and videoconferencing apps.

Many attackers are switching from file-based malware to memory-based attacks to improve their stealth. “Fileless,” “zero-footprint,” or “living off the land” threats use legitimate applications to carry out malicious activities.

We recently acquired a spam sample that propagates the Loki infostealer through LZH compressed archive files.