Attackers have found a new use for Dropbox, apart from just hosting malware. This new tactic uses the PlugX remote access tool to download its C&C server settings using the free file storing service.
Are all these large-scale Point-of-Sale (PoS) system attacks proof that attackers target payment cards more? While naming 2013 the "Year of the Retailer Breach", Verizon says POS-related cases have gone down in numbers since they peaked in 2010.
Attackers are finding more and more ways to exploit weaknesses, and now, we see the BLYPT backdoor family using blobs in its routines. Who are the targets of this new targeted attack campaign and how can it get in?
Ever heard of an attack that plays possum? The Siesta campaign gets in mostly via spear-phishing emails and then lies dormant for varied time periods before gathering information.
A new targeted attack campaign is waking up large numbers of industries via spear phishing emails. Promptly named, Siesta, the campaign sets in by “sleeping” first for varied time periods before moving on to eventually stealing valuable company data.
Attackers are finding more and more ways to exploit weaknesses, and now, we see the BLYPT backdoor family using blobs in its routines. Who are the targets of this new targeted attack campaign and how can it get in?
The latter half of 2013 lay witness to two new targeted attack campaigns: BLYPT, which hosts its servers in Romania and Turkey, and Esile, which targets government agencies in APAC to execute remote commands.
With today’s aggressive attack environment, IT security people are indispensible; invaluable with the right tools. So how exactly can organizations take care of their information security personnel? Here are four areas where organizations can help.
Building solid threat intelligence can help organizations spot and mitigate targeted attacks in their early stages. This is why it’s important for enterprises to invest in internal and external intelligence as well as the expertise of reputable security analys