Malware

The notorious, disk-wiping worm Shamoon, also known as Disttrack, has reemerged with an updated version. Here’s what users and organizations need to know about this threat.

We look at some of the defining moments in the threat landscape that helped steer organizations toward adding proactive incident response strategies to their cybersecurity defenses.

Here’s a closer look at the challenges enterprises are confronted with when adopting a more robust cybersecurity strategy, and how managed detection and response can help address them.

New variants of Mirai and Gafgyt botnets were found targeting well-known vulnerabilities using multiple exploits directed at enterprises for possible DDoS attacks, including the flaw used in the 2017 Equifax data breach.

A new fileless malware utilizes Powershell and EternalBlue via WMI for propagation, infecting workstations and servers connected to a local server with a cryptocurrency miner and a DDos tool. Significant infections have been detected in North America and Europ

A new Rakhni variant was found with the ability to decide whether to install ransomware or cryptominers. It also has a worm component, installs spyware, and can disable Windows Defender.

Researchers found a new malware called MyloBot in the wild that features new attack and evasion techniques — as well as the ability to delete other existing malware in the infected system.

Syscoin's GitHub account was hacked to distribute modified versions of their software. Developers who executed Syscoin 3.0.4.1 are advised to change their unencrypted cryptocurrency wallet passwords and back up their files.

PyRoMineIoT malware infects systems with a Monero miner, spreads using RCE EternalRomance by removing or modifying accounts and passwords with privileged access, and scans for vulnerable Internet of Things devices for possible future attacks.