Fortinet posted a pretty good blog entry today on the Cyber Security Skills Shortage and relationship between it not just being about having the right technology but also the right people. You can see an excerpt of the article below and read the rest by clinking the link underneath. It’s […]
A new ransomware named “Locky” is currently circulating in the wild and making the headlines. There are some good reports regarding Locky ransomware already available over the Internet. This blog intends to focus on some technical areas that (we believe) have not been covered yet, namely, its domain generation algorithm, […]
UDP floods are used frequently for larger bandwidth DDoS attacks because they are connectionless and it is easy to generate UDP packets using scripts. DNS uses UDP primarily and under some circumstances uses TCP. Because, the usage of UDP/DNS protocol is extremely popular as a DDoS tool. Since DNS is […]
“Houston, we have a problem.” This is not news to healthcare organizations, whether they are in Houston, Boston, St. Louis or San Francisco. 2015 was a banner year in healthcare, for all the wrong reasons. The increasing number of attacks on healthcare systems exposed security shortcomings: many unsecured attack vectors, […]
We have all embraced online searching and shopping. The days of driving around town to compare costs or referring to the most current newspaper advertisement for a bargain have long gone. Today’s consumer reaches out via the Internet on a variety of devices to check product reviews, find discount coupons, […]
It came to our attention that a new, rather peculiar version of Nemucod has been recently landing on users. Nemucod is a well-known JavaScript malware family that arrives via spam email and downloads additional malware to PCs. Most recently, Nemucod has been known to download TeslaCrypt ransomware variants. However, the […]
Our automated crawling and analysis system, SherlockDroid / Alligator, has just discovered a new Android malware family, on a third party marketplace. Figure 1: Part of SherlockDroid report. Android/BadMirror sample found as suspicious The malware is an application whose name translated to “Phone Mirror”. Because it is malicious, we have […]
It’s been over two weeks since we reported about Locky and predicted that it will be a major player in the ransomware scene. We decided to check our Intrusion Prevention System (IPS) telemetry statistics for CryptoWall, TeslaCrypt and Locky two weeks after (Feb 17th to March 2nd) to see how […]
