April 19, 2019 - Recently, one of our researchers presented at the SAS conference on "Funky malware formats"—atypical executable formats used by malware that are only loaded by proprietary loaders. In this post, we analyze one of those formats in a sample called Ocean Lotus from the APT 32 threat group in Vietnam.
April 18, 2019 - Like-farming is a popular method on social media to harvest as many likes and shares as possible in order to increase the value of a site or domain. But what happens when scammers get in the game?
April 17, 2019 - When malware shuts down the computer systems of an industrial plant, it could threaten the physical security of those working in or living near it. Here's how to protect your workforce and your business from targeted threats.
April 16, 2019 - Hackers made use of a compromised Microsoft support agent's credentials to sneak a peek at its users' Hotmail, MSN, and Outlook emails. How bad is it, and what has Microsoft done to correct it?
April 15, 2019 - Scammers take aim at fans of Ellen DeGeneres with a bizarre chain of giveaways and free movie websites. Will anyone take the bait?
April 15, 2019 - A roundup of news stories from April 8–4, including Baldr, medical management apps, an Android password stealer, and new sextortion scams.
April 12, 2019 - We all want those Instagram likes and followers. But what if the app that’s supposed to be assisting you is also stealing your username and password? As a matter of fact, that’s exactly what we found in three fake Instagram assistance apps found on Google Play.
April 11, 2019 - What exactly is the "personal information" that companies need to legally protect? Learn which data points organizations need to secure, from Social Security numbers to olfactory, smell-based data (!), to comply with the law.
April 10, 2019 - Because medical records are such a lucrative data set, attackers often target the healthcare industry, seeking out and eventually finding the weakest link in the supply chain. That's why it’s important for stakeholders to consider the broader implications of cybersecurity weaknesses in medical management apps. But who should be held responsible?