The past 12 months have been packed with geopolitical incident, global malware threats and ubiquitous big-name data breaches. From the CIA Vault7 and NSA Shadow Brokers leaks at the start of the year, to the WannaCry and NotPetya ‘ransomware’ campaigns, and Uber’s shock revelations just last month, there’s been plenty for CISOs to ruminate on. But now the year is nearly at an end, it might be useful to recap some of the biggest themes of 2017 — with an eye on fortifying systems for the 12 months to come. Continue reading
There’s an old English Christmas carol “The 12 Days of Christmas”, a cumulative song about 12 gifts that keep getting ‘grander’. As our Christmas gift to you, we wanted to list the top threats to be aware of heading into 2018, from least to most pressing. Let’s look at the vulnerabilities and potential points of attack to take into account for next year’s priorities: Continue reading
Summer holiday is officially over, and we are in for a challenging last quarter of the year. Plenty of challenges: we are all working towards a more open and mobile digital environment, while the cyber-baddies are preparing plenty of new attacks. And the time to comply with GDPR is shrinking daily.
This may seem scary, but meanwhile an entire security industry is working hard to keep one step ahead of the bad guys. In handy interactive sessions of no more than 60 minutes just before lunchtime (11am to 12 pm), you can find out all about the latest security trends and get an answer to all of your questions. And we will organize each session twice, so you don’t have to miss any of them. Get up to speed in 60 minutes, by signing up for our webinars! Continue reading
Ransomware is everywhere. The number of emails containing ransomware rose 6,000 percent since 2015. In 2016, 40 percent of all spam emails had one of these malicious programs hidden within, according to IBM. Other reports highlight the sophistication of ransomware nowadays and it’s financial impact on organizations that that become victims. In short, it’s all bad news. Or not?
Security researchers from TrendLabs discovered ANDROIDOS_GHOSTCTRL.OPS / ANDROIDOS_GHOSTCTRL.OPSA and named this Android backdoor GhostCtrl as it can stealthily control many of the infected device’s functionalities. Continue reading
A large-scale ransomware attack reported to be caused by a variant of the Petya ransomware is currently hitting various users, particularly in Europe. This variant, which Trend Micro already detects as RANSOM_PETYA.SMA, is known to use both the EternalBlue exploit and the PsExec tool as infection vectors.
For years hackers have been stealing documents from your machines. No matter what… hackers will always find a way to get in. But once they get in, their problems start: how to monetize the hacked device? Of course passwords, credit card and banking details are relatively easy to monetize.
The Wannacry ransomware has been keeping us busy for several days now. This software has infected systems worldwide by exploiting an older (already patched) Windows vulnerability. Though many may wonder how a vulnerability that has been patched can still infect so many systems worldwide, it appears that the attack hasn’t brought in much money yet. Considering the attack and the errors made by the criminals, I wonder if this attack hasn’t been a first test or a general rehearsal for a much bigger attack. Continue reading
According to a recent committee hearing by the House Small Business Committee, nearly 60 percent of small companies go out of business within six months following a hack and 71 percent of all cyber assaults occur at businesses with under 100 workers. Our own data at Trend Micro indicates that small businesses are not immune from cyberattacks. In fact, small businesses are generally regarded as being more susceptible to attacks due to lack of dedicated security personnel and minimal investment in security software and hardware. Continue reading