cyber attack


Not long after a new strain of the Akuma malware was discovered targeting ZyXEL devices with a new series of login/password attacks, FortiGuard Labs last week also began detecting strange scanning activities on uncommon TCP ports 52869 and 37215. We and other threat research teams quickly began to suspect that these were tied together, and that there was a new botnet out there. [Read More]
by RSS David Maciejak  |  Dec 12, 2017  |  Filed in: Security Research
To keep up with this threat landscape, your customers’ IT teams require security solutions that can provide real-time visibility into network activity and regulatory compliance, as well as automatically initiate a response to security events, to increase the overall efficiency of IT management teams. In order to effectively manage network security, compliance, and performance, your customers should consider implementing a SIEM (security information and event management) solution that features automation, scalability, and actionable intelligence [Read More]
by RSS Lief Koepsel  |  Dec 06, 2017  |  Filed in: Business and Technology, Industry Trends
The majority of these breaches have one thing in common. IT teams are failing to practice basic security hygiene. Cybercriminals target known vulnerabilities because they know that most organizations will have failed to patch or replace their vulnerable devices. WannaCry targeted a vulnerability for which a patch had been available for months. Shame on them. But Petya followed a month later and targeted the exact same vulnerability. And millions of devices were still affected. So, shame on us. [Read More]
by RSS John Maddison  |  Nov 15, 2017  |  Filed in: Industry Trends
Welcome back to our monthly review of some of the most interesting security research publications. [Read More]
by RSS Axelle Apvrille  |  Nov 02, 2017  |  Filed in: Security Research
Introduction Last month, iSightPartners revealed a Microsoft Office zero-day leveraged in a targeted attack by a Russian cyber espionage team. This vulnerability has been patched in Microsoft bulletin MS15-070. CVE-2015-2424 was assigned to this vulnerability. In this blog post, we will discuss the nature of the vulnerability to give some insights to other researchers for understanding and detecting this specific Word vulnerability. Multi-directory entries chaining We first extracted the embedded objects inside the exploit document... [Read More]
by RSS Wayne Chin Yick Low  |  Sep 01, 2015  |  Filed in: Security Research