An in-depth look at sextortion activities where cybercriminals use mobile devices and malware to cash in
The year 2014 was rife with mega breaches, hard-to-patch vulnerabilities, thriving cybercriminal underground economies, and a number of large-scale incidents. Faced with these growing threats, organizations need to plan ahead and be ready to take action instantly. Learn more from 2014 TrendLabs annual security roundup.
Vulnerabilities in oft-overlooked but widely used software and devices surfaced in the third quarter of 2014, reiterating the importance of having security in mind. Shellshock and a Netis router vulnerability proved that attackers don't discriminate when it comes to targets. These are just two of the biggest threats that hit users in the past three months though. Find out what other threats reared their ugly heads.
As security vendors and law enforcement agencies close in on attackers, the more darknets, unreported but big vulnerabilities across platforms and devices, and the Deep Web will figure in the threat landscape.
Recent events such as data breaches in the first half of 2014 strongly indicate that organizations need to start adopting a more strategic approach to protect digital information. This strategy includes protecting sensitive data such as intellectual property and trade secrets—often the crown jewels of any organization.
Sextortion isn't new, but a new modus operandi that makes use of mobiles and malware is emerging in the Far East. Find out how they do it.Read more (PDF)
Cybersecurity researchers discover how the "Rocket Kitten" group created ran a state-sponsored campaign and hit different public and private Israeli and European organizations.
Exploit kits are an ever-evolving threat. This research paper discusses what they are, how they work, and how they evolved over time.
This research paper reveals how PoS RAM scrapers infect systems to exfiltrate stolen data and how you can defend against them.
APT campaigns aggressively pursue and compromise specific targets to gain control of a company’s computer system for a prolonged period of time. To make a targeted attack successful, the communication channel between a threat actor and the malware inside a network must always remain open and unknown. Know how leveraging threat intelligence can help detect this malicious network traffic by reading this primer.
As 2012 drew to a close, SMBs, along with most organizations, should have taken a step back and learned from the past year. With mobile devices fast becoming part of workplaces and the increased availability of cloud services, SMBs should adopt security practices to fully protect their assets. This year, the Android malware volume is expected to hit the 1 million mark. The continuous use of cloud services will also play a key part in the SMB threat environment. This primer runs through five predictions SMBs should take note of.
In 2013, managing the security of devices, small business systems, and large enterprise networks will be more complex than ever before. Users are breaking down the PC monoculture by embracing a wider variety of platforms, each with its own user interface, OS, and security model. Businesses, meanwhile, are grappling with protecting intellectual property and business information as they tackle consumerization, virtualization, and cloud platforms head-on. This divergence in computing experience will further expand opportunities for cybercriminals and other threat actors to gain profit, steal information, and sabotage their targets’ operations.
Users face various unwanted app routines in the current mobile landscape. Given this situation, market owners have taken certain measures like providing safety guidelines, conducting prerelease quality assurance checks, and introducing access permission layers at the OS level. Unfortunately, these are still far from being fool-proof solutions. The reality is: Users are responsible for checking if the apps they download are legitimate or not.