The FireFox zero-day recently used in the wild made headlines when TOR users that fell victim to the attack lost the one thing they were looking for: anonymous browsing. Speculation ran rife that the exploit may have been created by the FBI or another governmental agency, especially as the attack resembled past investigations used to identify Tor users.
Read MoreIn an article published by Tech Crunch last week, tech reporter Ben Dickson investigates the new generation of smart malware. He manages to sum up the crux of the problem in two sentences: “Virus definition databases don’t seem to account for the growing number of new malware species and variants, especially when they’re smart enough to evade discovery. More devious genus of malware are succeeding at even duping advanced security tools that discover threats based on behavior analysis.”
Read MoreEarlier this year, Microsoft announced its Windows updates for business, which was proclaimed as a way to "empower IT Professionals to keep the Windows devices in their organization always up to date with the latest security defenses and Windows features." If there is one thing most IT Pros agree on, it is that patching is a pain – it is something that must be done for the long-term security of the organization, but it is disruptive so it gets delayed (and the new Microsoft service will attempt to shorten these delays). And even worse than the business interruption patching causes, on its own, patching is never sufficient.
Read MoreHave you ever wondered what happens to zero-day exploits after their big splash on day zero? Often 0-days are developed to target a specific organization, as in this Pawn Storm-related instance reported by Trend Micro, which targeted specific people within the Foreign Affairs Ministry.
Read MoreSubscribe to our blog
Stay in the loop with industry insight, cyber security trends, and cyber attack information and company updates.
Search Our Site
Recent Posts
Posts by Tag
- Cyber Security (94)
- Endpoint Security (70)
- Cyber Attacks (45)
- Attack Analysis (44)
- Company News (37)
- Moving Target Defense (35)
- Exploits (30)
- Ransomware (20)
- Threat Alerts (18)
- APT (16)
- Fileless Attacks (15)
- Threat Profile (15)
- CISO (14)
- Events (14)
- Industry News (14)
- Morphisec Labs (14)
- Research (14)
- Zero-day (14)
- 0-day exploits (10)
- Patching (9)
- Product (9)
- Sandbox evasion (6)
- Exploit Kit (5)
- Mordechai Guri (5)
- ASLR (4)
- Custom Packer (4)
- Cyber Security Predictions 2017 (4)
- VDI (4)
- Angler Kit (3)
- Case Study (2)
- FIN7 (2)
- MLTR (2)
- MS Office Exploits (2)
- Malspam (2)
- POS (2)
- Threat Report (2)
- Webinars (2)
- ATP integration (1)
- Cerber (1)
- Citized Threat Index (1)
- FlawedAmmyy (1)
- GDPR (1)
- Hancitor (1)
- Kovter (1)
- Retail Cybersecurity (1)
- SecOps (1)