A new variant of the Ursnif Trojan is targeting vulnerable systems in an attempt to steal banking passwords and other credentials. The malware is spreading through infected Microsoft Word documents, and it has the ability to evade advanced security filters, according to security researchers at Fortinet.
Fortinet's FortiGuard Labs global threat research team is creating research playbooks that provide deep-dive analysis of not only threat trends, but also cybercriminal and adversary tools and techniques. Derek Manky and Tony Giandomenico discuss the playbook model and how it can help in the fight against cybercrime.
It's difficult to build a reliable security system based on artificial intelligence and machine learning, says Aleksandr Lazarenko of Group-IB, who offers insights on how to make the most of these technologies.
Capital One's enormous data breach is a subject of intense scrutiny as well as fear. A definitive post mortem is likely months away. But security professionals have ideas as to how the breach was achieved and the weaknesses that led to it.
To leverage blockchain for identity management at the enterprise level, CISOs first need to form a governance structure, says Prasanna Lohar, head of innovation at DCB Bank, a private banking company in India, who describes all the necessary steps.
Through hundreds of millions of selfies, the small Russian company behind FaceApp has likely created one of the largest private troves of geometric and facial landmark data - on the scale of Google and Facebook. The viral app has turned into an intellectual property boon.
JPMorgan Chase researchers have published a new paper describing their efforts at developing a novel "early warning" system based on artificial intelligence algorithms that can detect malware, Trojans and other advanced persistent threats before the phishing campaign that targets the bank's employees even starts.
Researchers with Armis have disclosed 11 zero-day vulnerabilities in the VxWorks real-time operating system that is used in some 2 billion embedded devices. Of all the "Urgent/11" vulnerabilities, six of the flaws are considered critical.
Mike Cotton of Digital Defense sees a key shift in the threat landscape, as attackers focus more on attacking key endpoints and infrastructure. As a result, many organizations are developing security blind spots. Cotton explains how to regain visibility.
A report from the U.S. Senate Intelligence Committee finds that Russia targeted election systems and infrastructure in all 50 states during the run-up to the 2016 Presidential elections. The committee, however, could find no evidence that vote tallies were altered.
Given the massive impact of the Equifax data breach, is the recently announced proposed settlement fair? One consumer advocate calls the money to be paid out by the consumer reporting agency the equivalent of a "parking ticket." Here's an analysis of the settlement's terms.
A recent spate of attacks targeting domain name system protocols and registrars, including several incidents that researchers believe have ties to nation-state espionage, is prompting the U.S. and U.K. governments to issues warnings and policy updates to improve security.