Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Info stealer malware, also known as information stealers, are a growing menace in the cybersecurity landscape. These malicious programs lurk in the shadows, siphoning sensitive data from unsuspecting victims' devices. While data breaches often grab headlines, info stealer attacks can be just as devastating, silently compromising personal information and causing significant financial losses. This blog post sheds light on the world of info stealer malware and the chilling reality of stealer logs.

Ransomware remains one of the biggest security threats in 2024. This follows a concerning resurgence in 2023, where more than $450 million in ransomware payments were reported in the first half of the year alone. The proliferation of Ransomware-as-a-Service (RaaS) and the subsequent attacks against a variety of businesses—from the smallest start-up to the most powerful multinational—reinforce what security professionals already know: ransomware is not going away.

Adware can cause performance issues and unwanted ads on your computer. Some types of adware can even collect your personal information. To protect your personal information, you need to remove as much adware from your computer as possible. To remove adware from your computer, you should back up your files, download adware removal software and remove any unnecessary programs.

If you follow cybersecurity news, you’ve likely already heard of Scattered Spider. But who are they, really — and what do they want?

The threat group "RA World" (formerly RA Group) has shifted from country-specific ransomware attacks to include specific industries via a new - not previously seen - method of extortion. I don’t like it when I hear about ransomware groups growing, but that's the case in TrendMicro’s new analysis of RA World ransomware. What was once through to be a smaller operation focused on attacks targeting organizations in South Korea and the U.S.

Malware often hides communications with its command and control (C2) server over HTTPS. The encryption in HTTPS usually conceals the compromise long enough for the malware to accomplish its goal. This makes detecting malware that uses HTTPS challenging, but once in a while, you will catch a break, as in the case here with AsyncRAT, a Windows remote access tool that has been deployed over the past year to target organizations that manage critical infrastructure in the United States.

Detecting malware in container environments can be a major challenge due to the rapid development of malicious code, the proliferation of insecure container images, and the multilayered complexity of container stacks. Staying ahead of attackers means tracking the constant evolution of malware and rooting out threats in your codebase at the expense of considerable compute.

A joint cybersecurity advisory published last week discusses ransomware attack impacts on healthcare, along with ALPHV’s attack techniques, indicators of compromise (IoCs) and proper response actions. ALPHV is a big enough problem that Cybersecurity and Infrastructure Security Agency (CISA), the FBI and the Department of Health and Human Services (HHS) all are getting together to put healthcare organizations on notice.