Tag: Credential theft

Completely investigating the underlying server architecture and CNC structure of banking trojans such as DanaBot is an area of continuing research for the F5 malware team. Conclusion As with all banking trojans, DanaBot actively updates its tactics, techniques, and target list to both avoid detection and maintain continual operations to optimize the attacker’s financial reward.…

Read More

The cloud, like every other technology, was developed to help us do more things faster and more efficiently. It’s a business tool that provides the self-service flexibility of on-demand technological services decoupled from the need to physically deliver hardware and software. Organizations are flocking to leverage this power, but there are nagging questions: Is cloud…

Read More

In part 1, we discussed the various definitions of cloud and looked at cloud incidents related to data breaches, such as outages. In this part, we’re taking a close look at major cloud data breach incidents over the past few years. Are the majority of these breaches associated with sophisticated advanced attackers or malicious insiders?…

Read More

Good or bad, the cloud adoption represents a new pathway for anyone to become a software startup without having to hire operations or infrastructure personnel. Although they can quickly get a minimally viable application up and running, that application may lack both robustness and security measures of more traditional, well-engineered systems. I’m pretty sure that…

Read More

Authentication Attacks: Growing Every Year Credential stuffing and brute force attacks have been the biggest threats for financial services recently, and the trend shows no sign of slowing. This is unsurprising, given the capability that legitimate credentials represent for attackers. If attackers are able to guess or simply re-use already compromised credentials and gain access…

Read More

This is the full-spectrum, director’s cut version of the Application Protection Report, untrammeled by petty concerns like brevity or toner prices (for the shorter version, please see our Summary). This report pulls together the various threats, data sources, and patterns in the episodes into a unified line of inquiry that began in early 2019, picking…

Read More

There is no cease-fire in the continuing battle against malware. Qbot, a banking trojan malware active since 2008, is back in business with new functions and new stealth capabilities. In the past 12 years, this malware has gone by a handful of names, including Qakbot and Pinkslipbot. Despite all the variations and evolutions, Qbot’s main…

Read More

The sight of empty supermarket shelves during the COVID-19 pandemic brought home the fragility of our food supply chain. We can all see the importance of ensuring the security of the farming and agriculture industry. However, farming is becoming increasingly automated. This means new cybersecurity risks are emerging to stand alongside traditional risks like the…

Read More

Hidden Malware, Crouching Ransom One reason ransomware can appear to strike so quickly is because you only notice it once it’s too late. “Just because they’re in your network doesn’t mean you’ll see them,” notes Peck. “Ransomware and attackers often linger long before the ransomware goes active and begins encrypting your data.” The ransomware may…

Read More