Category Archives: Malware

A City Faces a Malware Attack

March 19, 2014 by Entrust, Inc.     No Comments

A recent malware attack against the city of Detroit points to the necessity of enterprise security in the fight against cybercrime.

Filed Under: Authentication, Malware Tagged With: EW, malware

The Identity Context

February 19, 2014 by Jason Soroko     No Comments
This entry is part 3 of 3 in the series Identity Context: Defense's Next Play

This entry is part 3 of 3 in the series Identity Context: Defense’s Next PlayPart Three: The Identity Context  All attacks involve some form of stolen identity. According to Mandiant’s threat landscape study, 100 percent of breaches they investigated involve stolen credentials. In our own studies — where we reverse-engineered malware and studied the source [Read More...]

Blacklisting – Finite Utility

February 12, 2014 by Jason Soroko     No Comments
This entry is part 2 of 3 in the series Identity Context: Defense's Next Play

This entry is part 2 of 3 in the series Identity Context: Defense’s Next Play Part Two: Blacklisting – Finite Utility  Malicious actors are ruled by the laws of economics just like everyone else; they have finite resources. If they want to attack many targets, the chances are good that they will reuse their tools [Read More...]

Filed Under: General, Malware Tagged With: malware

Top 5 Security Practices for Financial Institutions to Defeat Online Identity Attacks

February 10, 2014 by Mark Reeves     No Comments

The Bank of England (BoE) recently simulated a major cyber-attack against the British financial system that yielded some disturbing results: many of the UK’s largest financial institutions are unprepared for large-scale online identity-based attacks. More surprisingly, many of them are also uneducated on how to detect and report cyber security breaches. The Telegraph UK reported [Read More...]

Network and Desktop Operating Systems Have Too Much Trust

February 5, 2014 by Jason Soroko     1 Comment
This entry is part 1 of 3 in the series Identity Context: Defense's Next Play

This entry is part 1 of 3 in the series Identity Context: Defense’s Next Play Part One: Network and Desktop Operating Systems Have Too Much Trust At Black Hat 2012, John Flynn showed a slide with the text, “The kids these days, they’re hacking the system as a whole.” There is a wide assumption that [Read More...]

You Can’t Defend Against What You Can’t Detect: Malicious Signals in Legitimate Noise

February 4, 2014 by Jason Soroko     No Comments

 As a CIO, CISO, or anyone else who has to defend a corporate environment from malicious activity, there are many point solutions to spend your budget on. A lot of these technologies are really good and there certainly is no shortage of them.    Walk around a vendor floor of any large security conference and [Read More...]

Filed Under: Identity Assurance, Malware Tagged With:

Playing in the Digital Sandbox: Mobile versus Desktop Security

January 27, 2014 by Jason Soroko     No Comments

Mobile operating systems consume resources from unknown sources on the Internet all the time, and yet they are not infected in the same manner as desktop operating systems. Certainly, sideloaded malicious Android apps are able to access parts of a mobile device that the user has authorized (e.g., pictures, contacts, SMS).  We have also seen [Read More...]

Filed Under: Malware, Mobility Tagged With: mobile security, sandbox

Playing in the Digital Sandbox: Balancing System Trust

January 22, 2014 by Jason Soroko     No Comments

On a daily basis, most people using desktop operating systems consume resources and ‘rich content’ from unknown sources on the Internet, typically via technologies ‘under the hood’ of our Web browsers.  These include Java, browser plugins like Adobe Flash, PDF readers, HTML5 and others. All are meant to create a rich and seamless user experience. [Read More...]

Filed Under: Identity Assurance, Malware Tagged With:

Mobile Malware — Will it Expand in 2014?

January 20, 2014 by Entrust, Inc.     No Comments

This comes as no surprise, but the bring-your-own-device (BYOD) movement has reached critical mass.  More and more enterprises are leveraging mobile to share information, complete transaction or increase business efficiency. In fact, 67 percent of organizations use personal devices at work, and 42 percent of companies surveyed now allow BYOD at the enterprise level.  Unfortunately, [Read More...]

Filed Under: General, Malware, Mobility Tagged With: EW, malware, mobile

What is Malware-as-a-Service?

January 7, 2014 by Entrust, Inc.     No Comments

There’s a strong misconception — amongst business leaders and consumers alike — that unleashing a cyberattack is a difficult and expensive process that only experts are capable of executing. In reality, this could not be further from the truth. Currently, the integrity of the Internet is being compromised by a vast criminal underground market commonly [Read More...]

Filed Under: Malware Tagged With: