This roundup sees valuable reading for incident responders and security professionals, both in the form of needed reminders of familiar threats, and insight into recent developments in malware techniques.
Darkreading’s report will come as no surprise to analysts and incident responders – yet another example of a CV based phishing attack targeting HR departments. Whilst nothing new, protecting against this attack vector requires constant vigilance and user awareness training. Even more so when the attack targets recipients expecting the content. It’s always surprising how easily even experienced security professionals can be blind-sided by these time tested tactics.
Lastline’s report highlights the ongoing sophistication of malware and identifies the four most common evasion techniques that analysts need to be aware of when trying to identify and mitigate against modern malware.
“CareerBuilder Attack Sends Malware-Rigged Resumes To Businesses” [DarkReading]
“Attack displays ‘simple elegance and brilliance,’ security researcher say.”
“Security Industry has failed, it’s time to chart new course”
[Help Net Security]
“In front of computer security professionals attending RSA Conference 2015, Amit Yoran, president of RSA, The Security Division of EMX, challenged the industry to relinquish its legacy approaches to combatting cyber attacks; approaches that have failed but continue to give organisations a false sense of security.”
“SIMDA botnet down: 770,000 infected computers rescued” [TechTarget SearchSecurity]
“Researchers from Kapersky Lab, Microsoft, Trend Micro and Defense Institute teamed up under the coordination of INTERPOL to bring down the huge an heinous botnet SIMDA.”
“The Four Most Common Evasive Techniques Used By Malware” [TripWire]
“Earlier this month, Lastline, a security firm that focuses on real-time analysis of advanced malware, issues a new report on the evolving landscape of evasive malware.
To submit news articles for inclusions on the Cyberseer News Roundup, please email us at [email protected]
About Cyberseer – The Threat Detection Specialists
Cyberseer excel in advanced threat detection by leveraging cutting edge technologies and forensic analysis and investigation. Our security solutions alongside our managed service provide organisations with a flexible and intelligent defence that protects them from both external and internal cyber-attacks.