Command-and-control attacks can compromise an entire network. Find out what they are and how they work.
3 min read
DNS tunneling is one of the most damaging DNS-based attacks. What exactly is it, and how does it work?
3 min read
DNS hijacking has been used to take over the web domain of The New York Times. What is it, and how does it work?
3 min read
Fileless malware and “living off the land” have been around for some time, but have seen a resurgence in recent months. What’s behind this growing popularity? Jen Miller Osborn, Deputy Director of Threat Intelligence of Unit 42 explains what makes these tactics so attractive to malicious actors.
3 min read
For many, the cryptocurrency phenomenon is intriguing but complicated, involving “blockchain,” “distributed ledgers” and other jargon. Ryan Olson, VP of Threat Intelligence Unit 42, explains one of the hidden threats of the cryptocurrency boom — cryptomining attacks.
3 min read
Attackers always look for quick ways to steal data. Using readily available automated tools and advanced techniques, they can do so with ease, leaving your traditional network defenses ineffective.
3 min read
Malware is a file or code, typically delivered over a network, that infects, explores, steals or conducts virtually any behavior an attacker wants.
3 min read
Exploit kits are automated threats that utilize compromised websites to divert web traffic, scan for vulnerable browser-based applications, and run malware.
3 min read
Phishing attacks are one of the most prevalent methods of cybercrime because they are easy to deploy, can bypass detection methods, and offer low risk and cost.
3 min read
A denial-of-service attack is meant to shut down a machine or network by flooding it with traffic, making it inaccessible to its intended users.
3 min read
A distributed denial-of-service (DDoS) attack is a variant of a DoS attack that employs large numbers of attacking computers to overwhelm the target.
3 min read
A bot is a piece of malware that infects a computer to carry out commands under the remote control of the attacker.
3 min read
Spyware is a type of malware that collects and shares information about a computer or network without the user’s consent.
3 min read
The cyber attack lifecycle consists of multiple stages, and prevention must occur at each stage to prevent attackers from gaining access and stealing data.
5 min read
To identify and prevent evasive threats, security tools must employ purpose-built virtual analysis, bare metal analysis, and incorporate threat intelligence.
3 min read
Organizations face 3 challenges when identifying and preventing evasive threats: the threat marketplace, inadequate defenses, and open source vulnerabilities.
3 min read
The success of any industry is reliant on its economics. Cybercrime is no different, maintaining its own economy of commoditized products and services.
3 min read
Unknown threats are recycled or modified known threats, or created entirely from scratch, and bypass security tools designed to protect against known threats.
5 min read
Credential based attacks occur when attackers steal credentials to gain access, bypass an organizations security measures, and steal critical data.
3 min read
Attackers can obtain stolen credentials in many ways: phishing, malware, social engineering, brute force or black-market purchase. Once attackers have stolen credentials, they can abuse them to enter an organization, move laterally, and escalate privileges for unauthorized applications and data.
3 min read
Users and their credentials are among the weakest links in an organization’s security infrastructure. As such, the majority of breaches involve credential theft at some point in the attack lifecycle. With credential abuse as part of the attackers’ toolset, their chances of successfully breaching go up, and their risk of getting caught goes down..
2 min read
OTHER TOPICS:
CYBERSECURITY | THREAT | RANSOMWARE | ENDPOINT PROTECTION | DATA CENTER | CLOUD SECURITY | NETWORK SECURITY | FIREWALL
