Blog

  • From
  • to

Are the Adobe Flash Vulnerabilities Leaving You Feeling Scared?

Based on an analysis in 2015 of over 100 exploit kits (EKs) and known vulnerabilities, Adobe Flash was the unfortunate winner of the most frequently exploited product. Now that it’s 2017, companies are joking that maybe it’s time to give Flash the old heave ho’ to retirement. While Adobe has…

January 16, 2017

Sean Roth

Malware Authors are Weaponizing Ad-Supported Services

Exploit kits are like stealthy cruise missiles full of malware. A user who clicks on an infected page will have no idea that their browser is being stealthily redirected to a bulletproof hosting site that infects their endpoint. What's worse, the rise of malvertizing—malware-infected banner ads—means that even legitimate websites…

January 13, 2017

Sarah Vanier

Mass Surveillance: The Downsides of Traditional Endpoint Protection

The intersection of privacy and security has lent itself to some extremely contentious debates over the last few years. Encrypted messaging applications, like Signal, allow people to keep those conversations private—but what happens when the conversants are criminals? Tracking metadata may keep us safe—but what happens when the state overreaches?…

January 11, 2017

Scott Gainey

Threat Intelligence: How To Find The Real Threats In Time

Every day we are bombarded by mountains of threat data from a variety of sources. While most of this data is completely irrelevant and needs no attention, we can’t afford to miss the next attack that could be devastating to our business. According to a Ponemon Research Report, 70% of…

January 09, 2017

Sean Roth

Cybersecurity Jobs Outlook is Bleak News for Businesses

Here's a sobering bit of data: there is an employment crisis in information security. By 2019, there will be 6 million job openings for information security professionals—but only 4.5 million security professionals to fill those roles. That's a vast shortfall, especially for an industry that helps protect critical data—it's like…

January 06, 2017

Sarah Vanier

AtomBombing Code Injection: Real Threat Or Just A Lot Of Hype?

Code injection has been around for a while, but recently popped up in the news again with AtomBombing code injection. What Is Code Injection? “Code injection is a technique that attackers often use to execute malicious code by inserting it into a legitimate application or process. The Open Web Application…

January 04, 2017

Scott Gainey

Cybercriminals Need Shopping Money in 2017, Too!

Oh, the ransomware outside is frightful, and the amounts are not delightful... If you’ve been out in the world lately, there’s a chance holiday music is stuck in your head too. You might have noticed that our tune is a little different from the original. That’s because along with “let…

December 28, 2016

Sean Roth

Three Ways that Security Researchers Trolled Hackers in 2016

The year 2016 has not really been a standout for information security. This was the year that the Russians hacked the DNC (and now the RNC, apparently), the year that ransomware authors bricked an entire transit system, and the year that the IoT literally broke the internet. Like most of…

December 21, 2016

Sarah Vanier

Fileless Malware—Is It Any Worse than Traditional Attack Vectors?

Companies are already having a hard enough time protecting their networks and identifying breaches. With average time to detect at nearly 100 days and 200 days for financial services firms and retailers, respectively, it’s clear that security professionals have their hands full. And yet, cyber attackers continue to up their…

December 19, 2016

Scott Gainey

Mobile Malware—The Market for Mobile Exploits Is Heating Up

Remember when Apple claimed that its products were immune to viruses and malware? This was most prevalent for OS X, but certainly bled into the “walled garden” of iOS. Meanwhile, the open Android operating system has been plagued by malware for years, but mostly in cases where users chose to…

December 16, 2016

Sean Roth

1 2 3 16