March 10th, 2016
Locky is the latest in an ever increasing range of ransomware threats used by cyber criminals in an expanding and increasingly lucrative market. . What makes Locky special is that it appears to have come from the same group behind several large Dridex campaigns showing that they are possibly diversifying their range of attacks.
- March 8th, 2017
For nearly a decade, Avecto’s customers have relied on Defendpoint to underpin “traditional AV”, next generation AV, machine learning and advanced network-based analysis solutions. Despite notable advances, detection will never reach 100% efficacy.
- November 28th, 2016
Social engineering is the use of psychological tools such as deceit, misdirection, manipulation and flattery to elicit unauthorised information or access to systems. Social engineering is an increasingly common way for criminals to attack organisations as it does not always rely on cyber vulnerabilities but rather takes advantage of the weakest element in an organisation, human beings. People are susceptible to social engineering because these attacks exploit social norms and human nature, including reciprocity, curiosity, and pride. As we become increasingly connected – at work, at home and intertwining the two – the opportunities and impacts of social engineering are increasing.
- November 2nd, 2016
Security researchers at enSilo recently released a novel code injection technique for Windows known as ‘Atom Bombing’. This is so called because it exploits Windows atom tables and Async procedure calls (APC) to evade detection by many common security solutions.
- May 4th, 2016
To be clear, a ransomware developer’s goal is not to destroy your data. The main driver is money, and they care about lining their own wallets (usually bitcoin wallets but this does not make a big difference to you,) which means that destroying your data isn’t really the goal they are trying to achieve.
- April 12th, 2016
In the tech world recently there have been discussions regarding a new type of ransomware, which has been dubbed “PowerWare”. It has been named this way due to the fact that instead of using an exploit to download malicious software to run on the users’ machine and encrypt their files, exploits are instead used to invoke PowerShell to do the damage.