Microsoft has come across an evolution of PLATINUM’s file-transfer tool, one that uses the Intel® Active Management Technology (AMT) Serial-over-LAN (SOL) channel for communication. This channel works independently of the operating system (OS), rendering any communication over it invisible to firewall and network monitoring applications running on the host device. Until this incident, no malware had been discovered misusing the AMT SOL feature for communication.

This report offers insight into the Win32/Industroyer a new threat for industrial control systems.

From April 2016 until at least February 2017, attackers have been spreading malware via fake Facebook profiles and pages, breached websites, self-hosted and cloud based websites. Various artifacts indicate that the main target of this campaign is IEC – Israel Electric Company. These include domains, file names, Java package names, and Facebook activity. We dubbed this campaign “Operation Electric Powder“.

This report analyzes the Mac specific malware from APT28 named Trojan.MAC.APT28

This white paper explains common use cases for privilege management on Unix/Linux servers.

This document deals with malware on mobile devices.

This document discusses the vulnerabilities discovered by edgescanTM over the past year – 2016. The vulnerabilities discovered are a result of providing “Fullstack” continuous vulnerability management to a wide range of client verticals; from Small Businesses to Global Enterprises, From Telecoms & Media companies to Software Development, Gaming, Energy and Medical organisations. The statistics are based on the continuous security assessment & management of over 57,000 systems distributed globally.

In this whitepaper you will learn what endpoint privilege management is and how an effective approach significantly enhances an organization’s security against rising cyber crime. They cover the origins of the least privilege concept, the benefits of application control, the current cyber threat landscape and how endpoint privilege management works to combat this with minimal disruption to user productivity.

This white paper discusses the principals of the GNU Public License (GPL), the risks of using GPL-licensed code, and how GPL code may be used in proprietary products while minimizing legal compliance issues.

The research department at TopSpin Security conducted an experiment to investigate the performance of deception technologies in a simulated corporate environment in which more than 50 professional hackers and security experts used their knowledge and skills to try to extract a pre-defined piece of data and stay undetected. The experiment sought to answer a number of questions, including: 1) What kind of attacker will be attracted to what different type of resources (traps)? 2) What deception mechanisms should the defending organization employ? 3) Where should they be placed? 4) What kind of traps should be used Every attack pattern was carefully monitored and upon completion the data logged was analyzed and aggregated. Trends, attack patterns and statistics were derived from the data logged.

SophosLabs takes a specific look at threats being downloaded on GooglePlay that mine a mobile phone’s resources while searching for cryptocurrency.

Read about the threat outlook for aerospace and defense sectors as threat groups seek to gain military and economic advantages.

This report is specifically geared to the Healthcare and Cross-Sector Cybersecurity Issues.

This eBook gives a detailed breakdown of the current state of the Kubernetes Ecosystem.

This document discusses the vulnerabilities discovered by edgescanTM over the past year – 2015. The vulnerabilities discovered are a result of providing continuous vulnerability management to a wide range of client verticals; from Small Businesses to Global Enterprises; Telecoms & Media, Software Development, Gaming, Energy and Medical organizations.

This is an infographic based on the 2016 State of Privacy And Security Awareness Report.

The Internet has adapted to encryption at a breakneck speed. Multiple studies indicate a rapid increase of encrypted Internet traffic. Sandvine came out with a paper during February 2016 stating that 70% of the Internet traffic would be encrypted by that year’s end. By mid-2017, we can only predict that the percentage is much higher than 70%.

This report, out of Great Britain, focuses on the WannaCry Cyber Attack and what they learned in their investigation.

This is the 2nd ebook from The New Stack’s series focused on the Kubernetes ecosystem. Unlike the 1st ebook that centered on the state of the Kubernetes ecosystem, this ebook shines a light on answering the question: How well does Kubernetes work in production?

This report focuses on software vulnerabilities, software vulnerability exploits, malware, and unwanted software. It is the hope that readers find the data, insights, and guidance provided in this report useful in helping them protect their organizations, software, and users.

This threat report takes a look at some of the events of spring 2017. Specifically, it looks at the NICKEL GLADSTONE threat group, the Iranian COBALT GYPSY threat group, third party risks, limiting native operating system admin tools.