Top IT Security Bloggers

Arbor Networks
  • LockPoS Joins the Flock

    Arbor Networks
    While revisiting a Flokibot campaign that was targeting point of sale (PoS) systems in Brazil earlier this year, we discovered something interesting. One of the command and control (C2) servers that had been dormant for quite some time had suddenly woken up and started distributing […]
  • Patching Not Enough to Stop Petya

    Arbor Networks
    Voluminous amounts of information have already been disseminated regarding the “Petya” (or is it “NotPetya”? [1]) ransomware that hit the Ukraine hard [2] along with organizations such as “the American pharmaceutical giant Merck, the Danish shipping company AP Moller-Maersk, the British advertising firm WPP, Saint-Gobain […]
  • Pivoting off Hidden Cobra Indicators

    Arbor Networks
    On June 13th 2017, US-CERT issued a joint Technical Alert (TA17-164A) entitled Hidden Cobra – North Korea’s DDoS Botnet Infrastructure. The alert, which was the result of analytic efforts between the Department of Homeland Security (DHS) and Federal Bureau of Investigation (FBI), included a list […]
  • Another Banker Enters the Matrix

    Arbor Networks
    This post takes a look at a new banking malware that has, so far, been targeting financial institutions in Latin America—specifically, Mexico and Peru. Initially, we’ve called it “Matrix Banker” based on its command and control (C2) login panel, but it seems that “Matrix Admin” […]
  • Zyklon Season

    Arbor Networks
    The ASERT research team has recently done some work reverse engineering a family of malware called “Zyklon H.T.T.P.” that is written using the .Net framework. Zyklon (German for “cyclone”) is a large, multi-purpose trojan that includes support for a variety of malicious activities, including several […]
  • WannaCry

    Arbor Networks
    Information regarding the WannaCry ransomware is spreading as quickly as the malware itself and is expected to do so throughout the weekend. This blog provides some information from our malware processing system that may, or may not be, available elsewhere. The WannaCry ransomware propagates by […]
  • Greenbug’s DNS-isms

    Arbor Networks
    Over the past few months there has been a lot of research and press coverage on the Shamoon campaigns. These have been the attacks on Saudi Arabian companies where a destructive malware known as Disttrack was deployed. The malware, using stolen credentials, spreads throughout the […]
  • Observed Spike in DDoS Attacks Targeting Hong Kong

    Arbor Networks
    Introduction Each week ASERT produces a weekly threat intelligence bulletin for Arbor customers. In addition to providing insights into the week’s security news and reviewing ASERT’s threat research activities, we also summarize the weeks DDoS attack data as reported by over 330 global Internet Service […]
  • Acronym: M is for Malware

    Arbor Networks
    A malware researcher known as Antelox recently tweeted about an unknown malware sample that caught our eye. Upon further investigation, it is a modular malware known as Acronym and could possibly be associated with the Win32/Potao malware family and the Operation Potao Express campaign. This […]
  • Change All Your Passwords, Right Now!

    Arbor Networks
    by Steinthor Bjarnason, Senior ASERT Security Analyst & Roland Dobbins, ASERT Principal Engineer CloudFlare are probably best known as a DDoS mitigation service provider, but they also operate one of the largest Content Delivery Networks (CDNs) on the Internet. Many popular Web sites, mobile apps, […]

Editor's Recommendations

Solution Centres

Events

View all events Submit your own security event

Latest Videos

More videos

Blog Posts

Media Release

More media release

Market Place