Download the full report (PDF) Overview Targeted attacks and malware campaigns Dropping Elephant Targeted attack campaigns don’t need to be technically advanced in order to be successful. In July 2016 we reported on a group called Dropping Elephant (also known as ‘Chinastrats’ and ‘Patchwork’). Using a combination of social engineering, old exploit code and some […]

With great power comes great responsibility. Powerful words. We’re not talking about a web-slinging superhero though, but a different type of web altogether -the World Wide Web- and with the ongoing expansion of the Internet of Things, its increasing connection to the physical world is inspiring awe and wonder, but also a growing necessity for […]

Ashley Madison, Dropbox and Yahoo have something in common—they are all victims of mass data breaches where user log-in credentials were stolen. Sadly, this type of tactic has become more common over the last year. What’s even worse is that it seems like this will continue to be an objective for cybercriminals—after all, why wouldn’t […]

Biometrics continue to stand first in line to replace traditional passwords. All those whose employees use long and complex combinations of letters and numbers will be looking forward to a system whereby all that is required is for a fingerprint or iris pattern to be recognized by a sensor in order to access the services […]

Q3 events Cybercrime as a Service In the last few months the scale of the global ‘Cybercrime as a Service’ infrastructure has been revealed – fully commercialized, with DDoS as one of the most popular services capable of launching attacks the likes of which have never seen before in terms of volume and technological complexity. […]

It is this time of the year when we are all going to Halloween costume parties, playing pranks on each other and visiting haunted attractions. Why do we do it? Well, we want to ward off the evil spirits while having fun in the process. There is nothing wrong with that! However there are plenty […]

Knock knock! Trick or treat! Companies and cybercriminals play the same game. You could be opening back doors to cybercriminals this year, without even knowing it. You’ll lose this game if you don’t fight back. Ransomware attacks will capture your documents and the attackers will be expecting a big juicy reward (if you want your […]

The Gootkit bot is one of those types of malicious program that rarely attracts much attention from researchers. The reason is its limited propagation and a lack of distinguishing features. There are some early instances, including on Securelist (here and here), where Gootkit is mentioned in online malware research as a component in bots and […]