New Virus Attacks All Windows-based Computers

A new type of malware is beginning to circulate and attack nationwide, according to GuardiCore, a vendor of software that detects breaches in real time. And, right now, the malware can be detected by only two anti-virus engines.

“This is new malware capable of running on every Windows version from XP through Server 2012 R2,” the company reported in a blog. That means it runs on every single Windows version, “so 100 percent of your Windows endpoints are vulnerable,” says Daniel Goldberg, a security researcher at GuardiCore. The malware has been named Trojan.sysscan.

Ravaging RDP Servers? Backdoor Trojan Ramps Up Enterprise Risk

Trojan-laden malware remains a huge problem for enterprises and individual users alike. As noted by Palo Alto Networks, some cybercriminals are targeting users with creative Mac OS X malware that uses a PDF detailing Russian space program projects over the next decade as a decoy to infect systems with information-stealing code. Softpedia, meanwhile, reported that enterprises have more to fear from a new set of brute-force remote desktop protocol (RDP) attacks that use a backdoor Trojan to infect connected servers and grab everything from banking credentials to tax data and browser cookies. Here’s a look at the new RDP risk.

Brand-New Delphi Trojan Exfiltrates Vast Amounts of Info

A never-before-seen credential-stealing Trojan has been uncovered, found to be backdooring machines and exfiltrating large amounts of information. Written in Delphi coding language (should we call it the Oracle at Delphi?), the Trojan.sysscan malware is being used by a single source as the payload for attacks that repeatedly use brute-force passwords for RDP credentials, according to GuardiCore.

Securing the Enterprise Data Center: Why a Fundamentally New Approach is Neeed

Over the last decade, the modern data center has changed dramatically, raising a host of new security challenges. Having evolved into dynamic, complex environments with exceptionally high traffic rates, the typical enterprise data center has become increasingly hard to protect against advanced threats and malicious attacks from the outside. And while the number of external threats measure in the millions, attackers only need to succeed once to cause significant damage and loss. Simply put, there is a significant disconnect that exists between the tools we have to protect the data center, and the advancing rate of sophistication in terms of the threats we are facing. As such, a fundamentally new approach for securing the data center is required.

Visibility Is the Key to Micro-Segmentation

Server and network virtualization, combined with ever-increasing traffic, network speed and server density have created a visibility gap. Administrators simply cannot “see” what is going on deep in their data centers and sophisticated attackers can go undetected for extended periods of time. GuardiCore VP of Marketing Dave Burton explores this issue in this article published in Data Center Dynamics.

Deception Technology Grows and Evolves

Deception technologies such as honeypots are becoming increasingly popular with enterprises as the products get more flexible and the tools allow security analysts swamped with incident reports to zero in on cases of actual ongoing infiltration. According to a report released in August by research firm Technavio, the deception technology market is growing at a compound annual growth rate of 9 percent, and is predicted to reach $1.33 billion by 2020.

Best 8 Hacking Tools from This Years Black Hat Conference

Here are 8 absolute badass hacking tools which were demoed in this year’s Black Hat Conference. Hackers and security researchers are pulling out all the stops yet again, using Black Hat as a platform to explain, release and/or promote a ton of great tools for pen testers and security operations experts. Here are some of the highlights and tools that are being or will be demoed during the course of the conference which will end on 4th August.

8 Bad Ass Tools Coming Out Of Black Hat

Inspired by Netflix’s Chaos Monkey project, Infection Monkey is a data center pentest tool designed to spin up infected virtual machines within random parts of the data center to test for potential blind spots in the overall network security chain and help teams bolster their data center security resilience.

PhotoMiner Worm Spreads via Vulnerable FTP Servers, Mines for Crypto-Currency

PhotoMiner is a worm that propagates with the help of vulnerable FTP servers, infects public Web pages, spreads to Windows computers and sets up a mining process for the Monero crypto-currency. Security firm GuardiCore discovered the worm this past January, when it also published a quick summary of its abilities. In the meantime, the company found that the worm was created in early December 2015 and received several updates after its January write-up.
.

A New Cloud Security Unicorn Will Rise From The Cybersecurity Ashes

CISOs developing a roadmap to secure their cloud environments should be prepared for significantly more orchestration work than for securing SaaS. With the extra work will come significant rewards. Bold CIOs and CISOs will take a leap of faith and partner with security innovators to orchestrate their own cloud security systems. GuardiCore and deception technology is listed as one of them.