-
How to assess and mitigate information security threats
Learn how to assess and mitigate information security threats, like rootkits, worms and Trojans in the tip series created in collaboration with Realtimepublishers and Dan Sullivan, author of The Shortcut Guide to Protecting Business Internet Usage. Book Chapter
-
Balancing the cost and benefits of countermeasures
The final tip in our series, "How to assess and mitigate information security threats," excerpted from Chapter 3: The Life Cycle of Internet Access Protection Systems of the book "The Shortcut Guide to Protecting Business Internet Usage published by ... Book Chapter
-
Threats to physical security
This is tip No. 6 in our series, "How to assess and mitigate information security threats," excerpted from Chapter 3: The Life Cycle of Internet Access Protection Systems of the book "The Shortcut Guide to Protecting Business Internet Usage" publishe... Book Chapter
-
Malware: The ever-evolving threat
The first tip in our series, "How to assess and mitigate information security threats, excerpted from Chapter 3: The Life Cycle of Internet Access Protection Systems of the book The Shortcut Guide to Protecting Business Internet Usage published by Re... Book Chapter
-
Network-based attacks
The second tip in our series, "How to assess and mitigate information security threats," excerpted from Chapter 3: The Life Cycle of Internet Access Protection Systems of the book The Shortcut Guide to Protecting Business Internet Usage published by ... Book Chapter
-
Countermeasures for malicious email code
Today's malware continues to raise the security stakes. Enterprises are now facing numerous evolving threats like targeted and blended attacks, zero-day exploits, botnets and phishing schemes. The attacks aren't the only things evolving; so are today... Messaging Security School
-
Working
Learning Guide
-
Answer page: Malware quiz
SearchSecurity Retention
-
More from SearchSecurity September 2006
Information Security maga
-
Answer page: Nmap quiz
SearchSecurity Retention
- See More: Essential Knowledge on Malware, Viruses, Trojans and Spyware
-
Cridex Trojan breaks CAPTCHA, targets Facebook, Twitter users
The banking Trojan variant Cridex can break CAPTCHA tests in just a few attempts, allowing it to create malicious email accounts used for spamming and propagating the virus. News | 31 Jan 2012
-
Phoenix Exploit Kit responsible for mass WordPress compromises
Security firm M86 Security has discovered hundreds of WordPress websites compromised by Phoenix. News | 30 Jan 2012
-
Fake Firefox update delivers malware, exploit kits
Malicious webpages masquerading as browser updates are being used by attackers as launch pads for Trojan viruses and exploit kits. News | 27 Jan 2012
-
Kelihos botnet operator named in Microsoft botnet lawsuit
Microsoft has named a Russian programmer as the one who wrote the malicious Kelihos code used to create a small botnet that peddled spam and child pornography. News | 25 Jan 2012
-
Black Hole kit fuels drive-by attacks, rogue antivirus declines, Sophos finds
The Black Hole crimeware kit has caused drive-by attacks to surge, according to the Sophos 2012 threat report. News | 24 Jan 2012
-
Facebook users targeted by transformed Carberp Trojan
Attackers seize on the trust victim’s have in the social network by setting up a tricky man-in-the-browser attack and demanding $25 in cash. News | 19 Jan 2012
-
Android app malware exploits Carrier IQ controversy
Phony Android application checks for running Carrier IQ software, but then sends SMS messages to a premium rate number. News | 12 Jan 2012
-
Ramnit financial malware rips Facebook credentials
Researchers at security firm Seculert have discovered a cache of 45,000 Facebook login credentials tied to the Ramnit worm. News | 05 Jan 2012
-
Tilded platform responsible for Stuxnet, Duqu evasiveness
Researchers at Kaspersky Lab tie the Stuxnet worm and its sister Duqu Trojan to the Tilded platform, which helped the malware evade detection by traditional security software. News | 04 Jan 2012
-
Multifunctional malware, staged drive-by attacks to rise in 2012
Malware toolkits are being programmed with attacks that make the most business sense, say security experts. Automated toolkit users will have new capabilities to target specific groups and organizations. News | 30 Dec 2011
- See More: News on Malware, Viruses, Trojans and Spyware
-
Mac enterprise security: Going beyond Mac malware scans
More attackers see an opportunity in Mac enterprise environments. Mike Cobb explains how to ensure a Mac enterprise security plan goes beyond Mac malware scans. Tip
-
Duqu malware advice: Should enterprises worry about the Duqu Trojan?
Enterprise threats expert Nick Lewis offers analysis of the recent Duqu malware outbreak and the Duqu Trojan response enterprises should take. Tip
-
How antivirus software works: Virus detection techniques
Antivirus software uses several different virus detection techniques, as described in this tip by expert Lenny Zeltser. Tip
-
Call to action: Is now the time to upgrade from Windows XP to 7?
A disproportionate percentage of PCs infected with rootkits are running Windows XP. Does the upgrade from Windows XP to 7 need to happen now? Tip
-
Malware on a Mac: How to implement a Mac antimalware program
Learn how to create a Mac security program at your enterprise, before the amount of Apple platform malware reaches critical mass. Tip
-
Proactive security measures: How to prevent malware attacks
Security teams don't always need to be on the reactive. Learn how to implement proactive security strategies that prevent malware infections. Tip
-
Evolving IT security threats: Inside Web-based, social engineering attacks
Attackers have mixed a dangerous cocktail of social engineering, Web-based attacks and persistence. Lenny Zeltser explains how your organization can keep from drowning in malware. Tip
-
Malvertisements: Mitigating malicious advertisement malware
Expert Michael Cobb explains why malvertisements are so hard to control and what enterprises can do to help mitigate the risk of malicious advertisement malware. Tip
-
Botnet removal: Detect botnet infection and prevent re-infiltration
Though botnet mitigation tactics continue to mature, so do the botnets themselves. In this tip, expert Nick Lewis gives best practices for detecting and removing cutting edge botnets. Tip
-
The state of enterprise spam filters: Can more be done to control spam?
Does your enterprise rely solely on its email filter to protect against spam? Are you aware of how spam filters work? Expert Michael Cobb discusses how today's spam works, and what can help control spam in an enterprise setting. Tip
- See More: Tips on Malware, Viruses, Trojans and Spyware
-
Curb the spam virus threat via information security awareness training
Information security awareness training doesn't always protect users from the ongoing spam virus threat. Nick Lewis offers additional measures that may help. Answer
-
Does Morto worm prove inherent flaws in Windows RDP security?
The recent Morto worm had unusual success spreading via Windows Remote Desktop Protocol. Does that mean RDP is security too weak? Nick Lewis explains. Answer
-
Scareware removal: How to get rid of fake AV malware
Threats expert Nick Lewis explains how to prevent and remove scareware infections. Answer
-
Hacker chatter: Can hacker websites help companies anticipate attacks?
Tracking hacker chatter could be useful for discovering attacks, but there may be other, less risky routes to finding the same information. Answer
-
Zeus Trojan analysis: How to decode the Zeus config.bin file
Learn how to analyze the Zeus config.bin file in order to identify targeted URLs and infected computers on your network. Answer
-
Evolution of online banking malware: Tatanarg Trojan and OddJob Trojan
Online banking credentials are one of the most lucrative bits of information available to steal. Expert Nick Lewis advises how to keep cutting-edge Trojans off company machines. Answer
-
How to protect against the Bredolab virus Trojan in job applications
Learn more about a recent Bredolab Trojan exploit involving online job applications, and how you can protect your organization from such threats. Answer
-
OddJob Trojan: Different from other online security banking threats?
What particular risks does the OddJob Trojan pose to the security of financial transactions over the Web? Expert Nick Lewis explains. Answer
-
Can rootkit detection mechanisms stop the Blue Pill?
At Black Hat 2006, researcher Joanna Rutkowska unveiled a piece of machine-based malware called the Blue Pill. But is it a serious threat to your operating system? Ed Skoudis explains in this expert Q&A. Ask the Expert
-
Social networking best practices for preventing social network malware
Get advice on social networking security best practices that can help prevent data leaks and other social network malware that could harm to your enterprise. Ask the Expert
- See More: Expert Advice on Malware, Viruses, Trojans and Spyware
-
Tilded platform
The Tilded platform is a malicious software communicator specifically designed as a vessel for transmitting malware undetected. Definition
-
Duqu (W32.Duqu)
Duqu is a remote access Trojan (RAT) that is designed to steal data from computers it infects. Definition
-
malvertisement (malicious advertisement or malvertising)
A malvertisement (malicious advertisement) is an advertisement on the Internet that delivers a malicious payload. Definition
-
TDL-4 (TDSS or Alureon)
TDL-4 is sophisticated malware that facilitates the creation and maintenance of a botnet. The program is the fourth generation of the TDL malware, which was itself based on an earlier malicious program known as TDSS or Alureon. Definition
-
memory-scraping malware
Memory-scraping malware is a type of malware that helps hackers to find personal data. It examines memory to search for sensitive data that is not available through other processes. Definition
-
domain rotation
Domain rotation is a technique use by malware distributors to drive traffic from multiple domains to a single IP address that is controlled by the distributor. The goal of domain rotation is to make it harder for a network administrator to blacklist ... Word
-
advanced persistent threat (APT)
An advanced persistent threat is a network attack in which an unauthorized person gains access to a network and stays there undetected for a long period of time. Word
-
metamorphic and polymorphic malware
Metamorphic and polymorphic malware are two categories of malicious programs that have the ability to change their code as they propagate. Word
-
Zeus Trojan (Zbot)
Zeus, also known as Zbot, is a malware toolkit that allows a cybercriminal to build his own Trojan Horse. A Trojan Horse is programming that appears to be legitimate but actually hides an attack. Word
-
RAT (remote access Trojan)
A remote access Trojan (RAT) is a malware program that gives an intruder administrative control over a target computer. RATs are usually downloaded invisibly with a user-requested program -- such as a game -- or sent as an email attachment. Once the ... Word
- See More: Definitions on Malware, Viruses, Trojans and Spyware
-
Black Hat 2011: Attack vectors, vulnerabilities and malware analysis
Rodrigo Branco talks about vulnerabilities, malware sophistication and whether the move to cloud-based services will change the way cybercriminals work. Video
-
Web 2.0 tutorial: Security awareness for Web 2.0 attacks
Robert "Rsnake" Hansen discusses Web 2.0 attacks that pose serious security risks to enterprises and their security landscape. Video
-
Data breaches, spear phishing and application defense
Bit9 CTO Harry Sverdlove, the former principal research scientist at McAfee Inc., talks about the latest spate of data breaches and the lessons that can be gleaned from them. Podcast
-
Microsoft's Scott Charney on fighting botnets, rogue antimalware
In the final segment of SearchSecurity.com's exclusive RSA Conference 2011 video interview with Scott Charney, Microsoft's Corporate VP of Trustworthy Computing, he discusses a variety of concerns on the enterprise threat landscape. Video
-
Expert Bruce Schneier's Stuxnet malware analysis
In this RSA Conference 2011 interview, Michael Mimoso, Editorial Director of the Security Media Group at TechTarget interviews Bruce Schneier, Chief Security Technology Officer of BT Group discusses Stuxnet malware analysis. Video
-
Assessing the botnet threat
Botnet researcher Joe Stewart discusses the current threat levels presented by botnets and how to protect your enterprise from DDoS and other botnet attacks. Video
-
Botnets, malware and capturing cybercriminals
Malware isn't getting more sophisticated, but cybercriminals have better tools to control their botnets and deploy more targeted attacks, says Gunter Ollmann of Damballa, Inc. Video
-
Smart tactics for antivirus and antispyware
AV has become a commodity service with vendors touting value-added features and the ability to protect other parts of the network. This video addresses AV and antispyware from an architectural perspective. You'll learn the benefits of standalone prod... Video
-
PCI compliance requirement 5: Antivirus
Diana Kelley and Ed Moyle of Security Curve review PCI compliance requirement 5: "Use and regularly update antivirus software." Video
-
Johannes Ullrich: ISC, stealthy malware
SANS Chief Research Officer Johannes Ullrich discusses the Internet Storm Center (ISC), information sharing and the state of malware. Video
- See More: Multimedia on Malware, Viruses, Trojans and Spyware
-
Mac enterprise security: Going beyond Mac malware scans
More attackers see an opportunity in Mac enterprise environments. Mike Cobb explains how to ensure a Mac enterprise security plan goes beyond Mac malware scans. Tip
-
Cridex Trojan breaks CAPTCHA, targets Facebook, Twitter users
The banking Trojan variant Cridex can break CAPTCHA tests in just a few attempts, allowing it to create malicious email accounts used for spamming and propagating the virus. News
-
Phoenix Exploit Kit responsible for mass WordPress compromises
Security firm M86 Security has discovered hundreds of WordPress websites compromised by Phoenix. News
-
Fake Firefox update delivers malware, exploit kits
Malicious webpages masquerading as browser updates are being used by attackers as launch pads for Trojan viruses and exploit kits. News
-
Kelihos botnet operator named in Microsoft botnet lawsuit
Microsoft has named a Russian programmer as the one who wrote the malicious Kelihos code used to create a small botnet that peddled spam and child pornography. News
-
Black Hole kit fuels drive-by attacks, rogue antivirus declines, Sophos finds
The Black Hole crimeware kit has caused drive-by attacks to surge, according to the Sophos 2012 threat report. News
-
Facebook users targeted by transformed Carberp Trojan
Attackers seize on the trust victim’s have in the social network by setting up a tricky man-in-the-browser attack and demanding $25 in cash. News
-
Android app malware exploits Carrier IQ controversy
Phony Android application checks for running Carrier IQ software, but then sends SMS messages to a premium rate number. News
-
Tilded platform
The Tilded platform is a malicious software communicator specifically designed as a vessel for transmitting malware undetected. Definition
-
Ramnit financial malware rips Facebook credentials
Researchers at security firm Seculert have discovered a cache of 45,000 Facebook login credentials tied to the Ramnit worm. News
- See More: All on Malware, Viruses, Trojans and Spyware
About Malware, Viruses, Trojans and Spyware
Get tips and tricks on how to remove and detect malware, viruses, worms, Trojan, rootkits, spyware and adware. Experts also offer advice detection and prevention software, including antivirus and antispam.