1. Building a Business Case for Security that the CFO Can Understand

    One of the biggest challenges when you go shopping for new security tools is answering the inevitable question from finance: “What’s the value?” Determining the ROI of a new security product isn’t always an exact science. There are no hard and fast rules to follow – which is why generic … READ MORE

  2. New Ursnif Variant Targeting Italy and U.S.

    Fidelis Cybersecurity has been investigating a new variant of Ursnif, a family of trojans that captures and reports information about user activity back to the attacker. We recently observed the variant distributed in phishing runs designed to appear as legitimate banking-related emails. On infe … READ MORE

  3. Attacker vs. Victim: Investigating an Incident from Both Perspectives

    At InfoSecurity Europe in June, I will be showing a demonstration of what we call: “Attacker vs. Victim”, which uses real zero days, malware and tools to compromise a fictitious company and steal data. The purpose of this demo is to show executives, media and security practitioners what an ac … READ MORE

  4. Vawtrak Trojan: Bank on it Evolving

    On May 12, 2016, Fidelis Cybersecurity witnessed an update to Vawtrak malware, a banking trojan, spread via an email campaign using subpoena- and lawsuit-related themes. The configurations observed in this campaign point to an attempt to harvest user credentials when visiting accounts on major f … READ MORE

  5. Welcome to the Jungle: Tips for Staying Secure When You’re on the Road

    The summer travel season is right in front of us. While the jungle may not be your intended destination, that’s exactly where you’re likely to find yourself. When you walk out the door with your smartphone and laptop, you become a high-value target. Your individual privacy and your employer … READ MORE

  6. Turbo Twist: Two 64-bit Derusbi Strains Converge

    To follow up on the March report on the discovery of a 64-bit Linux variant of Derusbi used in the Turbo campaign, this post covers our analysis of two unique Windows variants of the Derusbi PGV_PVID malware. Derusbi has been widely covered and associated with numerous Chinese cyber espionage act … READ MORE

  7. 5 Tips from the Front Lines of a Critical Security Incident

    Here we go again. Stress levels are rising. Colleagues are in a panic and executives want answers now. Critical alerts suggest you’ve been compromised. The question is: Where did it happen? How did the attacker get in? Are any endpoints compromised? What’s the extent of the damage? What was … READ MORE

  8. Part 2: Bolster Defenses to Prepare for Ransomware Attacks

    As criminals continue their relentless ransomware attacks on healthcare providers, organizations are asking how to prepare and minimize the impact of an attack. What can an organization do to bolster their defenses? Prepare! We advise the following strategy to handle a ransomware incident: 1. Ass … READ MORE

  9. Part 1: Pay Up, It’s a Hostile Hospital Takeover!

    Ransomware attacks targeting the healthcare community are sending shockwaves through the industry. In late March, Washington DC-based MedStar Health became the latest in a series of providers to fall victim to ransomware. The impact of a network-wide ransomware attack grinds operations to a stand … READ MORE