InfoQ Homepage malware Content on InfoQ
News
RSS Feed-
AWS Introduces Malware Detection for Object Uploads to Amazon S3
At the latest re:Inforce cloud security conference, AWS announced GuardDuty Malware Protection for Amazon S3. This new malware scanning feature for Amazon S3 enables teams to detect malware in new object uploads using Amazon GuardDuty.
-
Unskilled Cybercriminals May Be Leveraging ChatGPT to Create Malware
In a recent report, Israeli cybersecurity company Check Point warned that cybercriminals are already using ChatGPT to develop malicious programs on the Dark Web. According to Check Point, ChatGPT makes it possible for even unskilled threat actors to create functioning malware.
-
Virtual Machine Threat Detection in Google Security Command Center Now Generally Available
Google Cloud recently announced the general availability (GA) of Virtual Machine Threat Detection (VMTD) as a built-in service in Security Command Center Premium, which can detect if hackers attempt to mine cryptocurrency in a company's cloud environment.
-
Amazon GuardDuty Introduces Malware Detection
At the recent re:Inforce security conference, AWS announced the availability of malware detection for Amazon GuardDuty. The new functionality of the managed threat detection service initiates a scan of the EBS volumes when it detects suspicious behavior indicative of malware on EC2 or containers.
-
What Machine Learning Can Do for Security
Machine learning can be applied in various ways in security, for instance, in malware analysis, to make predictions, and for clustering security events. It can also be used to detect previously unknown attacks with no established signature.
-
Newest TeamTNT IRC Bot Steals AWS and Docker Credentials
Cybercrime group TeamTNT’s internet relay chat (IRC) bot has had its functionality expanded from resource theft for crypto-mining to include the theft of Docker API, AWS, GCP and secure shell (SSH) credentials. Researchers have identified multiple recent changes in post-invasion behaviour. The crime group have likened it to a 'Docker Gatling Gun'.
-
Trend Micro, Europol, and UNICRI Publish AI Misuse Report
Trend Micro, Europol’s European Cybercrime Centre (EC3), and United Nations Interregional Crime and Justice Research Institute (UNICRI) have jointly produced a report on current and possible future criminal misuse of AI. The report also includes a set of preparedness recommendations for policymakers, law enforcement, and cybersecurity experts.
-
Microsoft Releases Application Inspector, a Tool for Examining Code Security
In a recent blog post, Microsoft announced an open source tool that developers can use to detect security vulnerabilities in their software solutions. The tool is called Microsoft Application Inspector and is available on GitHub. As organizations try to reduce their time to market, oversights may occur. Application Inspector can be used to identify malicious code used in third-party libraries.
-
Introducing KiloGram, a New Technique for AI Detection of Malware
A team of researchers recently presented their paper on KiloGram, a new algorithm for managing large n-grams in files, to improve machine-learning detection of malware. The new algorithm is 60x faster than previous methods and can handle n-grams for n=1024 or higher. The large values of n have additional application for interpretable malware analysis and signature generation.
-
Intel Starts to Use GPUs for Malware Scanning
Intel has announced its new Thread Detection Technology (TDT), a set of silicon-based capabilities which use the processor GPU to scan memory for malware. This will free the CPU from that task and help mitigate the impact of defending against Spectre and Meltdown.
-
Multiple DNS Providers to Mitigate DDoS Attacks
Distributed Denial of Service (DDoS) attacks against Domain Name System (DNS) providers are increasing in number and scale with the proliferation of insecure IoT devices. While DNS providers have various methods of protecting themselves against such attacks, one of the ways for a website to protect itself is to use multiple DNS providers.
-
Discover What Malware is Really Doing with FireEye
Traditional signature based anti-virus/malware software is suitable for home users, but not for corporations. As seen repeatedly in the news, targeted attacks against specific companies are becoming more and more common. To combat this threat, advanced threat detection techniques are needed.
-
AnyPresence Soups-up Enterprise MBaaS Platform:Part 2 of 2
There is so much to learn about the latest Mobile Backend as a Service provider AnyPresence's 5.0 platform geared for the enterprise that this second post was needed. Co-founder Rich Mendis provides further insight for InfoQ readers…
-
Department of Homeland Security Weighs in on Threats to Mobile Devices
Especially branded as malicious in the unclassified document is an application known as Carrier IQ. The DHS specifically advises the various branches of the government to install a mobile app dedicated to removing the perceived security threat posed by any instance of Carrier IQ existing on their device.