From the Archives

From The Archives: Detecting BlackPOS and Poison Ivy

You’ve seen it over and over in the headlines…”Point of Sale (POS) systems attacked!” & “Remote Access Trojans (RATs) used by Hackers!“…and don’t expect to stop hearing about these any time soon. As long as we pay with credit cards, POS systems will be in use, and as long as they are, they will be the…

Read More

Understanding & Detecting Backoff POS Malware

Point of Sale (POS) malware has had its share of headlines this year. Now with the holiday shopping season underway POS systems will certainly be an enticing target for hackers to explore due to the payoff of thousands of fresh credit card numbers that will be run through these devices. “Backoff” is part of a…

Read More

New Onyx Variant of Boleto Malware Emerges

Revisiting a threat that we discussed a few months ago in the blog entitled RSA Uncovers Boleto Fraud Ring in Brazil, there continues to be attacks against the Brazilian payment processing method known as the Boleto. RSA Research provided a detailed report in July covering the payment system and the vulnerabilities exploited by a specific fraud…

Read More

Looking into the Crystal Ball – What’s Next for Cybercrime?

I am reminded of the dynamic nature of our industry every day, but it never becomes more apparent until you start making end-of-year predictions or pulling together a report on the current state of cybercrime. Just as we were about to wrap up and launch the RSA Current State of Cybercrime Report 2014, the Heartbleed exploit was announced and made front page headlines across the world. The persistent change in the threat landscape is what gives cyber defenders the passion to do what we do every day. Nobody can ever call our jobs dull or boring. But at the same time, it demonstrates how difficult it is to truly predict and prepare for “what’s next.”

Read More

The Ultimate Defense Against Advanced Persistent Threats

Sorry about that, I knew the title would pull you in…but what I have to say will, in the end, support the headline. The reason for the showmanship is that if the title had been “End User Training and Awareness is Important” or “Training End Users Will Help Your Bottom Line” you may not have […]

Read More