Facilitating the Spread of Knowledge and Innovation in Professional Software Development



Choose your language

InfoQ Homepage malware Content on InfoQ


RSS Feed
  • What Machine Learning Can Do for Security

    Machine learning can be applied in various ways in security, for instance, in malware analysis, to make predictions, and for clustering security events. It can also be used to detect previously unknown attacks with no established signature.

  • Newest TeamTNT IRC Bot Steals AWS and Docker Credentials

    Cybercrime group TeamTNT’s internet relay chat (IRC) bot has had its functionality expanded from resource theft for crypto-mining to include the theft of Docker API, AWS, GCP and secure shell (SSH) credentials. Researchers have identified multiple recent changes in post-invasion behaviour. The crime group have likened it to a 'Docker Gatling Gun'.

  • Trend Micro, Europol, and UNICRI Publish AI Misuse Report

    Trend Micro, Europol’s European Cybercrime Centre (EC3), and United Nations Interregional Crime and Justice Research Institute (UNICRI) have jointly produced a report on current and possible future criminal misuse of AI. The report also includes a set of preparedness recommendations for policymakers, law enforcement, and cybersecurity experts.

  • Microsoft Releases Application Inspector, a Tool for Examining Code Security

    In a recent blog post, Microsoft announced an open source tool that developers can use to detect security vulnerabilities in their software solutions. The tool is called Microsoft Application Inspector and is available on GitHub. As organizations try to reduce their time to market, oversights may occur. Application Inspector can be used to identify malicious code used in third-party libraries.

  • Introducing KiloGram, a New Technique for AI Detection of Malware

    A team of researchers recently presented their paper on KiloGram, a new algorithm for managing large n-grams in files, to improve machine-learning detection of malware. The new algorithm is 60x faster than previous methods and can handle n-grams for n=1024 or higher. The large values of n have additional application for interpretable malware analysis and signature generation.

  • Intel Starts to Use GPUs for Malware Scanning

    Intel has announced its new Thread Detection Technology (TDT), a set of silicon-based capabilities which use the processor GPU to scan memory for malware. This will free the CPU from that task and help mitigate the impact of defending against Spectre and Meltdown.

  • Multiple DNS Providers to Mitigate DDoS Attacks

    Distributed Denial of Service (DDoS) attacks against Domain Name System (DNS) providers are increasing in number and scale with the proliferation of insecure IoT devices. While DNS providers have various methods of protecting themselves against such attacks, one of the ways for a website to protect itself is to use multiple DNS providers.

  • Discover What Malware is Really Doing with FireEye

    Traditional signature based anti-virus/malware software is suitable for home users, but not for corporations. As seen repeatedly in the news, targeted attacks against specific companies are becoming more and more common. To combat this threat, advanced threat detection techniques are needed.

  • AnyPresence Soups-up Enterprise MBaaS Platform:Part 2 of 2

    There is so much to learn about the latest Mobile Backend as a Service provider AnyPresence's 5.0 platform geared for the enterprise that this second post was needed. Co-founder Rich Mendis provides further insight for InfoQ readers…

  • Department of Homeland Security Weighs in on Threats to Mobile Devices

    Especially branded as malicious in the unclassified document is an application known as Carrier IQ. The DHS specifically advises the various branches of the government to install a mobile app dedicated to removing the perceived security threat posed by any instance of Carrier IQ existing on their device.