Good Ransomware Defenses Might Not Be As Complex As You Might Think

Posted by Craig Kensek on 5/20/16 4:43 PM


Read More

Topics: Advanced Malware Protection and Detection, Ransomware, antimalware

Don't Open That "Invoice" in Your Email...

Posted by Roger B.A. Klorese on 5/15/16 11:22 AM

...which you won't see if you have Lastline deployed.

(Once again, thanks to Lastline Director of Sales Engineering Dan Mathews.)

Last week saw a major ransomware campaign, one that essentially pairs a few new tricks at getting users to experience some long-standing vulnerabilities. It also exhibits a new level of perseverance, with dozens of links to ensure successful download of the second stage, the actual ransomware.

If you're running Lastline Enterprise in inline email inspection mode, you were protected by default from the first time your organization may have been hit by it. Lastline's behavioral analysis of the artifact recognized its malicious and evasive intent.

Read More

Visit Lastline at Infosecurity Europe, June 7 - 9

Posted by Craig Kensek on 5/6/16 3:55 PM


Come visit us at   Infosecurity Europe 2016 in London. The event runs from June 7 through 9.   It's considered one of Europe’s major information security events.  There will be  over 315 exhibitors displaying a range of products and services.  Attendance should top 12,000.  Infosec Registration (Free until June 6)

Read More

Topics: Security News, Advanced Malware Protection and Detection, Malware News

Forrester Wave: Lastline Enterprise a "Leader" in Automated Malware Analysis with Highest Ranked Current Offering

Posted by Brian Laing on 4/26/16 6:05 AM

Forrester is one of the most influential research and advisory firms in the world. One of the main ways they publish information about markets and technologies for their enterprise customers is using a methodology called The Forrester Wave™. 

Last week, they released their assessment of the APT/advanced malware marketplace, "The Forrester Wave: Automated Malware Analysis, Q2 2016." We are proud to announce that Forrester recognizes us as a leader in advanced malware analysis, detection, and protection.

Read More

Topics: Lastline News, Lastline Enterprise, Forrester, Analyst Ratings

Lastline Wins Cybersecurity Excellence Award for Advanced Persistent Threat Protection

Posted by Craig Kensek on 4/22/16 4:53 PM


Read More

Topics: Security News, APT, Malware News

Malware News: CVE-2016-1019 Zero-Day Flash Exploit: Malware Is as Malware Does

Posted by Roger B.A. Klorese on 4/18/16 5:07 PM

(With thanks to Lastline Director of Sales Engineering Dan Mathews for the heavy lifting.)

Within the last couple of weeks, the blogosphere has reported on a new Magnitude Exploit Kit campaign, which was recently confirmed as leveraging a zero-day Flash exploitAdobe Flash Player and earlier is vulnerable; the flaw allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unspecified vectors, and has been observed to deliver Cryptowall 3.0 ransomware. While an earlier patch mitigated the behavior somewhat, Adobe was forced to release an emergency patch.

Read More

Topics: Advanced Malware Detection, Malware Behavior, Malware News

Visit Us at ESRM London on April 26

Posted by Craig Kensek on 4/3/16 8:00 PM


It has been a busy first quarter for Lastline. We presented at a pair of sessions at RSA San Francisco. We won seven 2016 Global Excellence Awards® - three Gold, one Silver, and three Bronze - as well as the Grand Trophy in Info Security Products Guide's 2016 Global   Awards in March .  We promoted our leadership position in the 2015 NSS Labs Breach Detection study on a pillar at RSA.  Also, we have added an experienced security veteran to our executive team.

Read More

Topics: Lastline Labs, Deep Content Inspection, nss labs

Hey, Hey, Malware... 'Sup?

Posted by Roger B.A. Klorese on 3/31/16 5:30 AM

(Major thanks to Lastline's Co-Founder and Chief Scientist Dr. Christopher Kruegel for the "heavy lifting" including the detailed Research Note and the data analysis that supports it.)

That title may seem a bit, or even a lot, too friendly, considering that malware is certainly no friend of ours, or of you and your organization, for that matter. But we definitely do spend a lot of time with it.

We detonate and analyze a ton of malware samples daily in our cloud and on-premise at our customers in our Deep Content Inspection™ sandboxes. And periodically, we take a step back and look at the body of data, to see if we can spot any trends in how malware behavior is changing. We did this recently for the data that we collected in 2015, and observed three types of malicious behavior that increased significantly, as well as an ongoing pattern in evasive behavior.

Read More

Topics: Evasive Malware, Bank Malware, Lastline Labs, Banking Trojan, Browser Modification, Code Signing

Lateral Movement: Do You have Enough Eyes?

Posted by Dr. Giovanni Vigna on 3/22/16 10:09 AM

Sophisticated attackers can find their way into a corporate network in many ways. An attack could come from an external source, through the exploitation of a service, or by being brought in by a user whose laptop has been infected while traveling. As the network infrastructure of an enterprise evolves, its exposure to attacks evolves as well. For this reason, it is challenging to provide a comprehensive approach that will prevent all attacks: sooner or later, an attack will be successful in penetrating the enterprise network.

Read More

Topics: APT, Lateral Movement

Malware News: Android Protection to Bank On

Posted by Roger B.A. Klorese on 3/21/16 3:49 PM

Last week, banks in Australia, New Zealand, and Turkey saw the distribution of malware that steals credentials from users of their apps on Android phones and tablets, as well as intercepting the two-factor authentication codes users can receive via text message for increased security. Delivered in the guise of an Adobe Flash Player updater, the malware presents a fake login screen in advance of the real one on the banking apps, tricking users into giving up their credentials. The malware, known by some virus indexers as Android/Spy.Agent.SI, spoofs and intercepts logins for Australia's Big Four banks, as well as dozens of other financial institutions in Australia, New Zealand, Turkey, and elsewhere - Wells Fargo is one known target elsewhere. And, for good measure, it intercepts login attempts on PayPal, eBay, WhatsApp, Skype, and several Google services.

Read More

Topics: Malware Analysis, Malware in the wild, Ransomware, Malware News

Subscribe to Email Updates