This week's episode of Salted Hash takes a look at insider threats and the return of Matrix Banker, a family of malware that is targeting organizations in Mexico. Our guest is Justin Fier, the director for cyber intelligence and analysis at Darktrace, the organization that spotted the second wave of Matrix Banker attacks.Matrix Banker:
Matrix Banker was first discovered in late May (and disclosed in early June) of 2017 by Arbor Networks. Targeting countries in Latin America, the name comes from the malware's C2 (Command & Control) admin portal, which uses a Matrix theme.
Would you give up a customer's data or credentials if that was the demand in a ransomware attack? No financial payment, just a password, or a document. That's a nightmare scenario, and it's just one of the few that Steve Ragan and Rick McElroy, Security Strategist at Carbon Black talk about on this week's episode of Salted Hash.
Throughout the episode, Rick and Steve discuss a recently published report on ransomware economies. CSO's coverage of that report is available now. In addition, they also discuss how ransomware is being spread now that email is no longer a primary delivery method, attacks on platforms other than Windows, and the future of malware.
Tracking real-world scans on systems over the first six months of 2017, Malwarebytes says that typical desktop anti-virus solutions aren't cutting it.
The company examined detection data from nearly 10 million endpoints, and discovered some of the most notable names in the anti-virus industry - even those who rank high in lab testing - are missing basic threats completely.
Malwarebytes released their data just before Halloween, and the report takes aim at current state of anti-virus lab testing. Coincidentally, while the company usually earns high marks in such tests, they say the true value of lab testing is yet to be determined, "as malware in the wild behaves in a manner significantly different from laboratory samples – even recently captured samples apprehended in security honeypots."