Find me on:

Emma Ban

Emma Ban is a Content Writer at Bitdefender. Having worked in the industry for more than three years, in both B2C and B2B areas, she has a deep understanding of the online threats that put at risk the security of both consumers and corporations. Thus, her main focus is to provide insights into security technology trends that enable safe environments for companies and their employees. She thoroughly enjoys traveling and has a special interest in fashion technology.

Recent Posts

5 Compelling Reasons to Add Cloud Security to Your Cloud Solution

Published on 10/23/15 02:30PM

OEM Business, Cloud Security

The cloud marketplace is in continuous evolution. As a cloud service provider, you’re facing new challenges every day: new cloud technologies are stealing your thunder, and new data breaches like the (in)famous Ashley Madison case are refreshing security concerns with regards to cloud services. And surely, when talking with potential customers, you’ve faced them more than once. You are expected to answer not only questions about the technology, scalability and cost of your solutions, but also about your security model.

Read More

Top Issues with Insecure Routers and Printers. How to Mitigate Risks?

Published on 10/07/15 02:00PM

Threats

The fact that home and office network devices are insecure is nothing new. For years now, security researchers have pointed out security holes in printers and home and office routers.  And we’ve already seen malware exploiting vulnerabilities in routers to spread to other connected devices, and even hackers exploiting these vulnerabilities to take over the devices and use them to launch DDoS attacks towards online services. A case in point: in one of the largest DDoS attacks to date, hackers were able to bring down Sony and Microsoft’s gaming platforms around Christmas last year, relying in great part on hacked internet routers. Taking control over millions of home routers protected by little more than factory-default usernames and passwords, they were able to create botnets of home and office routers, and use them to launch DDoS attacks on the online gaming services.

Read More

Malware-as-a-service Part III: What’s Next? Evolution and Mitigation

Published on 09/30/15 12:20PM

Threats

On July 5, the Italian surveillance company, Hacking Team, got hacked. Reportedly, hackers stole and made public 400 GB of data, including a number of spying/surveillance tools and vulnerability exploits. By July 8, one of these vulnerabilities, a Flash Player zero-day, was already being used by other malware actors to deliver Cryptolocker ransomware. Four days later, it was reported that at least another Adobe Flash vulnerability was being exploited. Needless to say, Adobe was in for some serious patching.

Read More

Top Threats to Securing the Cloud

Published on 09/10/15 02:30PM

Threats, Cloud Security

With more businesses realizing the benefits of cloud adoption, the demand for cloud services grows and becomes more diverse. As you diversify and extend your product/service offering to meet this demand, the challenge to secure the cloud becomes greater. Cybercriminals have proven time and time again how good they are at hacking company cloud networks and leaking confidential information. Does the most recent Ashely Madison hack ring a bell?

Read More

Malware-as-a-Service Part II: Tools of the Trade

Published on 08/31/15 03:30PM

On July 15, the US Department of Justice announced the FBI had taken down Darkode, one of the roughly 800 criminal Internet forums worldwide. According to the charging documents,

Read More

Malware-as-a-Service Part I: Cybercrime Getting Highly Organized

Published on 08/14/15 01:00PM

Threats

… and what businesses can learn from this undeniable fact

Did you know that cybercrooks can expect to earn 1,425% return on investment from a 30-day malware infection campaign?

Read More

Mobile Application Security: Soon Enough, Hackers’ Attack Vector of Choice

Published on 07/10/15 03:30PM

Mobile Security, Technology

… but overlooked by app developers and enterprises alike

Recently, the Bitdefender Research team found a security flaw in Instapaper. The popular Android app allows users to save and store articles for reading, particularly when they’re offline, on the go, or don’t have Internet access. Users have to create an account to be able to check notes, liked articles or access other options. The vulnerability discovered lies not in how the app “fetches” content from the web, but in the fact that it doesn’t perform any certificate validation. This opens the door for man-in-the-middle attacks [1]  that could allow an attacker to use a self-signed certificate, start “communicating” with the app, and collecting authentication credentials. Such an attack could have serious consequences, especially for those who use the same password for multiple accounts – they could have several accounts hacked into. 

Read More

Spammers Getting More Clever – An Analysis of Recent Spam Attacks

Published on 06/25/15 08:29AM

Threats, Network Security, Technology

There are many ways a spammer can infect a device with malware and capture confidential or banking information or sell counterfeit drugs, luxury items or software. A few years ago, spammers would register fictitious email accounts with many different webmail services to send spam messages which would capture private information or make victims partake in affiliate scams. As antispam companies became more proficient in identifying unsolicited messages through email domains and IP addresses, spammers began to use more clever techniques. An example is the so-called snowshoe spamming, in which spammers scatter their messages across a wide range of IPs and domains, in order to blur domain reputation metrics and evade filters. Recent years have seen a rise in snowshoe spam, but while this type of spam fits into a pattern, the way it’s executed may vary from one spam wave to another.

Read More

Ransomware Dominates the Current Security Threat Landscape. Most Likely, Its Future Too!

Published on 05/28/15 10:24AM

Threats, Endpoint Security

Lately, the security threat landscape has been undergoing some changes. No, we’re not talking about new types of malware spreading and ravaging end-users’ computers. We’re talking about a “shift in focus” in cybercriminal activity, influenced heavily by the latest trends in online payments.

If a few years ago, the popular way to make money using malware was creating (and deceiving people into downloading) FakeAVs, now the bad guys are focusing on Ransomware. And there are two main reasons for this focus shift:

Read More

How Important Are False Positives in Measuring the Quality of an Antimalware Engine?

Published on 05/21/15 11:35AM

OEM Business, Endpoint Security, Technology

Antivirus false positives are not always attributed the importance they deserve.

Picture this scenario: you download a program from a legitimate source and when you try to install it, your antivirus stops you saying it’s potentially malicious. What do you do?

Read More