Black Hat 2021: Lessons from a lawyer
Posted inTop News

Black Hat 2021: Lessons from a lawyer

Why companies and their security teams need to engage with a lawyer before an incident occurs Presentations at Black Hat often involve slides full of data or code. Rarely, or maybe never, have I seen a slide that details parts of a policy, contract or general legal text. Nick Merker, a partner at ICE Miller…
IISpy: A complex server‑side backdoor with anti‑forensic features
Posted inTop News

IISpy: A complex server‑side backdoor with anti‑forensic features

The second in our series on IIS threats dissects a malicious IIS extension that employs nifty tricks in an attempt to secure long-term espionage on the compromised servers ESET researchers have discovered and analyzed a previously undocumented backdoor, implemented as an extension for Internet Information Services (IIS), Microsoft’s web server software. The backdoor, which we…
Black Hat 2021: Wanted posters for ransomware slingers
Posted inTop News

Black Hat 2021: Wanted posters for ransomware slingers

Is the net closing in on cyber-extortionists and can bounties on their collective heads ultimately help stem the ransomware scourge? Here at Black Hat, the CISA keynote promises to deliver increased cooperation within government agencies over cybercriminals, especially those focused on critical infrastructure and ransoms against systems that might cripple the country. But that’s not…