In this InfoSec Insider, Tim Bandos looks at why network admins will want to keep a close watch on network traffic within the enterprise.

Researchers are warning malware payloads can bypass traditional AV protection when delivered buried inside images, documents or even just a pixel.

An Iran-linked group is linked to a massive spear phishing campaign that sends malicious Word Docs to victims in Asia and the Middle East.

As recently as Wednesday afternoon, a U.S. government website was hosting a malicious JavaScript downloader that led victims to installations of Cerber ransomware. The malware link has since been taken down.

A string of data thefts targeting North American mining companies and casinos are extorting as much as $620,000 from victims.

IBM quietly released a workaround fix for a vulnerability in its Spectrum Protect enterprise backup software it has known about since September 2016.

Microsoft shuts down hackers who hijacked a software updater with fileless, or in-memory, malware attacks.

New clues surface on Shamoon’s ability steal credentials ahead of attacks.

Researchers say fileless in-memory malware attacks have become a major nuisance to businesses and have become even harder to detect and defend.

A unique attack called DNSMessenger uses DNS queries to carry out malicious PowerShell commands on compromised computers.