The latest detection systems from Cylance, McAfee, Microsoft and Tanium did not detect an attack by hackers exploiting Windows security holes. Over 130 threat intelligence reporting services also failed to catch the new threat.
Mr. Golan Ben-Oni of IDT Corporation discovered an attack on a computer connected to their network. It was not WannaCry, the malware that captured so much attention this year by spreading rapidly and encrypting hundreds of thousands of computers.
"This is different," said Ben-Oni. "It's a lot worse. It steals credentials [your login name or email and password]. You can't catch it, and it's happening right under our noses." See this article for the details.
The attack used a cyberweapon called DoublePulsar that prevents security alarms from responding when it penetrates a computer system. As a result, the malware was not detected when it stole credentials allowing it to gain broad access to the targeted computers.
What can you do about a threat like this? No one defense is perfect. It makes sense to have both the latest and greatest antivirus service and multiple backups of your irreplaceable files and data.