Trend Micro detailed the variant and attackers' delivery techniques.
The increase could be attributed to a recently discovered spam campaign that involves phony emails claiming to be from the Canadian Post or USPS.
Researchers at PhishMe warned of the campaign that uses purported payment confirmations to fool victims.
The bug, CVE-2014-6352, has a temporary solution, but still no permanent fix from Microsoft.
Email samples discovered by researchers at Trustwave reveal how attackers are infecting users with the DarkComet Remote Access Trojan.
Jaime Estrada was sentenced to nine months in prison and was ordered to pay a $10,000 fine.
Google announced Tuesday that it will begin warning Gmail users if they are being targeted by state-sponsored attacks in hopes that they can take "immediate steps" to secure their accounts.
Researchers at security firm F-Secure said this week they have spotted a malicious PDF making the rounds that opens a legitimate copy of the Games' schedule, but in the background it tries to connect to a malicious website.
Cyber criminals have cloaked spam to resemble US Airways check-in emails in phishing attempts that lead to Zeus trojan infections.
Trustwave, a cloud-based compliance and information security solutions provider, announced on Tuesday it will acquire M86 Security, a web security solutions and anti-malware provider.
The feature, which is currently available for users in the U.S. Canada, India, and the Philippines, requires a second form of verification beyond a password for any "suspicious" login attempt.
A message purportedly sent from the FBI Anti-Terrorist and Monetary Crimes Division is making its way to inboxes, threatening recipients that they will be arrested if they do not reply back.
Most spam messages sent in recent days have been delivered with subject lines containing fake order or ticket numbers, delivery invoices, payment notices or tax information, according to researchers from security firm Websense.
A Reddit user with the handle "Roddds" found the credentials of 47,000 webmail users after investigating a phishing message.
Attackers have been circulating a trojan via email messages with subjects such as "ACH payroll payment was not accepted by Central Trust and Savings Bank."
Patrick Ricciardi, 45, allegedly abused his access as an information systems specialist to spy on official emails meant for Hoboken, N.J. Mayor Dawn Zimmer.
Throughout the day, SC Magazine will be announcing the finalists from each of its 32 award categories, covering the Reader Trust, Professional and Excellence sections.
A Florida man pleaded innocent Tuesday to hacking into the email accounts of Scarlett Johansson, Mila Kunis, Christina Aguilera and dozens of other celebrities to steal photos, emails and other documents.
Researchers have discovered a way to evade Facebook security controls to deliver a message that could come outfitted with a malicious attachment.
A Florida man has been charged with hacking into the email accounts of Mila Kunis, Christina Aguilera, Scarlett Johansson and dozens of other celebrities to steal photos, emails and other documents. Christopher Chaney, 35, of Jacksonville was nabbed following an 11-month police investigation dubbed "Operation Hackerazzi," according to an FBI statement this week. Once he had access to a victim's email account, which he obtained by using publicly available information, he allegedly changed the settings so that all of their emails would be automatically forwarded to him. He also stole private photos, which he offered to celebrity blogs. Chaney was charged with accessing and damaging protected computers without authorization, wiretapping and aggravated identity theft. He faces up to 121 years in prison.
There were some definite trends that we observed this month. The first is that we are getting fewer physical appliances in favor of virtual ones.
Some users of the new social media service Google+ were inadvertently spammed with email notifications this weekend following a technical malfunction on the site. The error occurred during an 80-minute period when Google+, currently in beta, ran out of disk space on a system that keeps track of notifications, Vic Gundotra, a Google senior vice president of engineering, wrote in a Saturday post. "We didn't expect to hit these high thresholds so quickly, but we should have," Gundotra said.
Google+ is barely a few days old, but the criminal element already is capitalizing on users' interest in joining the new social networking service, according to Sophos. Researchers at the security firm have spotted a new campaign in which junk mailers are blasting out pharmacy spam disguised as invites to the online sharing portal. "[C]licking on the links will not take you to the new social network, but instead...to a pharmacy website set up to sell the likes of Viagra, Cialis and Levitra to the unwary," wrote Graham Cluley, senior technology consultant at Sophos, in a Friday blog post.
Cybercriminals are scrapping widespread malicious email campaigns for more targeted attacks, according to a new Cisco report.
Small and midsize organizations may want to take note: There is a particularly large Zeus spam campaign making the rounds.
Google has identified and disrupted a campaign operating out of eastern China meant to hijack and monitor the Gmail accounts belonging to hundreds of users, the technology giant revealed Wednesday.
Hackers late last week broke into Fox Broadcasting Company's website, Fox.com, and accessed personal information of tens of thousands of individuals who applied to appear on "The X Factor."
A spreadsheet containing the personal information of New York Yankees' season ticket holders was inadvertently emailed on Monday evening to more than 1,000 people.
Fallout continues, and new corporate victims come to light after the massive breach of an email marketing services provider.
A growing list of companies, including Capital One, U.S. Bank, Citigroup and JPMorgan Chase, are notifying customers that their email addresses were stolen by hackers.
Sign up to our newsletters
SC Magazine Articles
- Microsoft report explores dangers of running expired security software
- Survey: real-time SIEM solutions help orgs detect attacks within minutes
- Vulnerabilities identified in three Advantech products
- Android malware 'NotCompatible' evolves, spawns resilient botnet
- State Department hack may be tied to White House network breach
- Operators disable firewall features to increase network performance, survey finds
- Waste no time patching Windows Schannel, OLE bugs, experts warn
- Study: 68 percent of healthcare breaches caused by loss or theft of devices, files
- Spin.com redirects to Rig Exploit Kit, infects users with malware, Symantec observes
- Upping the ante: PCI Security Standard
- Study: Third of employees use company devices for social media and online shopping
- 'DoubleDirect' MitM attack affects iOS, Android and OS X users
- Swedish appeals court nixes Assange's plea
- Critical XSS vulnerability addressed in WordPress
- The Internet of Things (IoT) will fail if security has no context