Malware News, Articles and Updates

Curtain closes on Ransomware Encryptor RaaS, but with master key

Curtain closes on Ransomware Encryptor RaaS, but with master key

By

Those victims targeted over the past year by the ransomware as a service named Encryptor RaaS may be at a loss to ever recover their encrypted files.

Android.Lockerscreen using pseudorandom passcodes to ensure payouts

Android.Lockerscreen using pseudorandom passcodes to ensure payouts

By

The Android.Lockerscreen ransomware is now using pseudorandom numbers and other tactics to prevent victims from unlocking devices without paying.

Tesla security updates includes code signing feature

Tesla security updates includes code signing feature

By

Tesla has releases a major firmware update in response to a video posted by a group of Chinese researchers that displayed a series of vulnerabilities the electric car company's vehicles.

RIG EK rigged to steal tricks from Neutrino in fight to fill Angler's void

RIG EK rigged to steal tricks from Neutrino in fight to fill Angler's void

By

Malwarebytes researchers spotted a large malvertising campaign delivering the RIG exploit kit on popular sites including answers(dot)com.

How to sell RaaS: Petya and Mischa marketing tactics

How to sell RaaS: Petya and Mischa marketing tactics

By

Avast researchers examined some of the marketing tactics used by Janus Cybercrime Solution, the cybergang behind the Petya and Mischa

185M incidents bypassed perimeter defenses - report

185M incidents bypassed perimeter defenses - report

By

Two recent reports warn of the dangers of over-reliance on perimeter security as an enterprise defense method.

Android.Xiny trojan receives upgrade

Android.Xiny trojan receives upgrade

By

A new version of the Andoid.Xiny trojan that can now root a device to gain admin privileges and that is harder to uninstall has been spotted by security researchers.

Voldemort ransomware rears its ugly head

Voldemort ransomware rears its ugly head

By

Death Eaters, or perhaps just bad guys, with a taste for the Harry Potters franchise have unleashed a new strain of ransomware they've dubbed Voldemort, named for the villain of the book and movie series.

MarsJoke ransomware distributed via Kelihos, targets U.S. state, fed gov't agencies

MarsJoke ransomware distributed via Kelihos, targets U.S. state, fed gov't agencies

By

A large-scale email campaign was spotted distributing a new ransomware variant called MarsJoke.

Hotel operation run by Donald Trump settles breach suit with $500K fine

Hotel operation run by Donald Trump settles breach suit with $500K fine

By

In a settlement, the hotel chain operated by Republican presidential candidate Donald Trump will fork over $500K in fines and improve the security of its computer network.

Malware evades researchers' VM environments by looking up their Word doc history

Malware evades researchers' VM environments by looking up their Word doc history

By

One of the techniques malware can use to evade researchers' virtualized or sandbox environments is accessing recent documents to determine if the infected machine has a history of legitimate usage.

Malicious websites visited every five seconds by enterprise workers, report

Malicious websites visited every five seconds by enterprise workers, report

By

A user at an enterprise organization accesses a malicious website every five seconds, according to research published by CheckPoint.

Hairy situation: Just For Men website rigged to redirect to RIG Exploit Kit

Hairy situation: Just For Men website rigged to redirect to RIG Exploit Kit

By

Executives at Combe Incorporated may have sprung a few new gray hairs after learning that the website for its Just for Men brand of hair coloring products was compromised to serve up malware.

Report, framework to balance safety and reliability needs of industrial operations

Report, framework to balance safety and reliability needs of industrial operations

By

The Industrial Internet Consortium (IIC) published a framework technical report to help organizations balance the safety and reliability needs of industrial operations.

DetoxCrypto ransomware imitates Malwarebytes software

DetoxCrypto ransomware imitates Malwarebytes software

By

Malwarebytes is warning users of a a variant of DetoxCrypto ransomware that is imitating the security vendor's software.

Dropbox moves to change install on Mac

Dropbox moves to change install on Mac

By

Mac users are claiming a Dropbox function that loads the desktop client of its cloud storage service on the accessibility menu of their system works like malware.

Locky developers upgrade ransomware's ability to perform offline encryption

Locky developers upgrade ransomware's ability to perform offline encryption

By

A new analysis of Locky ransomware configurations by IT security firm Avira has revealed improved offline capabilities that enhance its ability to automatically encrypt victims' files, without interaction with a command-and-control server.

Cybercrooks use drive-by malware to rob Reddit users' cryptowallets

Cybercrooks use drive-by malware to rob Reddit users' cryptowallets

By

Details of the attack are still blurry, attackers appear to be using malicious links designed to appeal to users monitoring the evolution of the Bitcoin prices.

Crysis ransomware now attacking businesses in Australia and New Zealand

Crysis ransomware now attacking businesses in Australia and New Zealand

By

Australian and New Zealand businesses are being hit with a ransomware campaign.

DOJ report, FBI impersonated journalist to infect suspect with malware

DOJ report, FBI impersonated journalist to infect suspect with malware

By

The U.S. Justice Department released a review of the FBI's impersonation of an Associated Press (AP) editor to infect a suspect with malware.

Quant Loader trojan downloader spotted in the wild

Quant Loader trojan downloader spotted in the wild

By

Forcepoint has come across a new trojan downloader called Quant Loader that has been spotted distributing Locky Zepto crypto-ransomware and Pony malware.

Sites associated with both presidential contenders spring leaks

Sites associated with both presidential contenders spring leaks

By

Data theft knows no boundaries. Personal information has been siphoned out from databases connected to both presidential campaigns.

Trojan distribution methods highlight need for info sharing in financial services industry

Trojan distribution methods highlight need for info sharing in financial services industry

By

As financial institutions scramble to prevent more attacks like the cyber heists that targeted SWIFT members, a recent report offers additional cause for the sector to improve information sharing practices.

Researchers discover spam email campaign using malicious MS Publisher to create backdoor

Researchers discover spam email campaign using malicious MS Publisher to create backdoor

By

A campaign of spam emails that use Microsoft Publisher attachments to infect companies with a Windows backdoor was disclosed by researchers.

Spike in malvertising attacks targeting adult websites

Spike in malvertising attacks targeting adult websites

By

A new Neutrino exploit kit invades a hack of a third-party ad server to deliver ransomware to adult website visitors.

Hackers hit Seagate NAS devices with cryptomining malware

Hackers hit Seagate NAS devices with cryptomining malware

Crypto-currency mining malware is back, driven in part by the growing popularity of alternatives to Bitcoin that are easier to mine and the increasing power of GPUs.

GovRAT 2.0 in the wild and hitting U.S. government agencies

By

The malicious actors behind the GovRAT malware have upgraded it to version 2.0 and using the new version to hit even more targets and increase the price of the software, now starting at $1,000.

Alleged vDOS creators nabbed in Israel

Alleged vDOS creators nabbed in Israel

By

Two Israeli teenagers were arrested for their alleged part in the running of vDOS, a so-called booter service selling kits for distributed denial-of-service (DDoS) attacks.

New RAA ransomware variant performs own encryption, attacks businesses

New RAA ransomware variant performs own encryption, attacks businesses

By

The ransomware RAA, which incorporates the information-stealing trojan Pony, has evolved to more effectively target companies, encrypting victims' files and stealing their data, most likely to infect their business contacts via spear phishing.

Leaked catalogue reveals disinformation campaign for sale

Leaked catalogue reveals disinformation campaign for sale

A leaked catalogue has exposed one India-based tech company's attempts to sell cyber-warfare services and disinformation campaigns

RECENT COMMENTS

Sign up to our newsletters

FOLLOW US