Malware News, Articles and Updates
With summer just around the corner, people are looking for quick diet solutions online to get their bodies 'beach ready'. A third of Brits (34 percent) are willing to sacrifice their online safety to lose a few pounds by clicking on potentially malicious websites that offer to help 'lose belly fat'.
A new scam is tricking users of WhatsApp into downloading a so-called exclusive version of the app called 'WhatsApp Gold', which infects mobile devices with malware.
The criminal developers behind the ransomware DMA Locker have for the third time updated the malware rolling out 4.0 version several days ago.
Although an Adobe update to its Flash program fixed a zero-day vulnerability, attackers are still taking advantage of it as many users have failed to install the patch.
Researchers at Switzerland's CERT found malware on the network of defense contractor Ruag bearing similarities to malware used by Turla APT, a Russian cyberespionage group.
Researchers spot threat actors flocking to CryptXXX after TeslaCrypt authors close shop.
Researchers at endpoint security solutions company Invincea have discovered a new variant of Cerber ransomware that could lock out legitimate users, while still allowing attackers to potentially launch DDoS attacks against other networks.
Operation Ke3chang, the APT that in 2013 was discovered targeting Europe-based Ministries of Foreign Affairs, not only apparently remains active but also seems to be leveraging a new family of malware called TidePool.
Microsoft researchers recently detected a file containing a VBA project that scripts a malicious macro.
Updated: A worm that made its way into Ubiquiti Networks equipment through outdated AirOS firmware has wreaked havoc on ISPs and others that use the Ubiquiti networking platform.
Researchers spotted Petya and Mischa ransomware bundled together in a single malicious payload.
The authors of the TeslaCrypt ransomware have publicly released the master decryption key that unlocks files encrypted by the malware in efforts to close up shop and go home for good.
Avoiding detection is generally a top priority for any malicious code developer, but the creators of the newly discovered "Furtim" truly appear to have gone the extra mile to ensure that their malware flies under the radar.
Cyphort Labs spotted a new Angler Exploit campaign that has already infected at least 19 websites.
Researchers have discovered a malware-based APT dating back to 2008 that at least appears to target political enemies of Ukraine, including pro-Russia separatists in the disputed eastern region of the country.
A variant of the malware family Acecard was detected in the Google Play store by researchers at Lookout.
A click-fraud botnet dubbed "Redirector.Paco Trojan" has infected 900,000 IPs worldwide.
Another gray hat hacker has tampered with the distribution of Locky ransomware, replacing the payload with a public-service message to potential victims, warning them not to open strange files.
Tech support scammers are changing their strategy by adding malware to their payloads, effectively holding the victim's device for ransom until the "repair fee" is paid.
Kaspersky Lab researchers discovered a new and improved version of the ATM malware dubbed "Skimmer" that turns ATMs into payment card skimmers.
The Super-Bright LED Flashlight app, which has been downloaded millions of times, is by itself safe, but some of the ads served with the app deliver malvertising and scams, according to Trend Micro.
Vietnam's Tien Phong Bank came forward claiming to be the second bank that was attacked with a fake message sent through The Society for Worldwide Interbank Financial Telecommunication (SWIFT) messaging system.
Hundreds of different banking Trojans attack Android users, one being Android.SmsSpy.88.origin, which was first spotted in 2014.
For the second consecutive year, Ponemon Institute's annual study on the state of security and privacy in health care found that cybercrime was the leading cause of data breaches among hospitals and other medical providers.
Concern for hacking prompted the U.S. House of Representatives to block lawmakers from accessing software apps residing on a Google cloud service.
Point-of-sale (POS) malware is still a clear and present danger, say Proofpoint researchers.
The investigation into the bank heist that cost Bangladesh's central bank $81 million has taken a byzantine turn, as a new report surfaced of multiple hacking groups infiltrating the bank's network.
Members of the U.S. House of Representatives and staffers received warnings that the House network has received a rise in attempted ransomware attacks.
Security researchers discovered popular Android applications that execute remote code on devices and use the infected devices to create botnets that engage in ad fraud, DDoS attacks, and spam messages.
Mere hours after word spread last week of a remote code execution vulnerability in the image-processing software ImageMagick, bad actors were already actively exploiting it in the wild
SC Magazine Articles
- Some U.S. Bancorp workers' W-2 info exposed in ADP data breach
- Spearphishing attack nets $495K from investment firm
- Updated: Gmail, Yahoo email credentials among millions found on the dark web
- Report: Ransomware feeds off poor endpoint security
- Organizations need formal vendor risk management programs, study
- 34% of Brits willing to sacrifice their online safety for weight loss
- Banks fail to innovate, blaming info security fears, report
- It's a trap! WhatsApp Gold 'premium' version lures users to malware
- 2.5K Twitter accounts hacked to spread links to adult content
- Study: Federal agencies still lack strong cyber hygiene practices