Malware

Android trojan sends premium SMS messages, targets U.S. users for first time

Android trojan sends premium SMS messages, targets U.S. users for first time

By

An SMS trojan for Android, known as FakeInst, has been observed sending premium SMS messages to users all over the world, including, for the first time, the United States.

Critical update makes P2P Zeus trojan even tougher to remove

Critical update makes P2P Zeus trojan even tougher to remove

By

An update to the P2P Zeus banking trojan results in the installation of a rootkit driver that makes deleting the malware even tougher.

Attackers target Facebook to deliver Android iBanking malware

Attackers target Facebook to deliver Android iBanking malware

By

A Windows trojan delivered via drive-by download is injecting malicious content into Facebook and ultimately fooling users into downloading Android malware that can allow for the capturing of SMS messages.

POS malware risks millions of payment cards for Michaels, Aaron Brothers shoppers

POS malware risks millions of payment cards for Michaels, Aaron Brothers shoppers

By

An investigation dating back to January has finally confirmed that malware on point-of-sale systems may have compromised payment card data for millions of Michaels Stores and Aaron Brothers customers.

A Starbucks scam is brewing, phishing emails contain Zeus attachment

By

Emails purporting to come from Starbucks actually come attached with a modified version of the Zeus banking trojan, but numerous spelling and grammar mistakes should give the scam away.

Indictment charges 'Jabber Zeus Crew' with using malware to steal millions

Indictment charges 'Jabber Zeus Crew' with using malware to steal millions

By

Nine individuals are charged in an operation dating back to 2009, which involved infecting computers with the Zeus trojan and using the malware to steal millions.

Trojanized Android apps steal authentication tokens, put accounts at risk

Trojanized Android apps steal authentication tokens, put accounts at risk

By

Rogue Android apps can steal authentication tokens and risk the accounts of some of the most widely used services, including Google, Facebook and Twitter.

Popular ad server patches SQL injection flaw impacting platform

Popular ad server patches SQL injection flaw impacting platform

By

Orbit Open Ad Server was vulnerable to SQL injection attacks, which could result in website visitors' information being stolen via malvertising, a security firm found.

Zeus variant uses valid digital signature to avoid detection

Zeus variant uses valid digital signature to avoid detection

By

Anti-virus company Comodo has identified a variant of the infamous Zeus trojan that is avoiding detection by using a valid digital signature.

Report: Neiman Marcus breach work of Russian hackers who targeted Heartland

Report: Neiman Marcus breach work of Russian hackers who targeted Heartland

By

The group being implicated has stolen over 160 million card numbers over the years by hacking organizations, including Heartland Payment Systems, Visa and 7-Eleven.

Android app vulnerabilty puts Chinese users at-risk

By

The vulnerability allows fake apps to hijack real app updates then uses them to steal stored information.

Intrusion deception: Making a case for middle ground in malware mitigation

Intrusion deception: Making a case for middle ground in malware mitigation

As the Target and Neiman Marcus data breach stories continue to evolve, so too does the story of how to combat malware.

Malware on Kaiser Permanente server since 2011 impacts 5,100 members

By

Kaiser Permanente is notifying about 5,100 members living in the Northern California region that their personal information may be at risk after malware was discovered on a server.

Cryptocurrency mining malware discovered on surveillance DVRs

Cryptocurrency mining malware discovered on surveillance DVRs

By

Cryptocurrency mining malware has been discovered on DVRs that record footage taken by surveillance cameras.

24,000 computers worldwide infected by Middle Eastern malware

By

Experts have discovered a piece of malware that has infected 24,000 computers worldwide, and has been used by up to 487 criminal groups.

The zombie's bite: Avoiding a botnet

The zombie's bite: Avoiding a botnet

By

Some advice from pros for keeping your infrastructure out of the snares of a botnet. Alan Earls reports.

Know your friends: Partnering with the right allies

Know your friends: Partnering with the right allies

By

Choosing the right allies to ensure security requirements is a challenge for businesses both large and small, reports James Hale.

News briefs: Revelations at RSA Conference, zero-day fixes and more security news

News briefs: Revelations at RSA Conference, zero-day fixes and more security news

By

This month's news briefs includ revelations at the RSA Conference 2014 in San Francisco, new malware, zero-day fixes and more security news.

CryptoDefense rakes in $34K in bitcoin ransom

By

In the month since its discovery, CryptoDefense has been profitable for its authors who have targeted Windows users, Symantec says.

Cutwail operators aim DDoS at Zeus competitors

Cutwail operators aim DDoS at Zeus competitors

By

Researchers at RSA noted the "battle of the botmasters" taking place.

Cryptocurrency-mining apps discovered on Google Play store

By

At least two apps have been discovered on the official Google Play store that mine for cryptocurrencies, but overheating mobile devices and decreased performance may tip off Android users.

WinRAR spoofing vulnerability being exploited in malware campaign

WinRAR spoofing vulnerability being exploited in malware campaign

By

A WinRAR vulnerability is being taken advantage of in a malware campaign targeting government and international organizations, as well as Fortune Global 500 companies.

Windows trojan packs punch, downloads ransomware "Cribit"

Windows trojan packs punch, downloads ransomware "Cribit"

By

Cribit ransomware demands Bitcoin payment to decrypt hostage files, Trend Micro reveals.

Gameover variant of Zeus trojan targets Monster and CareerBuilder

By

The Gameover variant of the Zeus trojan is targeting employment sites Monster and CareerBuilder, according to F-Secure researchers.

MitM attackers posing as banks, other major groups, tough to detect

MitM attackers posing as banks, other major groups, tough to detect

By

PhishLabs researchers have identified a man-in-the-middle attack campaign that involves hackers posing as major organizations, including banks.

CryptoLocker ransomware hits Vermont chamber of commerce

By

The infamous CryptoLocker ransomware made its way into the computer systems of a Vermont chamber of commerce, costing it $5,000 to replace computers, servers and hard-drives.

Pileup flaws enable privilege escalation during Android updates, researchers find

Pileup flaws enable privilege escalation during Android updates, researchers find

By

Under the right conditions, simply updating any Android device can enable an attacker to escalate app privileges and carry out all sorts of malicious things.

Zorenium bot said to be updated for iOS, capable of various attacks

Zorenium bot said to be updated for iOS, capable of various attacks

By

A new multipurpose bot known as Zorenium has recently been updated to work with iOS devices, according to the alleged author.

Attackers get cash out of ATMs by sending SMS messages

Attackers get cash out of ATMs by sending SMS messages

By

Criminals are using SMS messages to get cash out of ATMs, according to Symantec.

Exploit identified that takes advantage of Adobe vulnerability

By

A new exploit in the wild takes advantage of a disclosed Adobe vulnerability, according to ThreatTrack Security Labs.

Sign up to our newsletters

POLL