Countries in Latin America have been the primary targets in this campaign, researchers say.
Every Friday, after the SC Magazine news team has taken a few spins around the interwebs, we post some security-related links that we found interesting. We hope you do too.
Botnet operators are using a domain-generation algorithm to conceal their command-and-control center. And once they knew security researchers were on to their tricks, they got even slicker.
The Travnet botnet uploads Microsoft Office files, PDFs and text files to remote servers run by attackers.
Protecting mission-critical systems against cyber attacks has become a national priority for government, critical infrastructure and military sites, and a business priority for corporations.
Despite the arrests of Gozi ringleaders, the banking trojan still persists and is behind thousands of new infections in the United States.
The landmark annual data breach report analyzed 621 breaches from caseloads across 19 organizations throughout the world.
A trojan that uses a "magical" authentication code to communicate with its command-and-control server has compromised thousands of organizations around the globe. So far, however, it has remained largely silent.
Symantec's annual "Internet Security Threat Report 2013" concentrated on the success attackers are attaining by sabotaging legitimate websites.
German research institute AV-TEST conducted the study over a period of 18 months.
Fortinet researchers have tracked 100,000 new ZeroAccess trojan infections per week, making the botnet very lucrative to its owners.
How can it be that firms can feel confident in their security technology investments and their people, yet ultimately still believe that they remain at great risk?
Of the companies polled in a recent survey, eight in 10 indicated that they experienced web attacks in 2012.
As the debate on the usefulness of anti-virus continues, recent research reveals that a majority of malware is delivered via web browsing, skirting AV along the way.
Steve Durbin, global vice president for the Information Security Forum, discusses some of the problems security professionals face today.
Known for distributing postal-themed spam, the Asprox botnet has remained effective, though less noticeable due to evasion techniques.
We can prepare for whatever is over the horizon by enhancing our security architectures to prioritize our most important assets, while accounting for the changing attack vectors threatening them.
Robust growth in the information security profession is a sign of economic health in the overall economy, according to a new report from (ISC)2. And personnel skilled in emerging technologies and security as a business will be the ones who excel.
Cyber criminals are repurposing data-stealing trojans, once used primarily to steal banking information, to collect intellectual property, which can be sold for a higher price tag, according to a McAfee study.
Attackers primarily want cardholder data, which can be easily bought and sold underground to commit fraud, according to security firm Trustwave.
In the PC world, attackers prefer to compromise legitimate sites to spread malware. But in the realm of mobile, pornographic sites are the preferred launching pad for viruses.
Behind the rallying cry, "Privacy equals freedom," Ontario's Information and Privacy Commissioner Ann Cavoukian struck a partnership with Oracle to celebrate International Privacy Day: Jan. 28.
A young, Montreal-based computer science student, his former college and the institution's IT provider all found themselves thrust into the media spotlight over the student's stance on ethical hacking.
The secret behind the MetaFlows Security System (MSS) is that it really is a hybrid application.
The U.S. hosts 631 active command-and-control hubs for botnets, according to McAfee.
A younger workforce exhibiting risky online behavior is a trend that does not bode well for IT management faced with widening threats.
Although the promise of reduced costs has appealed to many enterprises looking to migrate legacy network systems to virtualization, security experts warn that the move must not trump careful contemplation and scrutiny by today's CIOs and IT leadership.
The "Cyber Targeted-Attack Analyzer" program would examine data sources across DoD's entire network to aid in threat detection.
Debate: Bug bounty programs - offering monetary rewards to researchers - help make companies more secure.
A bug report leads to an update in a Facebook app.