Researchers at IBM's X-Force have observed the Dridex banking trojan using DNS cache poisoning attacks to redirect victims to fake banking sites.
Researchers at Symantec discovered a backdoor trojan targeting the manufacturing industry in South Korea.
PandaLabs confirms what many of us already assumed to be fact: Malware is growing at never-before-seen levels. But it's got the statistics to back it up.
The most critical flaw could lead to the installation of the backdoor trojan Poison Ivy on victims' machines.
You can protect your brand's online reputation, says ZeroSpam's David Poellhuber.
Security firms are analyzing a rare piece of data-stealing and web traffic-tracking malware that is able to spread onto virtual machines from the host operating system.
A Windows vulnerability that Microsoft patched back in April continues to be used in targeted attacks against political, industrial and defense organizations.
One of the world's largest spam botnets, responsible for as much as a third of all unwanted mail sent as recently as last week, is finally offline, according to security firm FireEye.
Three men who used the SpyEye trojan to break into online bank accounts have been sentenced to prison in the U.K.
Protesters in Syria wanting to overthrow the Assad regime are being targeted in government-backed espionage efforts.
Suspicions that the sophisticated espionage toolkit Flame was created by the same authors as Stuxnet are true, according to a published report.
The only way to gain the upper hand on today's advanced adversaries is by being proactive -- even aggressive, a tactic that can take many forms, says Joel Yonts, CISO of an automotive supply company.
Researchers at security firm F-Secure said this week they have spotted a malicious PDF making the rounds that opens a legitimate copy of the Games' schedule, but in the background it tries to connect to a malicious website.
With a July 9 deadline looming for machines infected with the DNSChanger trojan to still be able to access the internet, Google is lending a helping hand to inform users of compromise.
Just when you thought all of the windows that control system recon trojan Duqu used to propagate had been roped off, the software giant releases a new set of fixes.
A new development in the criminal underground is to peddle trojans that steal credit card data from hotels.
Symantec analysis of the botnet shows that many computers remain compromised with the trojan, though hundreds of thousands have been cleaned, and the infrastructure contains a Twitter communication apparatus.
Apple has released a third update related to Flashback, but this time, the patch comes with a detection and removal capability for the prolific trojan, and disables Java by default.
A live exploit is making the rounds that takes advantage of a bug in Java, which has already been patched, but hasn't yet made its way to Mac OS X users.
Researchers have uncovered a rare instance of so-called espionage malware for the Mac OS X platform.
The year's first variant of the notorius W32.Duqu, a trojan that seems intended for cyber war, has been discovered by Symantec researchers.
The exploit, which is being used in targeted attacks, arrives as an email that contains a Microsoft Word file and a separate DLL file, a rare combination considering DLL files are not typically sent over email.
Symantec is trying to call attention to 13 applications that have showed up in the official Android Market over concerns that they contain software development tools that enable the theft of data.
The self-regulating authority of Wall Street is warning securities firms about a rise in customers' email accounts being hacked to deliver bogus funds transfer requests.
Researchers warned Thursday that a recently patched vulnerability in Windows Media is being used by remote attackers to launch malware.
Eighty-five percent of all malware is web-based, and some 30,000 websites are newly infected with malicious code each day, according to Sophos' "Security Threat Report 2012."
With the Super Bowl less than two weeks away, Symantec researchers said Tuesday that have spotted a malicious application in unofficial Android markets claiming to offer a version of the popular video game Madden NFL 12.
Defense contractors appear to be the prime target of sophisticated malware that attempts to take advantage of an unpatched flaw in Adobe Reader and Acrobat software.
On Oct 20, just two days after researchers released details about the Duqu malware, its creators scrubbed all the files from their command-and-control servers in an effort to conceal their identity.
Mobile malware authors have skipped the rudimentary phase and are immediately creating threats that mimic complex malicious code common in the traditional PC environment. But defense technologies are countering with sophistication of their own.
Sign up to our newsletters
SC Magazine Articles
- Skype targeted by T9000 backdoor trojan
- CISO salaries and demand for cyber-skills skyrockets, surprising no-one
- Student SSNs exposed in University of Central Florida breach
- Malwarebytes says sorry for multiple AV bugs, still unpatched
- Ransomware and POS attackers to zero in on small businesses, retailers
- ENCRYPT Act, Comey testimony show stark differences toward encryption
- Third-party app stores riddled with malicious apps, Trend Micro warns
- IBM: Phishing scams a major cause of bank breaches
- Panel approves Cobert as nominee for OPM director
- F-Secure: New malvertising campaign delivers ransomware via Skype, browsers