The C&C infrastructures that cybercriminals rely on to compromise their victims can be just as vulnerable to exploits as the machines they infected in the first place, making them susceptible to possible retribution attacks.
WikiLeaks dumped more leaked CIA documents, publishing materials from a tool suite called Brutal Kangaroo that allows attackers to indirectly infiltrate a closed network or air-gapped computer using a compromised flash drive.
The AdGholas malvertising group conducted a new campaign in May and June 2017 using the Astrum EK to infect victims with Mole ransomware - an unusual change-up for these adversaries, who historically have favored banking trojans.
The Terror Exploit Kit is rapidly evolving, no longer bombarding victims with multiple exploits in scattershot fashion, but rather applying only the hacking tools that work best against a specific compromised machine.
The Shadow Brokers group that has been leaking alleged NSA hacking tools, is now threatening to launch a "Dump of the Month" service that will deliver more stolen tools and data to paying subscribers.
The information released has yet to be verified but revealed multiple zero days that Apple and Google said are being fixed.
Overwatch players can rest easier knowing that they can get a fair shake in their online battles after a thousands of hackers have been banned from the game.
The long-lived ElTest malware campaign that infects victims through compromised websites evolved once again in the last quarter of 2016, ending its use of exploit kit gates and obfuscation, according to researchers with Palo Alto Networks' Unit 42 threat research team.
Russian APT group Sofacy has upped the ante in its campaign to compromise organizations with its "DealersChoice" Flash Player exploit tool, even after Adobe patched a key Flash vulnerability that the tool was observed exploiting.
A recently discovered exploit kit called Stegano is infecting select machines via malicious banner ads that, by conservative estimates, have been delivered to over a million users in just the last two months.
A newly discovered malware program that targets older versions of the Android OS has infected roughly 1.3 million Google accounts, currently breaching devices at a clip of 13,000 victims per day.
White hat hackers invited to squash bugs in processors from chip vendor Qualcomm in a bid to fix the "Achilles Heel" of the IT industry.
Researchers have discovered a major vulnerability in Cryptesetup utility that can impact many GNU/Linux systems that just requires the enter key to be pressed for about 70 seconds.
Security researcher Samy Kamkar rolled out a hacking tool dubbed PoisonTap that can crack into a locked computer fully exposing the device to a myriad of potential hacking problems.
Researchers exploited vulnerabilities in Google's Pixel phone, Apple's Safari browser, and Microsoft Edge browser at the PwnFest 2016 hacking event.
Last week we took the 100,000 foot level view of the relatively new floki bot. This bot - allegedly modeled after Zeus 188.8.131.52 is selling in the underground marketplaces for around $1,000.
Ten days after privately disclosing an actively exploited, critical Windows vulnerability to Microsoft Corporation, Google's Threat Analysis Group went public with the flaw, despite the lack of a patch.
Russian hackers are employing zero-day exploits to infect target networks, according to security researchers at ESET.
Security researchers published details of the exploit in a research report entitled "Jump Over ASLR: Attacking the Branch Predictor to Bypass ASLR."
Oracle released its latest batch of patches on Tuesday to address 253 security vulnerabilities for 76 products.
Hackers exploited security vulnerabilities and weak passwords to burrow their way into a number of e-commerce sites, including that of the National Republican Senatorial Committee.
Internet of Things (IoT) devices running on the open-source Linux OS are under attack from NyaDrop.
An Italian researcher who discovered a bug in IBM WebSphere and then worked with the company for two months on fixing the flaw, had his research censored by Big Blue.
The increasing security provided by EMV payment cards, or chip cards, may be compelling European criminals to eschew the use of malware in favor of explosives to steal money from ATMs.
The bad actors behind a new malware contagion are exploiting the desperation of American college graduates looking for relief from their student debt.
Blockchain.info, a popular Bitcoin wallet provider, was knocked offline for seven hours on Thursday after a domain name system (DNS) attack.
Brazil has emerged as a primary center of financially motivated e-crime threat activity.
Heap overflow, out-of-bounds read and unallocated memory free operation vulnerabilities were addressed with a patch.