Researchers have attributed six separate phishing campaigns targeting South Koreans in either 2017 or 2018 to a single threat actor called "Group123," including multiple operations designed to infect victims with the remote administration tool ROKRAT.
A new variant of the disk wiping malware KillDisk is targeting financial firms in Latin America to wreak havoc without leaving so much as a note.
An independent security researcher has done a quick analysis of a new Mac OS X DNS hijacker that is closely related to a previously uncovered Windows-only version that is capable of allowing man-in-the-middle attacks.
More than a half-million workstations at major global organizations were reportedly found infected with malicious Chrome web browser extensions that were likely used to commit click fraud and search engine optimization manipulation.
The cyberespionage gang Pawn Storm had an extremely active second half of 2017 with targets ranging from the Olympic Wintersports Federations to various political targets.
Cybercriminals have been spiking game apps, including several aimed at children, with malware that displays pornographic ads, pushes fake security apps, and registers users for premium services with permission.
A phony and malicious application imitating the Telegram app made its way into the Google Play Store posing as a newer updated version of the popular messaging app.
Malwarebytes researcher Jerome Segura analyzed a RIG exploit campaign distributing malware coin miners.
A newly discovered mobile malware program that primarily targets Russian banking customers can take over victims' SMS capabilities, allowing cybercriminals to intercept text messages that contain bank security codes, and then use those codes to reset bank account passwords.
Taiwanese police handed out malware-laden USB sticks as prizes for a security quiz given during an infosec conference in December 2017.
Researchers have discovered a fake utility app called Swift Cleaner that they believe may be the first Android mobile malware developed using the open-source Kotlin programming language.
LockPoS, a point-of-sale malware program discovered in 2017 stealing payment card data from computers' memory, is now using a new malware injection technique designed to bypass antivirus hooks and evade detection.
Cybercriminals launched a cyberattack using the official website of a Ukraine-based accounting software developer to distribute a new variant of Zeus over a. Ukrainian holiday.
A newly discovered mobile adware program called LightsOut was recently observed in numerous fake Android flashlight applications, reportedly prompting their removal from the Google Play Store.
What remains of the Andromeda botnet that was largely dismantled in a November 2017 global law enforcement operation will probably "slowly disappear" as remediation continues into 2018, predicted one cybersecurity company that assisted in the investigation.
Trend Micro researchers notified Google of a total of 36 malicious apps on Google Play posing as security tools.
Non-malware-based cyberattacks were behind the majority of cyber incidents reported in 2017, despite proliferation of malware available to both the professional and amateur hacker.
A POS malware infection was responsible for compromising payment card data collected at certain Forever 21 stores last year -- an attack that was exacerbated by a lack of encryption on some devices, the apparel retailer stated.
The Necurs botnet continued to launch massive global ransomware attacks through the Holiday Season with researchers stopping as many as 47 million emails per day.
Cybercriminals are spoofing scanners by the millions to launch attacks containing malicious attachments that appear to be coming from the network printer.
Adversaries are using the lure of free online software downloads to infect unknowing victims with a customized version of cryptocurrency mining software from the NiceHash marketplace.
The same threat group that was responsible for extorting victims with VenusLocker ransomware last year has now shifted its attention to cryptocurrency mining, according to new research.
Attackers continue to exploit a recently patched remote code execution vulnerability in the Microsoft Equation Editor component of Microsoft Office, this time using the bug to deliver a modified version of Loki information-stealing malware.
An Android trojan has been described as a jack of all trades due to its complicated modular architecture.
Mozilla scared and or upset several of its users with the unannounced addition of a new plug-into promote the hacker show Mr. Robot.
Several new reports have surfaced detailing North Korean state interest in targeting and attacking cryptocurrency exchanges as a means of enriching itself.
With just a few more shopping days available before Christmas, cybercriminals are taking advantage of online shoppers' frenzied buying habits by injecting the Zeus Panda banking trojan into a wide range of retail and travel sites, along with spreading the malware through malspam.
Trend Micro researchers spotted two ATM malware families which raise concern of what's to come.