Malware & Vulnerabilities

Malware and vulnerabilities news, trends, analysis and practical advice

buried under documents
Risk AwarenessBy
IDG Contributor Network

Are you buried under your security data?

malware
Opinion

Do we need vendor allies in the malware arms race?

Digital Key, security, encryption
News

New DMA Locker ransomware is ramping up for widespread attacks

A new ransomware program called DMA Locker has reached maturity and shows signs of being distributed in widespread attacks.

adobe flash player v10 icon
News

A recently patched Flash Player exploit is being used in widespread attacks

It took hackers less than two weeks to integrate a recently patched Flash Player exploit into widely used Web-based attack tools that are used to infect computers with malware.

atm cash machine money
Security Is SexyBy

100 thieves stole $12.7 million from ATMs in 2.5 hours

A gang suspected to be part of organized crime pulled off a $12.7 million heist at Japanese ATMs in less than 3 hours by using cloned credit cards from a South African bank.

Digital Key, security, encryption
News

TeslaCrypt victims can now decrypt their files for free

Victims of the widespread TeslaCrypt ransomware can now decrypt files affected by recent versions of the malicious program.

hook fly
Opinion

As the phish, we all need to recognize the baited hook

Phishing scams aren’t going away, and the scammers are in fact getting more sophisticated. That means users have to be more cautious than ever.

spying eye cyberespionage surveillance
News

An HTTPS hijacking click-fraud botnet now infects almost 1M computers

Over the past two years, a group of cybercriminals has infected almost 1 million computers with malware that hijacks search results, even when they're served over encrypted HTTPS connections.

hacker hack
Security Is SexyBy

Hacker GhostShell is back, leaking data from 32 companies with open FTP directories

Beware admins with lax security hygiene. The hacker GhostShell is back, leaking data from 32 targets with open FTP and promising more 'light hacktivism' dumps to come.

Digital Key, security, encryption
News

Researchers crack the latest version of CryptXXX ransomware

Researchers from Kaspersky Lab have developed a method of decrypting files affected with the latest version of CryptXXX, a malware program that combines ransomware and information stealing capabilities.

the interview 100537443 large
News

Malware attacks on two banks have links with 2014 Sony Pictures hack

Bangalore Bank, a commercial bank in Vietnam and ... Sony Pictures are the unlikely bedfellows in a tale of cyber intrigue uncovered by security researchers at BAE Systems.

hardware security embedded circuit board integrated controller
News

SWIFT warns of malware attack on another customer

Financial transaction network SWIFT has renewed its warning to customers to be on their guard following the discovery of malware at another bank using its services.

US Capitol
Security Is SexyBy

Ransomware attacks on House of Representatives gets Yahoo Mail blocked

A surge in ransomware attacks through third-party email providers such as Gmail and Yahoo resulted in the House of Representatives' IT department blocking Yahoo Mail and apps hosted on Google’s appspot.com.

FCC mobile phones FTC security
IT BlogwatchBy

Obama agencies fight phone firms in vuln fix fails

Federales probing slow security by mobile phone carriers and ODMs. The FCC and FTC are tag-teaming to investigate non-existent or long-delayed OTA updates -- even when it's critical security vulnerabilities they patch...

20160224 stock mwc qualcomm booth sign
News

Qualcomm flaw exposes millions of Android devices to data theft risk

A vulnerability in an Android component shipped with phones that use Qualcomm chips puts users' text messages and call history at risk of theft.

Fraud gang targeted large European companies
News

Estonian man gets 7 years in prison for role in global DNS hijacking botnet

An Estonian man was sentenced to 87 months in a U.S. prison for his role in a cybercriminal operation that infected more than 4 million computers with DNS hijacking malware.

phishing
Security Is SexyBy

Most breaches are still caused by PEBKAC and ID10T errors like falling for phishing

Open. Clickety click. Pwned. Humans are still the weak security link, falling for phishing even more often than before, which leads to breaches.

spying eye cyberespionage surveillance
News

Group uses Windows hotpatching method for malware

A cyberespionage group active in Asia has been leveraging a Windows feature known as hotpatching in order to better hide its malware from security products.

Dogspectus ransomware for Android
Security Is SexyBy

Dogspectus: Android ransomware silently installs, demands $200 iTunes gift card ransom

Dogspectus is a ransomware that silently installs on Android devices, via malvertising and a Hacking Team exploit, then demands a ransom of $200 in iTunes gift cards.

ransom note
News

Malvertising attack infects old Android devices with ransomware

Attackers are using two known exploits to silently install ransomware on older Android devices when their owners browse to websites that load malicious advertisements.

Load More