Malware & Vulnerabilities

Malware and vulnerabilities news, trends, analysis and practical advice

adobe flash player v10 icon
atm cash machine money

Digital Key, security, encryption

TeslaCrypt victims can now decrypt their files for free

Victims of the widespread TeslaCrypt ransomware can now decrypt files affected by recent versions of the malicious program.

hook fly

As the phish, we all need to recognize the baited hook

Phishing scams aren’t going away, and the scammers are in fact getting more sophisticated. That means users have to be more cautious than ever.

spying eye cyberespionage surveillance

An HTTPS hijacking click-fraud botnet now infects almost 1M computers

Over the past two years, a group of cybercriminals has infected almost 1 million computers with malware that hijacks search results, even when they're served over encrypted HTTPS connections.

hacker hack

Hacker GhostShell is back, leaking data from 32 companies with open FTP directories

Beware admins with lax security hygiene. The hacker GhostShell is back, leaking data from 32 targets with open FTP and promising more 'light hacktivism' dumps to come.

Digital Key, security, encryption

Researchers crack the latest version of CryptXXX ransomware

Researchers from Kaspersky Lab have developed a method of decrypting files affected with the latest version of CryptXXX, a malware program that combines ransomware and information stealing capabilities.

the interview 100537443 large

Malware attacks on two banks have links with 2014 Sony Pictures hack

Bangalore Bank, a commercial bank in Vietnam and ... Sony Pictures are the unlikely bedfellows in a tale of cyber intrigue uncovered by security researchers at BAE Systems.

hardware security embedded circuit board integrated controller

SWIFT warns of malware attack on another customer

Financial transaction network SWIFT has renewed its warning to customers to be on their guard following the discovery of malware at another bank using its services.

US Capitol

Ransomware attacks on House of Representatives gets Yahoo Mail blocked

A surge in ransomware attacks through third-party email providers such as Gmail and Yahoo resulted in the House of Representatives' IT department blocking Yahoo Mail and apps hosted on Google’s

FCC mobile phones FTC security

Obama agencies fight phone firms in vuln fix fails

Federales probing slow security by mobile phone carriers and ODMs. The FCC and FTC are tag-teaming to investigate non-existent or long-delayed OTA updates -- even when it's critical security vulnerabilities they patch...

20160224 stock mwc qualcomm booth sign

Qualcomm flaw exposes millions of Android devices to data theft risk

A vulnerability in an Android component shipped with phones that use Qualcomm chips puts users' text messages and call history at risk of theft.

Fraud gang targeted large European companies

Estonian man gets 7 years in prison for role in global DNS hijacking botnet

An Estonian man was sentenced to 87 months in a U.S. prison for his role in a cybercriminal operation that infected more than 4 million computers with DNS hijacking malware.


Most breaches are still caused by PEBKAC and ID10T errors like falling for phishing

Open. Clickety click. Pwned. Humans are still the weak security link, falling for phishing even more often than before, which leads to breaches.

spying eye cyberespionage surveillance

Group uses Windows hotpatching method for malware

A cyberespionage group active in Asia has been leveraging a Windows feature known as hotpatching in order to better hide its malware from security products.

Dogspectus ransomware for Android

Dogspectus: Android ransomware silently installs, demands $200 iTunes gift card ransom

Dogspectus is a ransomware that silently installs on Android devices, via malvertising and a Hacking Team exploit, then demands a ransom of $200 in iTunes gift cards.

ransom note

Malvertising attack infects old Android devices with ransomware

Attackers are using two known exploits to silently install ransomware on older Android devices when their owners browse to websites that load malicious advertisements.

ransomwhere logo

This tool can block ransomware on Mac OS X, for now

A security researcher has created a free security tool that can detect attempts by ransomware programs to encrypt files on users' Macs and then block them before they do a lot of damage.

point of sale credit card reader

New point-of-sale malware Multigrain steals card data over DNS

A new memory scraping malware program steals payment card data from point-of-sale (PoS) terminals and sends it back to attackers using the Domain Name System (DNS).

Google partially dangerous safe browsing

FAIL: Google said was 'partially dangerous'

A Google 'Safe Browsing' report said was 'partially dangerous' for more than 24 hours. Yeah, yeah, hilarious fail, but there is a serious side to the story...

Load More