Malware & Vulnerabilities

Malware and vulnerabilities news, trends, analysis and practical advice

microsoft headquarters
Windows user account control

10 reasons why phishing attacks are nastier than ever

Why phishing attacks are nastier than ever

Forget Nigerian princes -- today’s spearphishing is sophisticated business, fooling even the most seasoned security pros


Hacking group that hit S. Korea may be at it again with new target

A hacking group that crippled South Korean banks, government websites and news agencies in early 2013 may be active again, Palo Alto Networks said.


SentinelOne adds feature to restore files hit by ransomware

SentinelOne has added a feature to its endpoint detection products that can restore files encrypted by cybercriminals, a common type of attack known as ransomware.

Cybersecurity planet big data security

State-sponsored cyberspies inject victim profiling and tracking scripts in strategic websites

Security researchers from FireEye have discovered an attack campaign that has injected computer profiling and tracking scripts into over 100 websites visited by business executives, diplomats, government officials and academic...


Now cybercriminals are using video ads to plant malware

Cybercriminals have been delivering malware through online display ads for years, but they appear to be making headway with a new distribution method: video advertisements.

InstaAgent app stole passwords, hijack Instagram accounts

Google, Apple axed InstaAgent after app stole passwords, hijacked Instagram accounts

InstaAgent, an app that claimed to let you know who viewed your Instagram account, stole passwords and may have hijacked a half million Instagram accounts before Google and Apple axed the malicious app.

Cybersecurity planet big data security

Iranian cyberespionage group attacked over 1,600 high-profile targets in one year

A cyberespionage group with possible ties to the Iranian government has targeted over 1,600 defense officials, diplomats, researchers, human rights activists, journalists and other high-profile individuals around the world.

victim identity theft computer problem

File-encrypting ransomware starts targeting Linux Web servers

After targeting consumer and then business computers, ransomware authors are now going after Web servers.

Apple China iPhone

Apple wages battle to keep App Store malware-free

Apple is facing growing challenges keeping suspicious mobile applications out of its App Store marketplace.

150817 google marshmallow 06

Trojanized Android apps flood third-party stores

Researchers from mobile security firm Lookout have found over 20,000 samples of trojanized apps that root devices.

Digital Key

All CoinVault and Bitcryptor ransomware victims can now recover their files for free

Researchers from Kaspersky Lab and the Dutch Public Prosecution Service have obtained the last set of encryption keys from command-and-control servers that were used by CoinVault and Bitcryptor, two related ransomware threats.


Cryptowall ransomware revenue may flow to one group

Just one cybercriminal group may be collecting the revenue from Cryptowall 3.0, a malicious program that infects computers, encrypts files and demands a ransom, according to a new study.

Data center servers

Hackers infect MySQL servers with malware for DDoS attacks

Hackers infect MySQL database servers with a malware program that's used to launch distributed denial-of-service (DDoS) attacks.

Ellison OpenWorld

Oracle's Larry Ellison decries poor state of security, says he has fixed it

Oracle Chairman Larry Ellison has put better security at the heart of his pitch for the company's new products, though it could be a tough sell for a man who's long claimed his products are "unbreakable."

150817 google marshmallow 02

Iranian hackers show interest in Android spying tools

Iranian hackers are showing a strong interest in malware that can secretly pull data from Android devices, which are popular in the Middle East.

spying eye

S. Korean manufacturing industry targeted with new backdoor program

South Korean organizations are being targeted in attacks with a new stealthy backdoor program that gives attackers full access to infected computers.

Fitbit Flexes

Researcher says Fitbit can be wirelessly hacked to infect PCs, Fitbit says not true

A researcher demonstrated a proof-of-concept to infect Fitbit with malware in about 10 seconds; the malware infection could then spread to a PC when the fitness tracker is plugged into it. Fitbit, which was notified about the flaw...

img 1587

Despite takedown, the Dridex botnet is running again

Spam emails containing the Dridex malware are being seen almost daily despite the arrest of one of its key operators in August.

Load More