Malware & Vulnerabilities

Malware & vulnerabilities news, trends, analysis and practical advice

China says US hacking accusations are 'totally groundless'

The Chinese government says accusations that it was involved in cyberattacks against U.S. transportation contractors are "totally groundless and untenable."

android malware

wells fargo avast screenshot

'Tiny banker' malware targets US financial institutions

A banking trojan, known for its small size but powerful capabilities, has expanded the number of financial institutions from which it can collect data, according to security vendor Avast.

Did the FBI violate CFAA to takedown Silk Road

Did the FBI violate CFAA by hacking to find Silk Road's server?

Some security experts say the FBI's explanations for how it obtained the "leaked" IP address for Silk Road's misconfigured server are "impossible" and stink like the truth shouldn't. Legally, the DOJ claims the methods for finding the...


Heartbleed flaw was unknown before disclosure

One of the most serious software flaws to affect the Internet, nicknamed "Heartbleed," was likely unknown before it was publicly disclosed, according to new research.

Security alert for incoming threats.

Microsoft Patch Tuesday thwarts nosey malware

Cyberattackers curious about the contents of users' hard drives will have a tougher time finding that information because of the latest patch Microsoft issued Tuesday.

Adobe logo and products reflected in displays.

Adobe fixes critical flaws in Flash Player, delays Reader and Acrobat updates

Adobe Systems released a critical security update for Flash Player that fixes 12 security vulnerabilities, but pushed back its planned patches for Reader and Acrobat by a week.

Salesforce warns customers of malware attack users are being targeted by a new version of a computer Trojan that has typically attacked online banking customers until now.

Emergency hacked? If only someone had warned it was hackable...Oh wait

Malware was uploaded to a test server that was not supposed to be connected to the Internet and was secured with the manufacturer's default password. But don't sweat it, we're told, as nothing was stolen and it only...

Adobe logo and products reflected in displays.

Adobe slates critical Reader security update for Tuesday

Adobe plans to issue security updates for its PDF viewer Reader and for Acrobat to fix critical flaws in the software on Windows and Apple's OS X

Microsoft plans critical IE update next week

Microsoft will issue just four security updates to customers next week, with the usual patches for Internet Explorer as well as others for Windows, the .Net Framework and Lync, the company's communications server software.

Twitter launches bug bounty program

The company will pay researchers at least $140 for privately reporting serious vulnerabilities in its Web services and mobile apps

Hacker manipulating code

Hackers make drive-by attacks stealthier with fileless infections

Cybercriminals are increasingly infecting computers with malware that resides only in memory in order to make their attacks harder to detect.

computer hacking hacker thief white collar crime stealing keyboard hand shadow 000001325773

Why hackers may be stealing your credit card numbers for years

While conducting a penetration test of a major Canadian retailer, Rob VandenBrink bought something from the store. He later found his own credit card number buried in its systems.

computer hacker aa006208

Rigged industrial software site points to watering hole attack

Attackers have rigged the website of an industrial software firm with a sophisticated reconnaissance tool, possibly in preparation for attacks against companies from several industries.

Backoff malware infections are more widespread than thought

The number of businesses hit by the data-stealing Backoff malware may be substantially more than the 1,000 or so companies estimated by federal officials.


CryptoWall ransomware held over 600,000 computers hostage, encrypted 5B files

CryptoWall infected over 600,000 computer systems in the past six months and held 5 billion files hostage, earning its creators more than $1 million.

New malvertising campaign hit visitors of several high-profile sites

Attackers redirected users to Web-based exploits by pushing malicious advertisements onto popular sites, researchers from Fox-IT said

Hackers prey on Russian patriotism to grow the Kelihos botnet

A recent spam campaign encouraged Russian speakers to install malware on their computers to participate in DDoS attacks, researchers said

Attack targets auto industry firms in Europe

Cybercriminals are using a new information-stealing malware program to target companies from the automobile industry in Europe, security researchers warned.

Load More