Malware & Vulnerabilities

Malware and vulnerabilities news, trends, analysis and practical advice

Taking screenshot on Android phone
hacker hacked power grid

google logo stars mouse

Google says it killed 780M 'bad ads' in 2015

Google was busier than ever in 2015, claiming that it shut down relentless spammers and other bad guys who spread malware and 'trick-to-click' ads, which mislead users into clicking them.

ransom note

Ransomware: 7 tips for recovery and prevention

Ransomware is a rather insidious form of malware that attempts to render all of your important files unreadable, until you pay the perpetrator a ransom to restore them. Once paid, you may or may not be given the key needed to restore...

Fraud gang targeted large European companies

Dridex banking malware adds new trick

IBM's X-Force researchers have found that the latest version of Dridex uses a DNS (Domain Name System) trick to direct victims to fake banking websites.


A ray of hope in the fight against malvertising

A new service offers to keep all your Web browsing on its servers. It could be the answer, despite the risks of contracting with a startup.

internet malvertising

Silencing dissent? IAB blocks Adblock Plus from internet advertising conference

The Interactive Advertising Bureau un-invited Adblock Plus from its annual advertising conference, a move Adblock Plus said is to keep dissenting voices from being heard.

malware payment terminal credit card

Hyatt hackers hit payment processing systems, scooped cards used at 250 locations

Hacker managed to compromise payment cards used at 250 Hyatt Hotels locations from around 50 countries after infecting the company's payment processing systems with malware.

malware payment terminal credit card

Hyatt hackers snagged credit card numbers from 250 locations

Hacker managed to compromise payment cards used at 250 Hyatt Hotels locations from around 50 countries after infecting the company's payment processing systems with malware.

150817 google marshmallow 03

Android banking malware SlemBunk is part of well-organized campaign

The SlemBunk Android Trojan that targets mobile banking users has evolved into a hard-to-detect threat, researchers from FireEye found.

Digital Key

Faulty ransomware renders files unrecoverable, even by the attacker

A hacker has built a ransomware program based on proof-of-concept code released online, but messed up the implementation -- resulting in victims' files being completely unrecoverable.

Data Scientist

New remote access Trojan Trochilus used in cyberespionage operations

A cyberespionage group was found using a new remote access Trojan dubbed Trochilus whose detection rate was very low among antivirus products.

Data Scientist

Malware wasn't sole cause of Ukraine power station outage

A new study of a cyberattack last month against Ukrainian power companies suggests malware didn't directly cause the outages that affected at least 80,000 customers.

security hacker code cyberespionage

Antivirus software could make your company more vulnerable

Cyberespionage groups could easily exploit vulnerabilities in antivirus programs to break into corporate networks, according to vulnerability researchers who have analyzed such products in recent years.

atm cash machine money

Authorities dismantle criminal gang that used malware to steal from ATMs

Law enforcement authorities from Romania and Republic of Moldova dismantled a gang of criminals that stole 200,000 euros from ATMs in the E.U. and Russia after infecting them with a malware program.

SSL padlock icon

Malvertising campaign used a free certificate from Let's Encrypt

Cybercriminals are taking advantage of an organization that issues free digital certificates, sparking a disagreement over how to deal with such abuse.

Web attack silently modifies DNS configurations in routers

BlackEnergy cyberespionage group adds disk wiper and SSH backdoor to its arsenal

A cyberespionage group focused on companies and organizations from the energy sector has recently updated its arsenal with a destructive data-wiping component and a backdoored SSH server.


Ransom32: First-of-its-kind JavaScript-based ransomware spotted in the wild

A new JavaScript-based ransomware spotted in the wild uses Node.js to infect victims, meaning Windows, Linux and Mac users could be affected; Ransom32 is being sold on dark web as ransomware-as-a-service.

microsoft edge

Microsoft extends SmartScreen browsing protection to foil malvertising and exploit kits

The Microsoft SmartScreen filtering technology built into Internet Explorer and Edge has been updated to block Web-based attacks that silently exploit software vulnerabilities to infect computers.

hardware security embedded circuit board integrated controller

Grub2 bootloader flaw leaves locked-down Linux computers at risk

Pressing the backspace key 28 times can bypass the Grub2 bootloader's password protection and allow a hacker to install malware on a locked-down Linux system.

Load More