Malware & Vulnerabilities

Malware and vulnerabilities news, trends, analysis and practical advice

Security (3)
security code big data cyberespionage DDoS

malware payment terminal credit card

Hackers hide stolen payment card data inside website product images

Attackers compromise online shops and store stolen payment card details inside legitimate image files in order to avoid detection.

malware payment terminal credit card

Dyre banking Trojan successor rears its ugly head

Cybercriminals have unleashed a new banking Trojan on the internet and it bears striking similarities to Dyre, a malware threat believed to be dead for almost a year.

security fail open lock broken lock

Hackers abusing a 12-year-old flaw to attack the internet of insecure things

A 12-year-old vulnerability in OpenSSH is being used to attack the 'internet of unpatchable things.'

hacker, DDOS, IoT, SkilledAnalysts

StrongPity APT attack group booby-trapped WinRAR and TrueCrypt downloads

An APT attack group focused on encrypted data and communications, using watering hole attacks to taint WinRAR and TrueCrypt downloads.

Digital Key, security, encryption

Cerber ransomware kills processes needed to access data

In order to encrypt some of the most important data stored on computers and servers, the Cerber ransomware now tries to kill processes associated with database servers.

dahua cams

IoT botnet highlights the dangers of default passwords

A botnet responsible for a massive DDOS (distributed denial-of-service) attack was created thanks to weak default usernames and passwords found in internet-connected cameras and DVRs.

internet of things

Code in the wild to infect millions of IoT devices for crippling DDoS attacks

A hacker released malicious code that will make it easier for any thug to infect millions of IoT devices and create botnets capable of launching crippling DDoS attacks.

20160224 stock mwc internet of things iot sign

IoT malware behind record DDoS attack is now available to all hackers

The source code for a trojan that infected hundreds of thousands of internet-of-things devices and used them to launch distributed denial-of-service attacks was published online, paving the way for more such botnets.


Android malware that can infiltrate corporate networks is spreading

An Android Trojan is spreading across app stores, including Google Play, and has the capability of stealing sensitive files from corporate networks.

gottfried leibbrandt ceo swift sibos 2016

Swift CEO details three more failed attacks on banking network

Banks stopped three new attempts to abuse the Swift financial transfer network this summer, its CEO Gottfried Leibbrandt said Monday, as he announced Swift's plan to impose tighter security controls on its customers.

sofacy 1

New Mac Trojan uses the Russian space program as a front

Security researchers have found a new Mac OS X malware that appears to be targeting the aerospace industry.

texting woman iphone macbook

iOS 10 backups are easier to crack, but Apple promises to fix security flaw

Forensic researcher claims iOS 10 local backups are easier to crack due to a hashing algorithm that is 2,500 times weaker than in iOS 9; Apple confirmed the security flaw and promised to roll out a patch.


Hackers sell tool to spread malware through torrent files

Be careful with what you torrent. A new tool on the black market is helping hackers distribute malware through torrent files in exchange for a fee.

swift security breaches

Swift hopes daily reporting will help stem payment fraud

Swift is introducing a new reporting system to help banks identify fraudulent payments made over its financial transfer network -- but the reports will arrive up to a day too late to stop them all.

row of colorful euros currency

Thousands of Seagate NAS boxes host cryptocurrency mining malware

Thousands of publicly accessible FTP servers, including many Seagate network-attached storage devices, are being used by criminals to host malware that mines cryptocurrency.

4120913056 d1931898b4 o

Crafty GovRAT malware targets U.S. gov't employees

A tough-to-detect malware that attacks government and corporate computers has been upgraded, making it more aggressive in its mission to steal sensitive files, according to security firm InfoArmor.

bernard barbier

Yes, U.S. did hack Elysée Palace in 2012, French ex-spy claims

Bernard Barbier, a former head of the French signals intelligence service, shared a few stories with students of CentraleSupélec, the elite engineering school from which he graduated in 1976, at a symposium this summer.

malware attack cyberespionage code hacker

Stealthy, sneaky rootkit targets Linux systems on ARM and x86

Security researchers have identified a new family of Linux rootkits that despite running from user mode, can be hard to detect and remove.

Load More