Malware

Malware news, analysis, research, how-to, opinion, and video.

Digital Key, security, encryption
Digital Key, security, encryption

adobe flash player v10 icon

Recently patched Flash Player exploit is being used in widespread attacks

An exploit for the previously zero-day CVE-2016-4117 vulnerability is now in the Magnitude exploit kit

spying eye cyberespionage surveillance

An HTTPS hijacking click-fraud botnet infects almost 1 million computers

Over the past two years, a group of cybercriminals has infected almost 1 million computers with malware that hijacks search results, even when they're served over encrypted HTTPS connections.

Digital Key, security, encryption

Security researchers crack new version of CryptXXX ransomware

An updated decryptor tool can help users recover files affected by the CryptXXX ransomware program

the interview 100537443 large

Malware attacks on two banks have links with 2014 Sony Pictures hack

Security researchers have found a long chain of coding coincidences linking ​attempted fraud over the SWIFT network​ to the 2014 Sony Pictures hack

hardware security embedded circuit board integrated controller

SWIFT warns of malware attack on another of its customers

Funds transfer network SWIFT has warned banks to be on the alert for attempts to replicate an attack that tried to net $1 billion from Bangladesh Bank

20160224 stock mwc qualcomm booth sign

Qualcomm flaw puts millions of Android devices at risk

Malicious apps could exploit the flaw to access Android users' SMS messages and call histories

tablet bug

Why most Android devices won't patch the Qualcomm bug

Qualcomm has patched a high-severity flaw, but handset manufacturers' reluctance to update older models means most of them will remain vulnerable

android security danger

Google renews focus on Mediaserver flaws in latest Android Security Bulletin

Google renamed its monthly security update, but the contents remain the same: remote execution and elevation of privilege bugs in Mediaserver

Android apps (2)

Phishing apps posing as popular payment services infiltrate Google Play

Researchers from security firm PhishLabs say they've found 11 phishing applications hosted on Google Play this year

ransom note letters

How to tell if you've been hit by fake ransomware

Ransomware is no joke, but sometimes, amateur attackers use 'pretend' ransomware -- and you can get your data back easily

ransomware

Got ransomware? These tools may help

Ransomware on your system and no backups? Ouch. Check out publicly available decryptor tools and see if they can save you

cyber warfare war

U.S. cyberwar against ISIS could use methods and tactics criminals use against enterprises

Attacks could support traditional military operations or open up a new front

spying eye cyberespionage surveillance

Cyberespionage group abuses Windows hotpatching mechanism to hide malware

The Platinum cyberespionage group has been leveraging a Windows feature known as hotpatching to inject malicious code into running processes

150817 google marshmallow 03

Malvertising attack silently infects old Android devices with ransomware

The Web-based malware attack uses Towelroot and a Hacking Team exploit to compromise devices running old versions of Android

stack of padded envelopes with the red urgent sticker

Patch JBoss now to prevent SamSam ransomware attacks

Cisco Talos has identified millions of vulnerable JBoss servers that can potentially be infected with SamSam ransomware

A mug with the words GitHub Social Coding

19 open source GitHub projects for security pros

GitHub has a ton of open source options for security professionals, with new entries every day. Add these tools to your collection and work smarter

jigsaw ransomware logo

Jigsaw crypto-ransomware deletes more files the longer you delay paying

Malware researchers have released a tool that can decrypt files affected by the new threat

petya ransomware logo

Companies increasingly yield to ransomware demands

That strategy may only embolden cybercriminals, who view stolen or encrypted data as a powerful weapon

Load More