New, custom ransomware delivered to orgs via extremely targeted emails
Ransomware campaigns are usually wide-flung affairs: the attackers send out as many malicious emails as possible and hope to hit a substantial number of targets. But more …
Another Ukrainian software maker’s site compromised to spread malware
The web server of Crystal Finance Millennium, a Ukraine-based accounting software firm, has been compromised and made to host different types of malware. The discovery of the …
Attackers turn to auto-updating links instead of macros to deliver malware
SANS ISC handler Xavier Mertens has flagged and analyzed a malicious Word file that, somehow, is made to automatically download an additional malicious RTF file, ultimately …
How to spot malicious mobile apps
The pervasiveness of smartphones has resulted in an onslaught of mobile apps, and it’s pretty safe to say that, by now, there is an app for every imaginable purpose. …
EV ransomware is targeting WordPress sites
WordPress security outfit Wordfence has flagged several attempts by attackers to upload ransomware that provides them with the ability to encrypt a WordPress website’s files. …
Motivation roulette: Is pseudo-ransomware a term?
It used to be so simple. Attack campaigns were relatively simple to determine, for example when we detailed the recent Shamoon campaign it was clear that this was intended to …
Researchers pull off DNA-based malicious code injection attack
Researchers have demonstrated that it’s possible to create synthetic DNA strands containing malicious computer code that, if sequenced and analyzed, could compromise a …
Stealthy Mughthesec Mac adware exposed: What it does, how to protect yourself
Mac malware is still a rare occurrence, so it’s no wonder that some of it can lurk, unnoticed for months, on random machines. The latest example falls more in the …
New Cerber ransomware variant steals Bitcoin wallets, passwords
Here’s a new reason to fear ransomware more than ever before: a new variant of Cerber has been modified to steal Bitcoin wallets and passwords before encrypting …
UK researcher who stopped WannaCry charged with creating and distributing banking Trojan
Marcus Hutchins, the 23-year-old UK researcher who found the kill-switch domain in the WannaCry ransomware code and registered it, preventing the malware to wreak even more …
The anatomy of a completely fileless attack
The use of fileless malware is definitely on the rise, and it’s used both by targeted threat actors and cybercriminals. Trend Micro researchers, though, are keen to …
Malicious content delivered over SSL/TLS has more than doubled in six months
Threats using SSL encryption are on the rise. An average of 60 percent of the transactions in the Zscaler cloud have been delivered over SSL/TLS. Researchers also found that …
Featured news
Resources
Don't miss
- AirDrop and Quick Share vulnerabilities affect protocols on five billion devices as fixes begin
- Vulnerability reports are arriving faster than GitHub can review them
- JSP webshells being dropped on unpatched PTC Windchill instances
- Mozilla warns of indirect prompt injection risk in AI coding agents
- DarkMoon: Open-source AI pentesting platform