Dridex botnet alive and well, now also spreading ransomware
Last October’s disruption of the Dridex botnet by UK and US law enforcement agencies and the arrest of a Moldovan bot master have not lead to the death of the botnet. …
Dyre gang taken down by Russian authorities
Dyre (aka Dyreza), one of the most widespread and effective financial Trojans to crop up in the last few years, is currently not an active threat. In fact, spam campaigns …
T9000 backdoor steals documents, records Skype conversations, victims’ actions
A new backdoor Trojan with spyware capabilities is being used in targeted attacks against organizations based in the United States. It has been dubbed T9000, since it’s …
60+ Trojanized Android games lurking on Google Play
Dr. Web researchers have discovered over 60 Trojanized game apps being offered on Google Play through more than 30 different game developer accounts. The games are made to …
Versatile Linux backdoor acts as downloader, spyware
Another Linux Trojan has been discovered by researchers, and this one is pretty versatile: it opens a backdoor into the infected device, can download and run additional …
Asacub Android Trojan: Financial fraud and information stealing
Asacub is a new malware that targets Android users for financial gain. When first identified, Asacub displayed all the signs of an information stealing malware; however, some …
New Linux Trojan performs system reconnaissance
A new Linux threat has been identified by Dr. Web researchers. Dubbed Linux.Ekoms.1, this Trojan’s apparent function is to discover details about the system it has …
Android banking Trojan defeats voice call-based 2FA
Bankosy is a banking Trojan that has been targeting Android users for a while now, but has only recently been updated with a new capability of note: the ability to deceive …
BlackEnergy APT is back, deleting files and killing computer systems
The BlackEnergy APT – or SandWorm group, as some researchers call it – has been active since 2007 (at least). Its past exploits include cyber-espionage campaigns …
Android users targeted with sophisticated new banking Trojan
A relatively new Android Trojan family has been bringing grief to users around the world, posing as a Flash Player or WhatsApp update, stealing online banking credentials, one …
Operation targets users of remote access trojans across Europe
In December, Europol and a number of law enforcement and judicial authorities across Europe carried out a two weeks long coordinated action against the use of remote access …
Zero detection GlassRAT operated undetected for years
RSA Research has unearthed another Remote Access Tool/Trojan (RAT) used in cyber espionage campaigns. Dubbed GlassRAT, it has the usual capabilities of this type of malware: …
Featured news
Resources
Don't miss
- Google patches actively exploited Chrome (CVE‑2025‑6554)
- Federal Reserve System CISO on aligning cyber risk management with transparency, trust
- How cybercriminals are weaponizing AI and what CISOs should do about it
- How analyzing 700,000 security incidents helped our understanding of Living Off the Land tactics
- CitrixBleed 2 might be actively exploited (CVE-2025-5777)