The anatomy of a completely fileless attack
The use of fileless malware is definitely on the rise, and it’s used both by targeted threat actors and cybercriminals. Trend Micro researchers, though, are keen to …
Swiss users targeted with Windows, macOS banking Trojan
Swiss users are once again hit with emails delivering banking malware, for both Windows and macOS systems. Trend Micro researchers believe the campaign to have been mounted by …
German law enforcement gets new hacking powers
On Thursday, the Bundestag has voted to accept a new amendment that will expand the German police’s hacking powers. The new amendment will allow them to use so-called …
Dok Mac malware intercepts victims’ web traffic, installs backdoor
A new piece of Mac malware, more insidious and dangerous that all those encountered before, has been flung at European users via fake (but relatively convincing) emails. In …
Flashlight app on Google Play delivered highly adaptable banking Trojan
A modified version of the Charger mobile ransomware has been downloaded from Google Play by up to 5,000 users. This new variant of the malware was shipped inside a …
BankBot Trojan found lurking on Google Play
As predicted earlier this year, the leaking of the source code and instructions for creating a potent Android banking Trojan has resulted in a surge of malware based on it. …
Ewind Android adware is actually a full-fledged Trojan
Palo Alto Networks researchers have analyzed a string of legitimate-looking Android apps and have discovered that the adware included in them has the potential to do much more …
MS Office zero-day is used to infect millions of users with Dridex
The still unpatched MS Office zero-day vulnerability publicized by McAfee and FireEye researchers this weekend is being exploited to deliver the infamous Dridex banking …
20,000-bots-strong Sathurbot botnet grows by compromising WordPress sites
A 20,000-bots-strong botnet is probing WordPress sites, trying to compromise them and spread a backdoor downloader Trojan called Sathurbot as far and as wide as possible. …
How the Necurs botnet influences the stock market
After a three-months-long partial hiatus, the Necurs botnet is back to flinging spam emails left and right. But unlike before the break, when it was mostly delivering the …
Trojanized Facebook Lite steals info, installs apps
A Trojanized Facebook Lite app for Android has been found stealing device information and installing malicious apps in the background. How can this happen? There is some …
XAgentOSX Mac malware linked to Russian hacking group
Researchers have discovered and analyzed a new piece of Mac malware that is believed to be used by the Sofacy (aka Fancy Bear, aka Pawn Storm, aka APT28) hacking group. …