Microsoft swears it's not coming for your data with scan for old Office versions Don't mind us, we'll just have a quick look for unsupported installs and then disappear, we pwoooomise Software03 Feb 2023 | 5
Fast-evolving Prilex POS malware can block contactless payments ... forcing users to insert their cards into less-secure PIN systems Research03 Feb 2023 |
Malvertising attacks are distributing .NET malware loaders The campaign illustrates another option for miscreants who had relied on Microsoft macros Research02 Feb 2023 | 7
Gootloader malware updated with PowerShell, sneaky JavaScript Perhaps a good time to check for unwelcome visitors Cyber-crime30 Jan 2023 | 5
Microsoft closes another door to attackers by blocking Excel XLL files from the internet More of them used by baddies since Redmond blocked VBA macros Research25 Jan 2023 | 6
Microsoft took its macros and went home, so miscreants turned to Windows LNK files Adapt or die Research23 Jan 2023 | 6
Been hit by BianLian ransomware? Here's your get-out-of-jail-free card Avast issues a free decryptor so victims can get their data back Security18 Jan 2023 | 3
Microsoft applies coat of Rust to Azure Sphere IoT platform The hope? To grease the security skids for internet-connected devices – and they need all the help they can get Edge + IoT13 Jan 2023 | 9
Dridex malware pops back up and turns its attention to macOS Malware testers spot attempt to attack Macs. But (try not to weep for the bad guys) there are still compatibility issues with MS exe files Research06 Jan 2023 | 6
Zerobot malware now shooting for Apache systems Upgraded threat, time to patch Security22 Dec 2022 | 11
Godfather malware makes banking apps an offer they can’t refuse No horse heads in beds...that we know of Security22 Dec 2022 | 7
Cisco’s Talos security bods predict new wave of Excel Hell Criminals have noticed that spreadsheet's XLL files add custom functionality - including malware Security21 Dec 2022 | 16
IT security teams, business execs still not on same page In brief Also: Guri the air-gap guru strikes again, while pro-Ukraine hackers set up a proxy network in Russia Security12 Dec 2022 | 6
Legit Android apps poisoned by sticky 'Zombinder' malware Sure, go ahead and load APKs instead of using an app store. You won't enjoy the results Research09 Dec 2022 | 25
Want to detect Cobalt Strike on the network? Look to process memory Security analysts have tools to spot hard-to-find threat, Unit 42 says Security06 Dec 2022 |
KmsdBot botnet is down after operator sends typo in command Cashdollar: 'It’s not often we get this kind of story in security' Cyber-crime06 Dec 2022 | 31
Domain aging gang CashRewindo picks vintage sites to push malvertising Like fine wine, the longer it sits, the better it is Cyber-crime02 Dec 2022 | 22
Sandworm gang launches Monster ransomware attacks on Ukraine The RansomBoggs campaign is the Russia-linked group’s latest assault on the smaller country Security29 Nov 2022 | 15
US offshore oil and gas installation at 'increasing' risk of cyberattack GAO says 2010 Deepwater Horizon disaster will look like a walk in the park Cyber-crime21 Nov 2022 | 8
Notorious Emotet botnet returns after a few months off And it's been sending out hundreds of thousands of malicious emails a day Cyber-crime17 Nov 2022 | 3
WASP malware stings Python developers Info-stealing trojan hides in malicious PyPI packages on GitHub Research16 Nov 2022 | 9
Oh, look: More malware in the Google Play store in brief Also, US media hit with JavaScript supply chain attack, while half of govt employees use out-of-date mobile OSes Research07 Nov 2022 | 25
Ordinary web access request or command to malware? Cranefly group unleashes nasty little technique using Microsoft Internet Information Services (IIS) logs Research31 Oct 2022 | 4
This Windows worm evolved into slinging ransomware. Here's how to detect it Raspberry Robin hits 1,000 orgs in just one month Research28 Oct 2022 | 12
Ransomware down this year – but there's a catch 2021 was such a banner year for extortionists, 2022 is gonna look rosy in comparison Cyber-crime26 Oct 2022 | 1
Payment terminal malware steals $3.3m worth of credit card numbers – so far With shops leaving VNC and RDP open, quelle surprise Cyber-crime24 Oct 2022 | 14
Hacktivists say they stole 100,000 emails from Iran's nuclear energy agency Tehran laughs it off as foreign psyop or media stunt. Just don't remind them about Stuxnet, OK? Cyber-crime24 Oct 2022 | 1
Good news, URSNIF no longer a banking trojan. Bad news, it's now a backdoor And one designed to slip ransomware and data-stealing code onto infected machines Research21 Oct 2022 | 1
Imagine surviving a wiper attack only for ransomware to scramble your restored files Then again, imagine being invaded by Russia Security18 Oct 2022 | 4
Criminal multitool LilithBot arrives on malware-as-a-service scene Bespoke botnet up for grabs from outfit praised for, er, customer service Research10 Oct 2022 | 1
Biden's Privacy Shield 2.0 order may not satisfy Europe In brief Also, Albania almost called in NATO over cyber attacks, and Facebook warns of account-stealing mobile apps Security08 Oct 2022 | 20
Modified version of Tor Browser spies on Chinese users Patiently gathers data that can be used to identify the victims, says Kaspersky Security05 Oct 2022 | 7
Steganography alert: Backdoor spyware stashed in Microsoft logo Now that's sticker shock Research02 Oct 2022 | 27
Microsoft warns of North Korean crew posing as LinkedIn recruiters State-sponsored ZINC allegedly passes on malware-laden open source apps Research30 Sep 2022 | 10
Covert malware targets VMware shops for hypervisor-level espionage Mandiant tracks back operators, finds ties to China CSO29 Sep 2022 | 3
Want to sneak a RAT into Windows? Buy Quantum Builder on the dark web Beware what could be hiding in those LNK shortcuts Research28 Sep 2022 | 4
Noberus ransomware gets info-stealing upgrades, targets Veeam backup software 'One of the most dangerous and active malware developers operating at the moment' Cyber-crime25 Sep 2022 | 6
Check out this Android spyware, says Microsoft, the home of a gazillion Windows flaws While issuing an emergency patch for Endpoint Configuration Manager Cyber-crime22 Sep 2022 | 7
ChromeLoader, what took you so long? Malvertising irritant now slings ransomware Doesn't make cents, makes bigger bucks instead ... probably Cyber-crime21 Sep 2022 | 10
WordPress-powered sites backdoored after FishPig suffers supply chain attack And two other security snafus in this web publishing world Patches15 Sep 2022 | 18
Shape-shifting cryptominer savages Linux endpoints and IoT In brief Also, Authorities seize WT1SHOP selling 5.8m sets of PII, The North Face users face tough security hike Security10 Sep 2022 | 10
Cybercriminals target games popular with kids to distribute malware Kaspersky research finds Minecraft and Roblox have the most malicious files associated with them Security07 Sep 2022 |
Cyberattack brings down InterContinental Hotels' booking systems Online booking systems and other services knocked offline amid network intrusion Cyber-crime06 Sep 2022 | 16
Newly discovered cyberspy crew targets Asian governments and corporations Worok uses mix of publicly available tools, custom malware to steal info, gang active since 2020 Security06 Sep 2022 |
Oh no, that James Webb Space Telescope snap might actually contain malware Is nothing sacred? Research01 Sep 2022 | 25
That 'clean' Google Translate app is actually Windows crypto-mining malware Ah, nothing like a classic Trojan horse Cyber-crime30 Aug 2022 | 20
77% of security leaders fear we’re in perpetual cyberwar from now on In brief Also, Charming Kittens from Iran scrape email inboxes, France could fine Google again, and more CSO27 Aug 2022 | 32
Shout-out to whoever went to Black Hat and had North Korean malware on their PC I am the one who NOCs CSO25 Aug 2022 | 25
Ransomware attack on UK water company clouded by confusion Clop gang thought it hit Thames Water – but real victim was elsewhere Cyber-crime18 Aug 2022 | 44
After 7 years, long-term threat DarkTortilla crypter is still evolving .NET-based malware can push wide range of malicious payloads, and evades detection, Secureworks says CSO17 Aug 2022 | 2
Open source VideoLAN media player asks why it's blocked in India Rubbishes suggestions poisoned clones or ancient malware are worthy reasons for ban Software17 Aug 2022 | 29
Dutch authorities arrest 29-year-old dev with suspected ties to Tornado Cash The arrest comes days after US Treasury levies sanctions against the crypto mixing service Cyber-crime15 Aug 2022 | 20
US reveals 'Target' pic of Conti man with $10m reward offer Fashion Police chipping in on the bounty related to costliest strain of ransomware on record Security12 Aug 2022 | 6
Sonatype spots another PyPI package behaving badly Identity of a real person was used to lend credence to a package that dropped cryptominer in memory Cyber-crime11 Aug 2022 |
Don't be surprised if your organization suffers multiple cyberattacks Black Hat Failing to fix flaws, a crowded threat group scene, RaaS, and dependencies among crooks are fueling the trend Security11 Aug 2022 | 5
Maui ransomware linked to North Korean group Andariel Attack origins point to April 2021 first strike on Japanese target Security10 Aug 2022 | 1
Dark Utilities C2 service draws thousands of cyber criminals Nascent platform provides miscreants an easier and cheaper way to launch remote access, DDoS, and other attacks Security08 Aug 2022 | 1
DuckDuckGo says Hell, Hell, No to those Microsoft trackers after web revolt In brief Plus: That Twitter privacy leak, scammers send Ubers for victims, critical flaw in Cisco gear, and more Security06 Aug 2022 | 38
How cybercrims embrace messaging apps to spread malware, communicate Underground forums are so last year. Telegram, Discord offer better privacy, functionality to criminals, says Intel 471 Security02 Aug 2022 | 5
Miscreants aim to cause Discord discord with malicious npm packages LofyLife campaign comes amid GitHub security lockdown Research02 Aug 2022 | 2