The Dutch National Police Unit has arrested a hacker suspected of large-scale production and selling of malware such as Rubella and Dryad, aided by private companies including McAfee.
A new kind of phishing attack has been created and it uses server-parsed HTML as a base for its cyber-attack.
GandCrab's developers last month publicly disclosed that they were retiring, but researchers say this announcement may have been misleading
A threat actor named Sweed has been active for more than two years, attacking countries across the globe, including the US Canada, Russia, China, Singapore and South Africa.
MobonoGram 2019, advertised as an unofficial version of the Telegram messaging application with more features, runs an endless stream of malicious websites in the background
Fake Amazon website 16Shop phishing tool lures victims into divulging financial information as Amazon Prime day starts.
A new variant of mobile malware has been infecting Android devices, targeting mostly Hindi, Arabic, Russian and Indonesian-speaking users
Ransomware eCh0raix specifically targets QNAP Systems NAS devices, as these devices are used to store backups and important files
A fileless malware campaign abused a multiple of legitimate services, including the Windows Management Instrumentation Command-line tool, in order to deliver the final payload
Hackers compromised credentials to break into a Canonical Ltd. GitHub account, but apparently did not lift sensitive information or manipulate source code
BianLian, which first appeared as a dropper in October 2018, has turned spyware by adding screen recording module
Government agencies in Croatia have been targeted in fileless attacks with never before seen malware payload, dubbed SilentTrinity.
Police forensics provider Eurofins Scientific, victim of ransomware attack last month, is reported by the BBC to have paid a ransom to the attackers.
All URL-detecting security measures are being avoided by criminals delivering malicious QR codes to victims' mobile phones as part of phishing campaigns
The Sodin ransomware has reemerged recently, using a flaw in a Win32k component to elevate its privileges and infect systems, having moved on from exploiting Oracle Weblogic
Two malware campaigns were launched in June; one targeted South Koreans, while the other sought out financial institutions in Singapore, the United Arab Emirates and the US
Two contributors to the OpenPGP community become victims of certificate spamming; More attacks expected
A HawkEye Reborn keylogger, Remcos remote access trojan (RAT), and various other cryptocurrency mining trojan campaigns are using the age-old "Heaven's Gate" technique to avoid antivirus detection
A fake Flash Player trojan malware is targeting Macs was spotted in several places on the web, from sketchy copyright-infringing download sites to rogue, high-ranking, non-sponsored Google search results links
Cyber-attacks reported in the UK financial service sector went up 1,000 percent since 2017, with third-party failures involved in 21 percent of incidents.
The Dridex credential-stealing malware that targets banks continues to evolve and now uses application whitelisting techniques to infect systems and evade most anti-virus defences.
Hackers wanted to use the information stolen from PCM to perpetrate gift card fraud in a scheme similar to what happened at Wipro
Victims receive an email about an invoice, with an ISO disk image file attachment.
The malware targets Unix-based systems with default credentials, trashing the device's storage, dropping its firewall rules, removing the network configurations, and halting the device
Catch up on the most viewed stories in the cyber-security sector reported by SC Media UK over the past week, from 19 - 25 June, presented by Tony Morbin, Editor-in-chief at SC Media UK.
Nearly half of UK respondents to the annual NTT security survey - 42 percent - not were confident that their critical data is secure compared to a global average of 52 percent
Apple was alerted about the MacOS Gatekeeper security flaw on 22 February, but the issue was not fixed despite promising action within 90 days, says researcher
Riltok is distributed from infected devices via SMS, disguised as apps for popular free ad services in Russia
Victims are faced with three broad options: pay the ransom hope the attacker will act as promised; begin the recovery process using your backed up data; or rebuild from scratch
The unusual attack took place during one of three Turla campaigns over the last 18 months
An attack on global telecoms carriers by suspected Chinese hackers targeted specific individuals such as military officials, dissidents, spies and law enforcement officials across Asia, Europe, Africa and the Middle East
With the proper training, this weakness can be almost entirely weeded out
Iranian military computer systems were struck in a cyber-attack by the US government in response to shooting down of a US drone. Should private sector also hack back if targetted in counter-response?
A high social media presence increases the ease with which criminals can steal your identity for online fraud
Hackers used leaked NSA tools and hijacked another hacking group's infrastructure to attack government organisations in the Middle East and beyond
Catch up on the most viewed stories in the cyber-security sector reported by SC Media UK over the past week, from 12 - 19 June, presented by Tony Morbin, Editor-in-chief at SC Media UK.
These programs deliberately mislead the user by greatly overstating the risk or even reporting non-existent errors
Known as GolfSpy, the malware is found in once-legitimate applications that have been repackaged to contain malicious code
A method of exploiting Google Calendar alerts is spreading fast, according to experts. Maintaining caution even when dealing with trusted apps is essential. Automation is not your friend in cases such as this.
A new and improved update counters versions one and four and versions five to 5.2 of the ransomware
Security researchers have discovered a variant of the Houdini malware in campaigns against financial institutions and their customers.
Names, usernames, email addresses, passwords, dates of birth, phone numbers, and mailing addresses were potentially affected in the incident at the online invitation company
Researchers also noticed threat actors abusing a tool called a Docker Batch Test that was developed to detect vulnerabilities in Docker
A newly-discovered variant of Echobot, an offshoot of the Mirai family of Internet of Things botnet malware, was found to contain a whopping 26 different exploits for infecting victim machines
The mail transfer agent (MTA), deployed on more than half of all internet-facing mail servers, came under severe attacks from hacker groups days after the vulnerability in older versions was exposed
Akamai Technologies found out that the habits of using the same passwords across multiple online accounts make online gaming platforms and its users easy targets
Protesters in Hong Kong often use services such as Telegram to organise their efforts in a manner free from government oversight, but a crippling DDoS attack would deny them access to such tools
Airplane parts maker ASCO suffered a ransomware attack on 7 June and its plants have remained closed since then
The nature of the incidents and the involvement of organised crime in cyber-crime remain largely unchanged but people have started to figure out new ways to monetise the data breaches they execute
Is Zero Trust really achievable given the complexity in finance service organisations?
Brought to you in partnership with Forescout