MalwareHunterTeam researchers discovered a second variant this week of the CryptoMix ransomware appending the .0000 extension to encrypted files.
Malwarebytes researchers are warning IT workers seeking love online to beware "CatPhishing" scams which can leave entire companies devastated.
Collectively downloaded millions of times, 158 fake Android applications containing mobile malware were recently found smuggled into the Google Play Store.
Security researchers have warned that a new phishing campaign is using the DDE feature in Microsoft Office to deliver DNSMessenger malware undetected.
Cryptocurrency miners are becoming one of the most prolific threats facing everyone, with Check Point Software Technologies naming this type of malicious software in its Ten Most Wanted Malware list for October.
WikiLeaks, under its new Vault 8 series of released documents, has rolled out what it says is the source code to a previously noted CIA tool, called Hive, that is used to help hide espionage actions when the Agency implants malware.
While SEO best practices help brands reach the widest possible audiences by garnering more web traffic, these same tactics can also be leveraged to help cyber-criminals reach the most victims.
A new malware uses an updated methodology to abuse the previously patched Android Toast overlay vulnerability, which once installed, can download additional malware as well as use various permissions to access the phone.
An exploit in the InPage word processor program was used as an attack vector by three malware families. The word processor supports languages such as Urdu, Persian, Pashto, and Arabic.
App stores that once distributed the rootkit malware used by ZNIU, the first malware family to exploit the Dirty COWvulnerability, are now distributing a new iXintpwn/YJSNPI variant.
A new bankrobber Trojan has been identified by researchers at Kaspersky Lab, quietly stealing money direct from the banks themselves rather than targeting customers.
Julia Sowells explains how the BitPaymer malware initially executes itself, makes a copy of itself and runs in two ADS. It hides in empty files; deletes its older executable file and transfers control of the malware to the newly created files.
Maher, Iran's Computer Emergency Response Team Coordination Center (CERTCC), has warned that 'Tyrant' ransomware is being distributed in the country via a compromised VPN app, undermines trust in IT dept.
Less than 24 hours after BadRabbit hopped out of its hole the malware is still spreading, albeit slowly, with US CERT having received reports of infections; researchers say this worm-like ransomware may have ties to Petya/NotPetya.
A trojanised version of Elmita's Elmedia Player software was seen being distributed via the company's own official site in the late hours of 20 October 2017.
Researchers at PhishMe recently detected two email-based phishing campaigns that infected users with either Lockyransomware or the Trickbot banking trojan based on the victim's geographical location.
The Necurs botnet is on the rise again, this time sporting a downloader that screengrabs the desktops of infected systems.
The Sockbot malware has made its way into at least eight Apps in the Google Play Store with the intent of adding devices to botnets and performing DDoS attacks.
A new Adobe Flash zero day exploit has been identified, reportedly used in an attack on 10 October by a threat actor known as BlackOasis and delivered through a Microsoft Word document to deploy the FinSpy commercial spyware.
A new family of ATM malware, dubbed ATMii, is using legitimate proprietary libraries and a small piece of code to cause the machines to spit out money and targets older Windows versions.
Kovter Group malvertising campaign put millions at risk of ad fraud malware infections. Fake browser updates hoodwink users into installing malware.
Tech support scammers abuse Taboola and native ads to spread scam malware
Cyber-criminal group and malware variant DarkHotel has changed its tactics, and has been actively infecting political figures through spear phishing techniques, and via peer-to-peer networks explains Bogdan Botezatu.
Avast continued to reveal further details surrounding the cyberattack that placed a backdoor in its free computer maintenance app, CCleaner. Attack believed originated from a country located in the UTC + 4 or UTC + 5 time zones.
A new bootlocker malware is leaving researchers scratching their heads on whether to identify the malware as a poorly coded ransomware or a cleverly designed wiper.
MalwarHunterTeam tweeted out news of a screenlocker posing as ransomware where the bad guys request nude photos of the victim instead of money.
Unnamed major internet providers are reported to be the distribution route for the spread of a new variant of government spyware FinFisher (also known as FinSpy) in two countries, targeting people seeking privacy.
A new strain of banking malware is targeting Android users, security researchers have discovered. Red Alert Trojan targets more than 60 banking and social networking apps
Sophisticated attackers will subvert trusted suppliers of executable code such as software updates, consequently, Martin Lee says that a sophisticated response is required.
In Case You Missed It: Facebook spreads malware; Instagram celeb hack; Logon breach id key; Spambot weaponises 711 m accounts; CeX hacked