RubyMiner malware plants XMRig on vulnerable systems. Security researchers have discovered malware aimed at Linux and Windows servers running to mine cryptocurrency.
Researchers have attributed six separate phishing campaigns targeting South Koreans in either 2017 or 2018 to a single threat actor called "Group123."
A new variant of the disk wiping malware KillDisk is targeting financial firms in Latin America to wreak havoc without leaving so much as a note.
Malware can steal passwords, take screenshots and access files. Security researchers have discovered new Mac malware that can hijack DNS settings.
Cisco Talos researchers identified multiple unpatched vulnerabilities in the Blender Open Source 3D creation suite that could allow an attacker to run arbitrary code.
Facebook's 2017 Bug Bounty programme paid out US$ 880,000 (£638,000) to more than 100 researchers and will update its Thanks page in 2018 to reflect dollar amount and submission validity, among other items.
Malwarebytes researcher Jerome Segura analysed a RIG exploit campaign distributing malware coin miners delivered via drive-by download attacks from malvertising.
A newly proposed legislation introduced by two Democratic US senators aims to impose stiff, mandatory penalties on credit reporting agencies (CRAs) that fail to protect consumers' sensitive information from data breaches.
Security researchers have found that freight messaging systems can be subverted to send money to criminals.
Researchers have discovered a fake utility app called Swift Cleaner that they believe may be the first Android mobile malware developed using the open-source Kotlin programming language.
A GulfTech researcher spotted multiple vulnerabilities In Western Digital's MyCloud products, some of which could lead to remote code execution and unauthorised access.
Researchers at the US' Carnegie Mellon University and University of North Carolina at Chapel Hill developed a technique to fool facial recognition algorithms including those used at airports.
Security researchers have discovered a flaw in the AMD PSP (Platform Security Processor), which could enable hackers to execute code in a security module that stores data such as passwords, certificates, and encryption keys.
What remains of the Andromeda botnet that was largely dismantled in a November 2017 global law enforcement operation will probably "slowly disappear" as remediation continues into 2018, predicted one cyber-security company.
Trend Micro researchers notified Google that 36 malicious apps on Google Play are posing as security tools.
An independent security researcher called Siguza revealed a local privilege escalation Zero Day in macOS that can be exploited by any unprivileged user.
Researchers from Nanyang Technological University in Singapore developed a technique to leverage a phones sensors to guess a user's PIN code.
The Necurs botnet continued to launch massive global ransomware attacks through the holidays with researchers stopping as many as 47 million emails per day.
VMware on Tuesday patched a series of vulnerabilities in its ESXI, Workstation Pro, and Fusion hypervisors, as well as its vCenter Server Appliance.
Security researchers have discovered a new attack vector launched through Microsoft Excel spreadsheets, and the Loki Bot has just recently expanded into other Office applications.
A Google researcher has uncovered a severe security flaw in a password management tool that has been widely bundled with Windows 10.
Trend Micro researchers spotted two ATM malware families one of which, Prilex, uses highly targeted attacks to hijack banking applications and another, Cutlet Maker, which is a flexible standalone application for emptying the ATM's safe.
A flaw in the way Microsoft Azure Active Directory (AD) Connect configures the AD synchronisation account in Office 365 hybrid installations, creates stealthy admins in the user group by default.
Security researchers have discovered a new, invasive OSX.Pirrit adware variant targeting Mac OS X that enables cyber-criminals to take full control of a user's Mac computer.
Researchers recently discovered that a nearly two-decade-old vulnerability in TLS stacks was still exploitable due to insufficient protective counter-measures some used by highly popular websites.
A critical security bug put millions of banking app users at risk, according to researchers from the University of Birmingham.
As our cars become more connected and our society moves closer to wide spread autonomous driving, researchers and companies alike are calling for national standards to help secure connected vehicles.
New Doppelganging attack process memory attack methodology not only defeats market-leading security products but breathes new life into old threats at the same time.
Checkpoint researchers discovered several vulnerabilities in Android application developer tools that put any organisation that does Java/Android development at risk of an outsider gaining access to their system.
New Golden Ticket technique could allow hackers to authenticate themselves with cloud services and enable any level of privilege.