Malware & Vulnerabilities

Malware and vulnerabilities news, trends, analysis and practical advice

android security
woman on tablet with broken lock

security hacker privacy

String of fileless malware attacks possibly tied to single hacker group

Several attacks observed over the past few months that rely heavily on PowerShell, open-source tools and fileless malware techniques, might be the work of a single group of hackers.

petya ransomware logo

Hackers use dangerous Petya ransomware in targeted attacks

A group of attackers has found a way to hijack the Petya ransomware and use it in targeted attacks against companies without the program creators' knowledge.

android studio plugins and extensions

Android devices coming with preinstalled malware

Android devices were infected with malware at some point after leaving the manufacturers, but before landing in the hands of companies' employees.

Security

After CIA leak, Intel Security releases detection tool for EFI rootkits

Intel Security has released a tool that allows users to check if their computer's low-level system firmware has been modified and contains unauthorized code.

screen shot 2017 03 09 at 9.58.02 am

Assange: CIA had lost control of its cyberweapon documents

Information about purported CIA cyberattacks was "passed around" among members of the U.S. intelligence community and contractors before it was published by WikiLeaks this week, Julian Assange says.

hacker, hackers, hacking

Leaked docs suggest NSA and CIA behind Equation cyberespionage group

Purported CIA documents leaked Tuesday appear to confirm that the U.S. National Security Agency and one of the CIA's own divisions were responsible for the malware tools and operations attributed to a group that security researchers...

cia cyber

CIA hacking tools targeting Windows

These purportedly are a few of the 'secret' tools in the CIA arsenal that target the Windows operating system.

cia

CIA repurposed Shamoon data wiper, other malware

The U.S. Central Intelligence Agency documents published by WikiLeaks Tuesday shows that one of the agency's teams specializes in reusing bits of code and techniques from public malware samples.

Legislation of privacy security keyboard law legal gavel court ruling

U.S. drops child porn case to avoid disclosing Tor exploit

The U.S. Department of Justice is asking a federal court to dismiss its indictment in a case that involves a child porn site known as Playpen, after a judge asked the government to disclose the hacking technique it used to gather...

malware attack cyberespionage code hacker

Fileless PowerShell malware uses DNS as covert channel

Targeted attacks are moving away from traditional malware to stealthier techniques that involve abusing standard system tools and protocols that are less frequently monitored.

Digital Key encryption

Free decryption tools now available for Dharma ransomware

Researchers have created decryption tools for the Dharma ransomware after someone recently leaked the encryption keys for it.

malware threat hack hacked bug cyberthreat

Dridex: First banking Trojan with AtomBombing to better evade detection

Dridex v4 includes an AtomBombing technique upgrade so the malware is even better at evading detection.

dl speedport hybrid

Police arrest man suspected of building million-router German botnet

Last year, someone turned a German internet service provider into a million-router botnet. German police think they will soon have the culprit.

Digital Key encryption

New macOS ransomware spotted in the wild

A new file-encrypting ransomware program for macOS is being distributed through bit torrent websites, and users who fall victim to it won't be able to recover their files -- even if they pay.

windows trouble controversy crash problem hacked

What’s up with Windows patching, Microsoft?

A month late? Seriously? It’s both outrageous and unsurprising.

code hacker cyberespionage eye data

Hackers behind bank attack campaign use Russian decoy

The hackers behind a sophisticated attack that has targeted financial organizations around the world have intentionally inserted Russian words and commands into their malware in an attempt to throw investigators off.

20160224 stock mwc freeway cars traffic barcelona

Insecure Android apps put connected cars at risk

Android applications that allow millions of car owners to remotely locate and unlock their vehicles are missing security features that could allow hackers to easily hijack their functionality.

dsc05783

Experts at RSA offer up their best cybersecurity advice

Come to the RSA show, and you’ll find plenty of cybersecurity technology. The top vendors from across the industry are here, showing products for fighting ransomware, preventing data breaches and more.

Load More