Security Experts:

Virus & Malware
long dotted


CIA source code files published by WikiLeaks as part of the Vault 8 leak appear to show that the intelligence agency impersonated Kaspersky Lab [Read More]
Russia-linked cyber espionage group APT28 (Fancy Bear) delivers malware using recently disclosed technique involving Microsoft Office files and DDE [Read More]
Hamas-linked Gaza Cybergang targets new organizations and uses new tools, including an exploit and possibly Android malware [Read More]
The files encrypted by the Bad Rabbit ransomware can be recovered without paying the ransom, Kaspersky finds [Read More]
Researchers find profiling tool on some sites redirecting users to Bad Rabbit ransomware. Use of the tool suggests the attack was not financially motivated [Read More]
Contrary to initial reports, the Bad Rabbit ransomware does in fact use an NSA-linked exploit, namely EternalRomance, which NotPetya also used [Read More]
Infrastructure used in Bad Rabbit attack set up months ago. Many links found to NotPetya, believed to be the work of Russian TeleBots group [Read More]
LokiBot Android banking trojan turns into ransomware if users try to remove it. The gang behind the attack has made more than $1.5 million [Read More]
The Bad Rabbit ransomware attack that hit Russia and Ukraine has been linked to NotPetya, but the number of infections is far smaller [Read More]
Several major organizations in Russia and Ukraine hit by a new ransomware dubbed Bad Rabbit. Victims asked to pay 0.05 bitcoin [Read More]

FEATURES, INSIGHTS // Virus & Malware

rss icon

Zeus 2.1 now boasts features that help it avoid analysis and hostile takeover from law enforcement, researchers, or competing cybercriminal organizations.
David Harley's picture
David Harley chimes in with some thoughts on the latest developments from the AMTSO and the Anti-Malware Industry.
David Harley's picture
The vulnerability in Windows Shell’s parsing of .LNK (shortcut) files presents some interesting and novel features in terms of its media lifecycle as well as its evolution from zero-day to patched vulnerability. For most of us, the vulnerability first came to light in the context of Win32/Stuxnet, malware that in itself presents some notable quirks.
David Harley's picture
The anti-malware industry sometimes sees more complicated problems than you might imagine, and they can’t all be fixed by tweaking detection algorithms or giving the marketing team a productivity bonus.
Mike Lennon's picture
Malvertising - Popular websites, blogs, and ad networks are fast becoming the preferred means of cybercriminals, identity thieves, and hackers to steal consumer information and distribute malicious content.
Markus Jakobsson's picture
Anti-virus products scan for malware in two ways. They look for sequences of bits that are found in programs that are known to be “evil” (but which are not commonly found in “good” programs)...