Ionut Arghire

“FruitFly” Mac Malware Creator Allegedly Spied On Victims for 13 Years

A recent set of attacks aimed at North Korean defectors and journalists were associated with a highly targeted campaign conducted by an actor that...

Free and open Certificate Authority (CA) Let’s Encrypt on Tuesday disabled TLS-SNI-01 validation after learning that users could abuse it to obtain certificates for...

SAP this week released its monthly set of security patches to address just three vulnerabilities in its products, all three rated Medium severity.

Security researchers at Trend Micro have discovered a malicious application in Google Play that was developed using the Kotlin programming language.

Your antivirus product could be spying on you without you having a clue. It might be intentional but legitimate behavior, yet (malicious) intent is...

VirusTotal this week announced the availability of a visualization tool designed to help with malware investigations. 

An application compiled just weeks ago was found to be an installer for a Monero miner designed to send the mined currency to a...

Firmware updates released by Western Digital for its MyCloud family of devices address a series of security issues, including a hardcoded backdoor admin account.

The official website of Ukraine-based accounting software developer Crystal Finance Millennium (CFM) was abused for the distribution of a variant of the ZeuS banking...

A feature in Microsoft Word that allows for the loading of sub-documents from a master document can be abused by attackers to steal a...

Ubuntu security updates planned for January 9 will patch the recently disclosed Meltdown and Spectre CPU vulnerabilties, Canonical has announced.

Following a takedown operation in early December 2017, the Andromeda botnet is expected to slowly disappear from the threat landscape, ESET says.

A recently discovered Linux crypto-miner botnet spreading over the SSH protocol is based on the Python scripting language, which makes it difficult to detect,...

Information on nearly a quarter million Department of Homeland Security (DHS) employees was exposed as part of an "unauthorized transfer of data", the DHS...

The LockPoS Point-of-Sale (PoS) malware has been leveraging a new code injection technique to compromise systems, Cyberbit researchers say.

A vulnerability affecting all versions of the GoAhead web server prior to version 3.6.5 can be exploited to achieve remote code execution (RCE) on...

Google patched several Critical and High severity vulnerabilities as part of its Android Security Bulletin for January 2018.

A vulnerability found in Internet-connected Sonos Play:1 speakers can be abused to access information on users, Trend Micro has discovered.

The Necurs botnet started 2017 with a four-month vacation, but ended the year sending tens of millions of spam emails daily as part of...