Two Romanian nationals have been sentenced to 20 and 18 years in prison in the United States for their roles in a multi-million dollar online fraud operation. [Read More]
A destructive wiper dubbed ZeroCleare and linked to Iran has been used in attacks targeting the energy and industrial sectors in the Middle East. [Read More]
A vulnerability dubbed 'StrandHogg' has been exploited by malicious Android apps and hundreds of popular applications are at risk of being targeted. [Read More]
A recently discovered Android banking Trojan that features a narrow target list and two-step overlays is capable of stealing both login credentials and credit card data. [Read More]
Intent-based segmentation, deception technology, and an integrated security fabric are essential tools in beating malware designed to avoid detection and analysis.
The origin story of Mimikatz — a post-exploitation module that has enabled criminals to steal millions of passwords around the world — reads like an over-the-top spy thriller.
The truth is that quite a lot of malware is developed by an organization—an actual office of people that show up and spend their working day writing malware for a paycheck.
History shows that, in security, the next big thing isn’t always an entirely new thing. We have precedents—macro malware existed for decades before it really became a “thing.”
The FUD crypter service industry is giving a second life to a lot of old and kind-of-old malware, which can be pulled off the shelf by just about anybody with confused ethics and a Bitcoin account.
A study found that over 98 percent of malware making it to the sandbox array uses at least one evasive tactic, and 32 percent of malware samples making it to this stage could be classified as “hyper-evasive".
The cost of electricity has led some to take shortcuts in the search for power sources - individuals and organizations are now being breached by cyber-criminals seeking to take advantage of corporate infrastructures.