Security Experts:

Virus & Malware
long dotted


Paying off hackers after a ransomware infection could end up being a total loss, according to a study released Thursday which finds some attackers just take the money and run. [Read More]
Recent attacks aimed at a key organization in the European energy sector involved PupyRAT, a piece of malware used by Iran-linked threat groups. [Read More]
A newly discovered information stealer named Oski is targeting browsers and cryptocurrency wallets, with most victims observed in the United States. [Read More]
CISA has advised organizations using Pulse Secure VPN products to patch their installations as malicious actors continue to exploit a vulnerability fixed in April. [Read More]
The cybercriminals behind the TrickBot malware, who are believed to be based in Russia, have been using a new PowerShell backdoor in attacks aimed at high-value targets. [Read More]
A malicious application in the Google Play store targeted a recently patched Android zero-day vulnerability. The app has been linked to a threat group known for targeting military entities. [Read More]
A vulnerability affecting a Pulse Secure enterprise VPN product has been exploited by cybercriminals to deliver ransomware, a researcher warns. [Read More]
As if having their data encrypted wasn’t bad enough, businesses that fell victim to Maze ransomware now face another threat: their data could become public. [Read More]
A cyber-espionage group has targeted hundreds of industrial companies in South Korea and other countries using malware designed to steal passwords and documents. [Read More]
Sophisticated cybercrime groups have targeted North American gas stations with point-of-sale (PoS) malware, Visa warns. [Read More]

FEATURES, INSIGHTS // Virus & Malware

rss icon

Zeus 2.1 now boasts features that help it avoid analysis and hostile takeover from law enforcement, researchers, or competing cybercriminal organizations.
David Harley's picture
David Harley chimes in with some thoughts on the latest developments from the AMTSO and the Anti-Malware Industry.
David Harley's picture
The vulnerability in Windows Shell’s parsing of .LNK (shortcut) files presents some interesting and novel features in terms of its media lifecycle as well as its evolution from zero-day to patched vulnerability. For most of us, the vulnerability first came to light in the context of Win32/Stuxnet, malware that in itself presents some notable quirks.
David Harley's picture
The anti-malware industry sometimes sees more complicated problems than you might imagine, and they can’t all be fixed by tweaking detection algorithms or giving the marketing team a productivity bonus.
Mike Lennon's picture
Malvertising - Popular websites, blogs, and ad networks are fast becoming the preferred means of cybercriminals, identity thieves, and hackers to steal consumer information and distribute malicious content.
Markus Jakobsson's picture
Anti-virus products scan for malware in two ways. They look for sequences of bits that are found in programs that are known to be “evil” (but which are not commonly found in “good” programs)...