Last week, McAfee released a tool named AmIPinkC2, a Windows command-line application that removes remnant files of Pinkslipbot infections that allow the malware to continue to use previously infected computers as proxy relays, even if the original malware's binary has been cleaned and removed from infected hosts.
Security researchers from Pen Test Partners have discovered a new vulnerability that could allow the Mirai IoT worm to survive between device reboots, allowing the creation of a permanent IoT botnet.
A recent surge in Android banking malware can be traced back to December 2016, when a malware coder under the name of Maza-in uploaded a tutorial on how to build Android malware on an underground hacking forum named Exploit.in.
Each day, countless of security researchers are fighting the good fight in an effort to help companies remove malware from infected computers and servers.
Europol announced today that police across Europe arrested six users who were customers of a malware crypter service and a counter anti-virus platform developed by a 22-year-old German man.
In a US-CERT report released yesterday afternoon, the Department of Homeland Security (DHS) and the Federal Bureau of Investigation (FBI) have published IOCs about a malware family known as DeltaCharlie, used by North Korea to create its private DDoS botnet.
Security researchers have finally got their hands on samples of two new strains of Mac malware that have been offered through Malware-as-a-Service (MaaS) portals on the Dark Web for almost two weeks now.
Google's security team removed an Android app named "colourblock" from the official Play Store after security researchers from Kaspersky Labs discovered a dangerous trojan hidden inside it.
A cyber-espionage group known as Turla — believed to be the cyber-arm of Russian intelligence — has been playing around with a backdoor trojan disguised as a Firefox extension that uses comments on Britney Spears Instagram photos to store the location of its command and control (C&C) server.
Specially-designed malware installed on a router or a switch can take control over the device's LEDs and use them to transmit data in a binary format to a nearby attacker, who can capture it using simple video recording equipment.
ETERNALBLUE, an alleged NSA exploit targeting the SMBv1 protocol leaked by the Shadow Brokers in mid-April, has become a commodity hacking tool among malware developers.
If a large number of users are getting locked out of your organization's Active Directory domain, it is possible that some of them may have been infected with QakBot, a rare but very dangerous malware strain.
Security researchers have spotted a booby-trapped PowerPoint file that will download malware to a computer whenever a victim hovers a link, no macro scripts required.
A Chinese digital marketing company named Rafotech is behind a wave of inter-connected adware families that found their way onto the computers of millions of users.
For almost four months, script kiddies ran amok in one of Stanford's subdomains, installing web shells, mailers, and other types of web malware.
A man linked to an auto parts store in a disputed territory of Moldova is behind the Bachosens malware, a backdoor trojan used in a very small number of attacks, but one of the most advanced threats of its kind.
A self-proclaimed member of the Anonymous hacker collective is behind a campaign to spread the Houdini RAT and is currently looking into deploying the MoWare H.F.D ransomware.
Google has removed 41 Android apps from the official Play Store. The apps were infected with a new type of malware named Judy, and experts estimate the malware infected between 8.5 and 36.5 million users.
The developer of the EternalRocks SMB worm appears to have shut down his operation, following the intense media coverage his malware has received in the past seven days.