WikiLeaks dumped today the manuals of several hacking utilities part of Brutal Kangaroo, a CIA malware toolkit for hacking into air-gapped (offline) networks using tainted USB thumb drive.
Windows computers are being targeted with a new cryptocurrency miner that uses an NSA hacking tool to infect users' PCs. Detected under the generic name of Trojan.BtcMine.1259, this trojan was first spotted last week by Russian antivirus vendor Dr.Web.
Several security researchers have spotted an increase in malware campaigns distributing the TrickBot banking trojan, going after a host of targets ranging from regular e-banking applications to PayPal accounts and business CRMs.
Last week, McAfee released a tool named AmIPinkC2, a Windows command-line application that removes remnant files of Pinkslipbot infections that allow the malware to continue to use previously infected computers as proxy relays, even if the original malware's binary has been cleaned and removed from infected hosts.
Security researchers from Pen Test Partners have discovered a new vulnerability that could allow the Mirai IoT worm to survive between device reboots, allowing the creation of a permanent IoT botnet.
A recent surge in Android banking malware can be traced back to December 2016, when a malware coder under the name of Maza-in uploaded a tutorial on how to build Android malware on an underground hacking forum named Exploit.in.
Each day, countless of security researchers are fighting the good fight in an effort to help companies remove malware from infected computers and servers.
Europol announced today that police across Europe arrested six users who were customers of a malware crypter service and a counter anti-virus platform developed by a 22-year-old German man.
In a US-CERT report released yesterday afternoon, the Department of Homeland Security (DHS) and the Federal Bureau of Investigation (FBI) have published IOCs about a malware family known as DeltaCharlie, used by North Korea to create its private DDoS botnet.
Security researchers have finally got their hands on samples of two new strains of Mac malware that have been offered through Malware-as-a-Service (MaaS) portals on the Dark Web for almost two weeks now.
Google's security team removed an Android app named "colourblock" from the official Play Store after security researchers from Kaspersky Labs discovered a dangerous trojan hidden inside it.
A cyber-espionage group known as Turla — believed to be the cyber-arm of Russian intelligence — has been playing around with a backdoor trojan disguised as a Firefox extension that uses comments on Britney Spears Instagram photos to store the location of its command and control (C&C) server.
Specially-designed malware installed on a router or a switch can take control over the device's LEDs and use them to transmit data in a binary format to a nearby attacker, who can capture it using simple video recording equipment.
ETERNALBLUE, an alleged NSA exploit targeting the SMBv1 protocol leaked by the Shadow Brokers in mid-April, has become a commodity hacking tool among malware developers.
If a large number of users are getting locked out of your organization's Active Directory domain, it is possible that some of them may have been infected with QakBot, a rare but very dangerous malware strain.
Security researchers have spotted a booby-trapped PowerPoint file that will download malware to a computer whenever a victim hovers a link, no macro scripts required.
A Chinese digital marketing company named Rafotech is behind a wave of inter-connected adware families that found their way onto the computers of millions of users.
For almost four months, script kiddies ran amok in one of Stanford's subdomains, installing web shells, mailers, and other types of web malware.
A man linked to an auto parts store in a disputed territory of Moldova is behind the Bachosens malware, a backdoor trojan used in a very small number of attacks, but one of the most advanced threats of its kind.