Malware/Cybercrime news, information, and how-to advice


listening thinkstock

Having ‘the ear of the CEO’ is key to battling cyberthreats

Former FBI director stresses the importance of an enterprise-wide approach to cybersecurity, while Congress considers legislation to promote sharing threat information.

White House

Malware used in White House and State Department hacks possibly linked to Russia

The malware is related to the MiniDuke, CosmicDuke and OnionDuke cyberespionage tools, researchers from Kaspersky Lab found

thunderbolt lightning storm skies nighttime

Lightning strike more likely than mobile malware

The threat of mobile malware infection is substantially overblown, according to a new report, with a typical user more likely to hit by lightning than be infected.

broken link in chain e006421

Poor WordPress documentation trips developers, yields plug-ins with XSS flaw

Website administrators should check if they have any affected plug-ins and update them in order to avoid attacks

point of sale terminal

New malware program Punkey targets point-of-sale systems

All signs point to an increase in the number of memory scraping malware programs infecting PoS terminals to steal payment card data

alligator camoflauge

Banking malware using a variety of tricks to evade detection

A new report from the Arbor Security Engineering and Response Team sheds light on how the sophisticated banking malware known as Neverquest or Vawtrak is able to evade detection, by using encryption, anonymous routers, and even...

ancient phone

Second-hand devices – cheaper but risky

Second-hand smartphones and tablets can be a great financial deal for those who don't mind last year's technology that still functions perfectly well. The problem - to both individuals and the enterprise - is that it can be very...

keyboard chinese flag china hacker

Chinese hacker group among first to target networks isolated from Internet

An otherwise unremarkable hacking group likely aligned with China appears to be one of the first to have targeted so-called air-gapped networks that are not directly connected to the Internet, according to FireEye.

data analytics thinkstock

Watermarks used to track data through Dark Web to Russia, Nigeria

How far does stolen data get before a breach is detected? That's the question Bitglass asked -- and answered -- in a recent experiment. The Cambell, Calif.-based company went on the Dark Web and planted documents filled with mocked-up...

copperhead snake

Malware writers take a page from the spam industry to evade detection

While the volume of cyberthreats declined slightly last year, their sophistication increased, according to a new report from Websense Security Labs


Russian hackers used State Dept. systems to Phish White House staffers

U.S. officials briefed on the investigation have told CNN that Russian hackers used their access after compromising the U.S. State Department to target sensitive information on the unclassified White House network.


BYOD and cloud are top data breaches and malware risks, survey shows

With the influx of personal devices in the workplace and the unprecedented risk of data breach and malware, tightening IT security at a company can seem like a daunting task. Just how difficult of a task is it?


TrueCrypt audit shows no sign of NSA backdoors, just some minor glitches

After more than a year of drama, the popular encryption software gets a mostly clean bill of health.

oil wells at sunrise 100838104

Cyberwar heats up in the Middle East

Two new malware campaigns have been spotted in the Middle East, according to reports released this week, one targeting energy companies and the other going after political targets in Israel and Lebanon.

security log monitoring

Cyber threat intelligence is crucial for effective defense

A new Ponemon report commissioned by Webroot underscores the importance of threat intelligence in developing a strong security posture.

abstract rack of servers datacenter networking hardware

Over 100,000 devices can be used to amplify DDoS attacks via multicast DNS

Over 100,000 devices have a misconfigured service called multicast DNS that accepts requests from the Internet and can potentially be abused to amplify distributed denial-of-service (DDoS) attacks.

President Obama at the State of the Union 2015

Obama approves sanctions against hackers with new executive order

President Obama has signed an executive order that authorizes the U.S. government to impose sanctions against those responsible acts of cyber crime, as well as those who helped support it.

energy usage

New malware program used in attacks against energy sector companies

The Trojan program is used for reconnaissance and distribution of additional malware, researchers from Symantec say

Load More