Malware
Malware | News, how-tos, features, reviews, and videos
Cybercriminals are increasingly using info-stealing malware to target victims
In the first seven months of this year, threat actors stole over 50 million passwords, 2 billion cookie files, details of 103,150 bank cards, and data from 113,204 crypto wallets.
DUCKTAIL malware campaign targeting Facebook business and ads accounts is back
The spear phishing group has revised its tactics and is employing more sophisticated techniques and tactics based on what appears to be extensive research into Facebook business and ads management accounts.
Cohesity previews AI-powered ransomware protection suite, Datahawk
Detection, data management and vaulting are all present in Cohesity’s new Datahawk SaaS application.
The 15 biggest data breaches of the 21st century
Data breaches affecting millions of users are far too common. Here are some of the biggest, baddest breaches in recent memory.
Geopolitics plays major role in cyberattacks, says EU cybersecurity agency
State-sponsored threat actors have targeted 128 government organizations in 42 countries that support Ukraine, as ransomware and DDoS rank as top forms of cyberattacks, says the EU Agency for Cybersecurity (ENISA).
Espionage campaign loads VPN spyware on Android devices via social media
Attackers built a fake online community and used a malicious VPN app to steal credentials and other user data.
White House ransomware summit highlights need for borderless solutions
Representatives from 36 countries and the EU agree that combatting ransomware requires international collaboration but legal systems need to catch up.
Phishing attacks increase by over 31% in third quarter: Report
Cybersecurity company Vade reports that attackers sent more than 203.9 million emails in the third quarter alone, up from 155.3 million in the prior quarter
With Conti gone, LockBit takes lead of the ransomware threat landscape
Two new reports show LockBit is now the dominate ransomware choice thanks to a void left by Conti and updated code.
Attackers switch to self-extracting password-protected archives to distribute email malware
This variation on an old technique does not require the victim to provide a password to execute the malware.
New Chinese attack framework Alchimist serves Windows, Linux, and macOS implants
Alchimist is easy to deploy and gives attackers a large suite of functionalities with which they can wreak havoc.
China’s attack motivations, tactics, and how CISOs can mitigate threats
A Booz Allen Hamilton report outlines global cyberthreats posed by the People’s Republic of China and gives some guidance on how to counter them.
New cryptojacking campaign exploits OneDrive vulnerability
While currently the campaign is only involved in cryptojacking, it exploits DLL sideloading, which can be used to deploy spyware or ransomware.
North Korea’s Lazarus group uses vulnerable Dell driver to blind security solutions
This first known exploit of the Dell vulnerability might inspire other malware developers who want to avoid detection of their code.
Malware builder uses fresh tactics to hit victims with Agent Tesla RAT
A new malware campaign uses the recently discovered Quantum Builder and sophisticated tactics to deliver malicious payload.
![Tech Spotlight > Analytics [CSO] > An image of a bottle of poison emanating binary code.](https://images.idgesg.net/images/article/2021/04/spot_analytics_04_cso_bottle_of_poison_by_arek_socha_aka_qimono_cc0-like_via_pixabay_binary_spiral_by_gordon_johnson_aka_gdj_cc0-like_via_pixabay_3x2_2400x1600_hero-100884335-small.3x2.jpg?auto=webp&quality=85,70)
SEO poisoning campaign directs search engine visitors from multiple industries to JavaScript malware
The sophisticated campaign sends victims looking for business forms and templates to sites containing malicious files.
Ransomware operators might be dropping file encryption in favor of corrupting files
Corrupting files is faster, cheaper, and less likely to be stopped by endpoint protection tools than encrypting them.
Ransomware is (slightly) on the decline, cyberinsurance company says
While ransomware attacks remain highly dangerous, data from a prominent insurer suggests that their frequency and severity is beginning to decline.