Google discloses Microsoft Edge security flaw before it could be fixed

Google seems to be gunning for Microsoft again by going public with a vulnerability in Microsoft Edge before Microsoft could develop a patch. The flaw affects Microsoft’s Arbitrary Code Guard (ACG), which Microsoft described a year ago in a post about major security improvements released in the Creators Update of Windows 10. To mitigate arbitrary native code […]

Meet Coldroot, a nasty Mac trojan that went undetected for years

A Mac malware that can silently, remotely control a vulnerable computer and steal passwords from a user’s keychain has gone largely unnoticed by antivirus makers for two years — even though the code is readily available to download. Patrick Wardle, chief research officer at Digita Security, revealed in a blog post Tuesday details of Coldroot, a remote […]

We’re All Crypto Miners Now: Hacking Epidemic Churns Out Monero

There’s a chance your computer or phone is quietly producing a cryptocurrency called Monero. Criminals looking to commandeer massive processing power to unlock new Monero coins have unleashed an epidemic of malicious software that burrows deep into victims’ web browsers to surreptitiously run calculations. A security researcher discovered the latest attack last weekend, finding the […]

Looking for Love on Valentine’s Day? Email Scams Target Singles

Valentine’s Day can be hard for singles, and zombie bots are hoping to take advantage of those feeling particularly lonely. On Monday, IBM X-Force, a cloud-based platform that helps with computer threats, reported an increase in dating spam issuing from the Necurs botnet. The uptick started in January and increased onValentine’s Day. Read about the Valentine’s […]

AndroRAT: New Android malware strain can hijack older phones

An Android trojan that started out as an open-source project has been updated to allow hackers to gain access to virtually all data on infected devices. Silent installation, shell command execution and the collection of credentials, Wi-Fi passwords and screenshots are just some of the capabilities of AndroRAT, which exploits CVE-2015-1805, a Linux kernel vulnerability that […]

Fileless Malware: Not Just a Threat, but a Super-Threat

It’s almost like something out of Star Trek. Imagine an alien who can see you, but whom you can’t see — one who has violence on his/her/its mind. How would you fight it? How could you fight it? Invisible aliens may not have landed on earth just yet, but invisible malware — called fileless malware or in-memory malware […]

Mac Malware Getting Serious – Security No Longer Optional

Over the years most Apple Mac computer and laptop users were led to believe that their operating system is safe against viruses and malware unlike the Windows run PCs. However, this is changing as more and more Mac malware are making an appearance in the wild. One of the most common ways to trick users into […]

ATM ‘Jackpotting’ Attacks Reveal Deeper Problems

You probably know about ATM jackpotting attack if you are cybersecurity aware person.  For the uninitiated, ATM jackpotting attack involves cybercriminals injecting malware into ATMs to make them spew cash. The jackpotting epidemic started off in Asia, Europe, and Mexico before reaching the shores of United States. ATM jackpotting involves crooks who disguise themselves as technicians […]

Android malware: Millions fall victim to drive-by cryptocurrency miner

Millions of Android users have unwittingly lent their device to a drive-by cryptocurrency mining campaign in what’s believed to be the first large operation of this kind to specifically target mobile users. Malicious apps and sites with malvertising are redirecting millions of users to websites set up for the purposes of mining the Monero cryptocurrency. […]

UK government websites, ICO hijacked by cryptocurrency mining malware

A number of government websites in the UK, US, and Australia, including the UK Information Commissioner’s Office (ICO), have been compromised by cryptojacking malware. According to security researcher Scott Helme, over 4,000 websites have been affected. The security consultant was made aware of the scheme after another security expert pointed out that the ICO’s website had […]