Windows shops be warned: New Internet Explorer bug lets hackers hijack your system

Chinese cybersecurity company Qihoo 360 has discovered (translation necessary) a new Microsoft Internet Explorer zero-day exploit it says is already being used in the wild. Qihoo’s 360 Security Center said the zero day, which it calls a “double kill” due to targeting Internet Explorer and any other apps that use the IE kernel, is already being used […]

This malware will take screenshots, steal your passwords and files – and drain your cryptocurrency wallet

A new strain of malware allows hackers to take action screenshots and steal passwords, to download files and even steal the contents of cryptocurrency wallets. Named ‘SquirtDanger’ after a dynamic-link library (DLL) file consistently served by its distribution servers, the malware is written in C Sharp and has multiple layers of embedded code. The malware is set […]

This malware targets Facebook log-in details, infects over 45,000 in just days

Users who download a painting software advertised as a tool for stress relief might soon find themselves stressed out because the program is actually a front for malware which steals their Facebook credentials and payment information. ‘StressPaint’ first appeared a few days ago and at the time of writing has infected over 45,000 Facebook users. […]

Cisco plugs critical hole in WebEx, users urged to upgrade ASAP

Cisco has fixed a critical vulnerability in its WebEx videoconferencing software that could be exploited to compromise meeting attendees’ systems by simply opening a booby-trapped Flash file shared in a meeting. The flaw is due to insufficient input validation by the Cisco WebEx clients, and affects Cisco WebEx Business Suite clients, Cisco WebEx Meetings, and Cisco […]

New Malware Adds RAT to a Persistent Loader

VBScript has long been an attack vector that could bring malicious software to an infected machine. But what if it could do more? What if VBScript could open a door to allow a PHP application access that would take control of a computer, making it part of a botnet? That’s precisely the scenario in a […]

Security researchers sinkholed EITest infection chain

Security researchers have managed to neutralize “EITest,” one of the oldest infection chains and thus preventing as many as two million potential malicious redirects a day. EITest relied on compromised websites – mostly WordPress-based, but also using other CMSes – to direct users to exploit kit landing pages and social engineering schemes, which then delivered a […]

New cryptomining malware doesn’t need a browser session to operate

Antimalware company Check Point has released their latest Most Wanted Malware report for March, and it’s warning of a surge in cryptomining malware attacks driven by the XMRig malware. Cryptomining malware, which uses the computing resources of an infected machine to mine cryptocurrency on behalf of the attacker, has been booming in the past several months, both on PCs […]

Thousands of compromised websites spreading malware via fake updates

Malicious hackers have been exploiting thousands of legitimate websites since at least December 2017 in a sophisticated campaign that has disguised malware as fake software updates. Security researchers at MalwareBytes report that they have uncovered evidence of thousands of compromised websites running popular content management systems (CMS) such as SquareSpace, WordPress and Joomla. Having injected malicious code […]

New Email Campaign Employs Malicious URLs

When it comes to malware, email still reigns supreme as the delivery mechanism of choice. The reasoning is simple: It’s cheap, it’s easily spoofed, and recipients are accustomed to getting messages from various sources. That means when a new attack is found, there’s a good possibility that it will spread successfully. Researchers at Barracuda Networks […]

Researchers Unearth New Malware Designed to Make ATMs Spew Out Cash

Researchers have recently discovered new kind of “jackpotting” malware—the sole purpose of which is forcing ATMs to spit out huge volumes of cash. According to Netskope, a California-based software company, the malware appears to share some functional similarities with ATM Ripper, a variant thought to be responsible for a slew of ATM heists last year […]