Malware virus Trojan and spyware protection and removal
- February 01, 2018
Nearly 140 samples of malware that exploit the Meltdown and Spectre vulnerabilities have been discovered by AV-TEST, but most samples are based on existing proof-of-concept code.
- January 19, 2018
News roundup: Okiru, a new Mirai variant, could put over 1.5 billion devices at risk of a botnet. Plus, G Suite Enterprise now comes with a security center, and more.
- October 31, 2017
Kaspersky Lab finally explained how it came to possess Equation Group malware, but does the company's latest statement answer enough questions about the ongoing drama?
- October 26, 2017
Jeremiah Grossman, chief of security strategy at SentinelOne, talks with SearchSecurity about the science of developing a cyber warranty for threat detection products.
- September 27, 2017
At the (ISC)2 Security Congress, infosec professionals warned of sophisticated ransomware attackers that are using more advanced techniques to encrypt entire networks.
- September 19, 2017
CCleaner malware was spread to users via an infected software update for close to one month, highlighting the dangers of supply chain attacks and the need for code signing.
- August 16, 2017
In this week's Risk & Repeat podcast, SearchSecurity editors explore the FBI's case against security researcher Marcus Hutchins, better known as MalwareTech.
- August 04, 2017
Enterprises may see paying up as a quick path to ransomware recovery, but experts said there are many issues to consider when making that choice.
- August 01, 2017
Experts debated how the government should weigh disclosure in the Vulnerabilities Equities Process and whether to err on the side of offense or defense.
- July 28, 2017
News roundup: Adobe announced that Flash end of life will happen by the end of 2020. Plus, Microsoft expands its bug bounty program, the 2017 Pwnie Awards winners, and more.
- July 27, 2017
Security researchers at Black Hat 2017 analyzed the Industroyer malware, the attack on Ukraine's power grid and what it means for industrial control system security in the U.S.
- July 05, 2017
In this week's Risk & Repeat podcast, SearchSecurity editors discuss the NotPetya ransomware, its impact and the growing trend of sophisticated ransomware attacks.
- June 16, 2017
News roundup: DeltaCharlie malware is a threat to the U.S., according to a US-CERT warning about Hidden Cobra. Plus, a DVR flaw could create a bigger botnet than Mirai, and more.
- June 13, 2017
Researchers discovered new details of a Kiev ICS attack from December using CrashOverride malware that could be used to disrupt an insecure electrical grid.
- June 09, 2017
News roundup: Kaspersky files a complaint against Microsoft's handling of independent antivirus software for Windows 10. Plus, hackers use Instagram to spread malware, and more.
- May 24, 2017
Security researchers uncovered more info on how WannaCry spread, and a ransomware decryptor emerged to save files for those affected.
- May 18, 2017
Between patch delays and NSA disclosure issues, experts said the vulnerability remediation for WannaCry was poorly handled and caused more damage.
- May 15, 2017
Microsoft responds to WannaCry ransomware with an MS17-010 patch for legacy systems as new ransomware variants spread to more countries around the globe.
- May 05, 2017
There is no shortage of new types of ransomware, many with unique features, and experts say it's an exercise in innovation and finding revenue opportunity.
- April 28, 2017
The 2017 Verizon DBIR details threats becoming more popular, like ransomware, and some that are less known, but dangerous, like pretexting.
- April 25, 2017
A new security tool will let users scan their systems for the presence of NSA spyware found in the latest Equation Group leak, and tens of thousands are already infected.
- April 21, 2017
News roundup: The Hajime worm is the nicer, sneakier brother of Mirai malware. Plus, the FBI and CIA hunt for the Vault 7 whistleblower, Symantec adds to Zscaler lawsuit, and more.
- April 19, 2017
A new type of ransomware as a service has appeared on the dark web, with unique features and an inexpensive price to attract malicious actors.
- April 05, 2017
One of the more malicious iOS threats -- Pegasus malware -- has made its way to Android devices and it has some dangerous new tricks in its arsenal.
- March 14, 2017
RSAC 2017: With malware-detecting software increasingly coming under fire for vulnerabilities, find out what the experts had to say about the future of the antivirus industry.
- March 14, 2017
Security researchers found Android ransomware and malware pre-installed on popular devices, putting users at risk for information theft, tracking and more.
- February 24, 2017
News roundup: U.K. authorities arrested a suspect in the Mirai malware attack on Deutsche Telekom. Plus, a judge denies a government request to collect fingerprints, and more.
- February 13, 2017
With the rapid expansion of the ransomware threat landscape, defenders are scrambling to find ways to fight back. RSAC 2017 dedicated a full day for a ransomware seminar.
- January 31, 2017
The Washington, D.C., Police Department spotted hacked CCTV cameras before the inauguration and has remediated the ransomware, but questions still surround the attack.
- January 06, 2017
The threat of ransomware continues to evolve, with a new spin on extortionware, called doxware, that's designed to target and potentially expose sensitive data of ransomware victims.
- December 30, 2016
White Ops CEO Michael Tiffany talks with SearchSecurity about why ad fraud campaigns are so successful and what can be done to stop the spread of ad fraud botnet infections.
- December 28, 2016
A new Android Trojan, 'Switcher,' performs brute-force attacks on wireless routers' default passwords to target DNS server configurations and hack connected devices.
- December 23, 2016
News roundup: A report finds the ad fraud campaign Methbot makes more than $3 million daily; plus, new Linux malware targets SSH, the latest on the Shadow Brokers and more.
- December 22, 2016
Researchers found the Fancy Bear threat group used mobile malware to track the Ukraine military, lending more confidence to assertions the group is linked to the Russian government.
- December 12, 2016
New unpublished ransomware includes a number of unique tactics including offering victims ransomware decryption keys in exchange for infecting more targets.
- November 30, 2016
Researchers said a modified version of the Mirai botnet code has been attacking routers by exploiting a specific vulnerability and may leave millions at risk.
- November 29, 2016
The San Francisco Municipal Transportation Authority restored systems without paying following a ransomware attack that allowed free rides for travelers over the weekend.
- November 29, 2016
Ad fraud is a costly problem, but it's often overlooked. White Ops CEO Michael Tiffany talks with SearchSecurity about why it's time to address this cybercrime scheme.
- November 17, 2016
A Chinese company was found to be preinstalling Android spyware on budget smartphones and collecting phone call and messaging data without consent.
- November 16, 2016
Researchers discover Italian-sourced Android spyware linked to Hacking Team, but it could be the work of another surveillance software vendor.
- November 04, 2016
Roundup: Mirai botnet attacks take down Liberia internet, as a new IoT botnet adapts old malware. Plus, the latest on Dirty COW and the WoSign certificate authority controversy.
- October 31, 2016
In its latest data dump, The Shadow Brokers dropped a list of Equation Group-targeted servers across the globe that may have been used to stage NSA exploits and hacking tools.
- October 26, 2016
Headlines about Android malware often gloss over just how difficult the process is for a user to install a malicious app on a device. Let's talk about that.
- October 17, 2016
The first auction of NSA cyberweapons didn't generate much money for the Shadow Brokers, so the group is changing tactics with a direct sale of the files.
- October 14, 2016
The Odinaff banking Trojan has been found targeting the SWIFT messaging system at financial institutions around the world and may have links to the infamous Carbanak group.
- October 04, 2016
Mirai, the IoT botnet malware code used in the massive DDoS attack on Brian Krebs' website, has been released to the public and highlights a problem of using default passwords.
- September 23, 2016
A new FBI ransomware alert urges victims to report incidents to federal law enforcement, gives defense tips and urges victims to avoid paying a ransom, if possible.
- September 21, 2016
Symantec patched another set of serious file parsing flaws in its antivirus products, which were discovered by Google Project Zero researcher Tavis Ormandy.
- August 26, 2016
Intel and Kaspersky cooperate with authorities to snuff out Wildfire with a ransomware decryption tool and end the threat from a $79,000 per month campaign with over 5,000 victims.
- August 19, 2016
Mystery continues to surround the Shadow Brokers' release of Equation Group vulnerability exploits and hacking tools, as vendors scramble to patch zero days.
- August 19, 2016
Dell's Brett Hansen explains why machine learning security is better than signature-based detection and how it can stop emerging threats.
- August 19, 2016
Google AdSense malware has been silently delivered to Android devices, but the danger seems to be mitigated by Google itself.
- August 16, 2016
Fidelis Cybersecurity reports notorious Vawtrak banking Trojan gets upgrades to increase security and evade detection, including SSL pinning and domain generation algorithm.
- July 28, 2016
Dell's Brett Hansen discusses his company's new approach to advanced threat protection, which leaves behind signature-based detection and embraces machine learning.
- July 14, 2016
A new 'ransomware' variant, which could be considered more scareware, doesn't encrypt files at all and instead deletes data and tricks victims into paying anyway.
- June 27, 2016
Hit by a ransomware attack, a NASCAR race team paid to restore data worth millions, then called on Malwarebytes to secure their systems -- and Malwarebytes joined up as a sponsor.
- June 16, 2016
The Lurk group hacker arrests in Russia came at the same time as the shutdown of a major exploit kit, ransomware family and botnet, but no one is sure if it is coincidence or causation.
- June 15, 2016
In this Risk & Repeat podcast, SearchSecurity editors break down the discovery of the ZCryptor ransomware worm and what it means for future ransomware threats.
- June 14, 2016
User education, ransomware attacks and cyberliability insurance are among the hot topics for infosec attendees at the annual 2016 Information Security Summit.
- June 10, 2016
As the University of Calgary contends with a ransomware attack, the actors behind CryptXXX are rolling out patches and upgrades and attackers are shifting from Angler to Neutrino EK.
- June 07, 2016
FireEye researchers spotted the Angler exploit kit bypassing the current Microsoft EMET version 5.5 security tool running on Windows 7 to subvert Flash and Silverlight.
- June 01, 2016
Microsoft warned users of a rare ransomware worm affecting older versions of Windows, but experts are wary of the recommended mitigation technique.
- May 19, 2016
In a move that surprised and confused experts, the TeslaCrypt master key was released, effectively killing the ransomware.
- May 11, 2016
Representatives in Congress have received a ransomware warning following an increased number of attacks perpetrated via phishing schemes.
- April 21, 2016
Up to 3.2 million servers with unpatched JBoss vulnerability from 2010 are open to spread ransomware through networks; experts urge keeping up with software patches to stay safe.
- March 31, 2016
A new ransomware vaccine promises to protect against infections by popular ransomware variants like Locky and TeslaCrypt, but experts are wary about implementation and security.
- March 25, 2016
A series of ransomware attacks have been reported at hospitals in the U.S. and Canada, leading to experts recommending automated backup for enterprises.
- March 16, 2016
Research has uncovered ransomware attacks that begin with a sophisticated phishing campaign hitting users around the globe.
- February 16, 2016
The FBI, along with the LAPD, began investigating a ransomware attack at a Hollywood hospital that has crippled the facility's operations and could cost millions.
- January 15, 2016
- January 04, 2016
Russia-based threat actors were accused of attacking media outlets and electric companies in Ukraine using BlackEnergy malware.
- December 23, 2015
Juniper firewalls are reportedly vulnerable to two serious backdoors, and the NSA may be at least indirectly responsible for one that exposes VPN data.
- December 10, 2015
The FBI has admitted to using zero-day exploits rather than disclosing them, and experts say this should not be a surprise considering the history of federal agency actions.
- November 06, 2015
News roundup: Troubling research on PKI certificate revocation; encryption research finds usability lacking; GnuPG adds features. Plus: More zero-days, xCodeGhost still haunting Apple and more.
- November 02, 2015
CoinVault and Bitcryptor variants of ransomware have been declared dead after the authors were arrested and decryption keys were recovered by law enforcement.
- November 02, 2015
A new report analyzed Cryptowall 3.0 ransomware attacks and found that it may have cost victims $325 million and that money may be going to a single source.
- October 09, 2015
Team White hackers have taken credit for infecting more than 300,000 devices with the Wifatch malware designed to harden security, but experts still question the team's vigilante actions.
- October 02, 2015
An unknown source is infecting thousands of routers with malware not to intentionally cause harm, but apparently as an act of white hat security vigilantism to make the routers safer.
- October 01, 2015
A new study has found that although flaws are most likely to be exploited within 60 days of discovery, companies can take between 100 and 120 days for vulnerability remediation.
- September 25, 2015
Kaspersky Lab has fixed some of the vulnerabilities in its antivirus products, but a new report from Google Project Zero reveals there's more work to be done.
- September 25, 2015
News roundup: More fingerprint records were stolen during the OPM breach than originally reported. Plus: the $1 million iOS bounty; DHS CISO calls for harsher phishing policies; Safe Harbor in hot water.
- September 18, 2015
News roundup: Additional research shows a Cisco router implant affects more devices than originally reported. Plus: Let's Encrypt's first cert issued; Tor in the library; the mitigated (but not fixed) iOS AirDrop vulnerability.
- August 27, 2015
Malvertising campaigns are becoming more effective due to the popularity of the Angler EK and its use of Flash zero-day vulnerabilities. And one expert says ad blockers are not the answer.
- August 07, 2015
News roundup: ICANN confirmed its members' credentials were stolen Wednesday, forcing the nonprofit to enforce a site-wide password reset. Plus: VPN provider being used for APTs; Thunderstrike strikes again; Windows 10 security in its first week.
- June 26, 2015
RubyGems software packaging client was found to have a DNS vulnerability that redirects users to malicious gem servers.
- June 26, 2015
New roundup: Sometimes the least of threats -- such as click fraud -- can end up being the bigger issues -- like ransomware. Plus: U.S. Navy won't let go of XP; U.S./China cyber code of conduct; and more!
- June 19, 2015
News roundup: Details have emerged about weaknesses in OS X and iOS that allow attackers to upload malware and steal passwords and data. Plus: More jump on HTTPS bandwagon; CSO/CDO salaries increase; 23% of software app components contain flaws.
- June 12, 2015
News roundup: The call for ubiquitous HTTPS has grown stronger as of late; the White House and Apple are hoping to help push the movement. Plus: The cost of cybersecurity management to rise 38%; a 165% ransomware increase; gender salary gap closes?
- June 11, 2015
The first strain of Duqu malware was found in late 2011. Now three and a half years later, Duqu 2.0 has emerged and is exploiting as many as three zero-day vulnerabilities in a new attack campaign.
- May 29, 2015
News roundup: Cybersecurity is finally garnering attention at the boardroom table, but not necessarily for the right reasons. Plus: Ponemon's "Cost of Data Breach"; D-Link vulnerabilities; NitlovePOS; bad bots.
- May 22, 2015
News roundup: New research highlights the changing nature of DDoS attack frequency and methodology. Plus: New malware strains double in second half of 2014; two new address bar spoofing vulnerabilities.
- May 22, 2015
As privacy and security concerns rise, President Obama is urged to dismiss the call for government backdoors.
- May 15, 2015
News roundup: Microsoft released security details of its new Edge browser, but is enough to restore user confidence? Plus: Millennial security threats; new ransomware, GPU-based malware; black hat cybersecurity services.
- May 08, 2015
News roundup: Contradicting mobile malware statistics published this year prove the mobile malware debate is alive and well. Plus: SAP vulnerabilities; spam-sending Linux malware; criminal attacks leading healthcare threat.
- May 04, 2015
Seculert research discovers that a new version of the financial malware Dyre is avoiding sandbox detection by counting the number of cores.
- April 23, 2015
At RSA Conference 2015, John Pescatore offered real-world case studies proving that information security technologies can help prevent data breaches.
- April 22, 2015
An Atlanta-based threat prevention company says the chances of acquiring mobile malware infection are as slim as the chance of being struck by lightning.
- April 21, 2015
INTERPOL collaborated with Trend Micro, Microsoft and Kaspersky to take down botnet affecting 770,000 users.
- April 14, 2015
A '60 Minutes' interview Sunday revealed that not only did Sony Pictures fall victim to well-known, off-the-shelf malware, but that the attackers also destroyed thousands of computers and servers after stealing the data.
- April 10, 2015
Security researchers say Webpage Screenshot, a popular third-party extension for Google Chrome, was secretly collecting end-user browsing data. Its true purpose and how Google missed it remain up for debate.