A new analysis of a long-term APT campaign targeting manufacturers, industrial, pharmaceutical, construction and IT companies in several countries has uncovered fresh details of the attack, including identification of nearly 3,000 victims and the unmasking of the command-and-control infrastructure.
Browsing Category: Malware
Georgia Tech Research Institute has released an open source threat intelligence gathering tool called BlackForest that automates attack-data mining.
There is a critical vulnerability in millions of Android devices that allows a malicious app to impersonate a trusted application in a transparent way.
Researchers at Kaspersky Lab report on the infrastructure supporting the Koler ransomware, which not only has components targeting Android devices, but also redirects desktop browsers to other ransomware and exploit kits.
New ransomware has been dubbed Onion by researchers at Kaspersky Lab as its creators use command and control servers hidden in the Tor Network (a/k/a The Onion Router) to obscure their malicious activity.
The newest version of Mozilla Firefox includes an improved defense against malware downloaded through the browser, which could prevent many kinds of infections.
Despite FBI claims that CryptoLocker was neutralized in the GameOver Zeus botnet takedown, a researcher says that the ransomware is alive and evolving new variants.
There’s a new kid on the crypto ransomware block, known as Critroni, that’s been sold in underground forums for the last month or so and is now being dropped by the Angler exploit kit. The ransomware includes a number of unusual features and researchers say it’s the first crypto ransomware seen using the Tor network for command and control.
The new SSL Black List is a public list of certificates associated with a variety of malicious operations, including botnets, malware campaigns and banking Trojans.
Researchers have spotted a new banking Trojan advertised for sale on Russian forums. Kronos promises features that help it evade detection and analysis, such as a Ring3 rootkit.