Researchers at cyber security company Check Point have uncovered a new malware variant that has breached more than a million accounts and is infecting over 13,000 Android devices a day.

Called Gooligan, the malware roots Android devices and steals email addresses and authentication tokens stored on them. With this information, attackers are able to access users' sensitive data from Gmail, Google Photos, Google Docs, Google Play, and G Suite.

Continue reading →

In the run up to one of the hospitality industry's busiest periods, cyber criminals are targeting hotel chains with a series of targeted attacks.

Cyber security company Trustwave has investigated the attacks, which combine social engineering with sophisticated malware, against a number of its clients in the past month.

Continue reading →

Malware spreads through various channels, and numerous methods are used to fool people into unwittingly installing it. In many cases, the promise of getting something for free -- naming expensive software -- is enough to trick a victim into infecting their own computer.

It's far from being a new tactic, and warnings have been issued to fans of torrenting for some time. Keygens (small programs that promise to provide unlock codes and product keys for big-name software titles) are being used to help spread the Gatak or Stegoloader Trojan. Something that is interesting about this malware campaign is that it is specifically targeting enterprise users, with a particular focus on the healthcare industry.

Continue reading →

Malware purveyors have been making use of cloud services for some time, sending cloud-storage links that host malware to victims is an efficient way for cyber criminals to operate.

In a new twist to the technique, Forcepoint Security Labs has discovered that cybercriminals have been utilizing compromised Microsoft OneDrive for Business accounts to host malware since at least August of this year.

Continue reading →

A new Kaspersky Lab report says a lot of us end up with viruses on our machines, but we just don't know how. But, in fact, we very much do. Here are the report's figures.

Almost half (42 percent) of internet users have either come across or have been targeted by malware online. A fifth of those (22 percent) have fallen victim to it, and almost a third (29 percent) have "no idea how it ended up on their device".

Continue reading →

We tend to think of storage as being a target when it comes to malware attacks with cyber criminals seeking to steal data or encrypt it to demand a ransom. But in fact technology can make storage part of the solution.

Hybrid storage specialist Reduxio believes innovative storage can be used to fight and defeat ransomware and malware. We spoke to Reduxio's Jacob Cherian (VP of product strategy) and Mike Grandinetti (chief marketing and corporate strategy officer) to find out how.

Continue reading →

Philips Hue light bulbs could be vulnerable to a cyber attack, according to researchers who have developed a proof-of-concept worm capable of spreading from bulb to bulb with the power to turn the lights on and off.

The researchers efforts at gaining access to the connected light bulbs was detailed in their paper titled IoT Goes Nuclear a ZigBee Chain Reaction. The worm they created was able to gain access to the Philips Hue devices by exploiting hard-coded symmetric encryption keys that are used to control devices over Zigbee wireless networks.

Continue reading →

Google has decided to rework the way it classifies dangerous and harmful sites in an effort to better protect users from being infected by malware.

The search engine has tried to protect its users for a number of years by displaying a warning when a link appears that could lead them to an unsafe site trying to infect their systems with malware or trying to obtain their personal information through phishing.

Continue reading →

A new report from Kaspersky Lab reveals that its products blocked 73,066,751 attempts to attack users with malicious attachments during the third quarter of this year.

This represents the largest amount of malicious spam since the beginning of 2014 and is a 37 percent increase compared to the previous quarter. The majority of the blocked attachments were ransomware trojan downloaders.

Continue reading →

Security company McAfee warns that the cybercriminals behind the Cerber ransomware have begun to target businesses as well as individuals by encrypting their databases until payment is received.

During July, those responsible for Cerber launched over 160 campaigns at 150,000 users. These attacks generated $195,000 in that month -- of which the developer behind the ransomware received $78,000. Overall it is estimated that creating and using ransomware to launch cyberattacks earns the creators of the malware and those who employ it in their attacks around $1 million to $2.5 million a year. The infosec firm Trustwave noted in 2015 that a ransomware creator could earn up to $84,000 a month just by selling their malware on the dark web.

Continue reading →

Researchers at threat prevention company Cylance have discovered a malvertising campaign on Google AdWords for the search term "Google Chrome", where unsuspecting macOS users were being tricked into downloading a malicious installer.

The installer, identified as "OSX/InstallMiez" (or "OSX/InstallCore"), ultimately downloads a malicious file named "FLVPlayer.dmg". The malware hash changes on each download, making it difficult to detect and track.

Continue reading →

If someone sends you a document, modern versions of Microsoft Office will automatically open it in Protected View, to keep you safe from malware. If you need to edit it, you can do so, but it's at your own risk.

Office 2016 also gives administrators the ability to prevent users from running macros in Office documents that originated from the Internet, adding further protection. Frustratingly, this feature wasn’t made available in Office 2013, leaving users of the older suite at risk.

Continue reading →

Because it isn't detected by traditional, signature based anti-virus solutions, zero-day malware has the potential to wreak havoc in businesses of all sizes.

Cyber security company Comodo is launching a new, free forensic analysis service to help enterprises discover previously unknown and undetected malware that could cause serious security issues or data breaches.

Continue reading →

Following the large scale cyberattack that took down a number of high-profile sites last Friday, a Chinese electronics component manufacturer has admitted that its products were used by the attackers behind the disruption.

Hangzhou Xiongmai Technology, which produces DVRs and internet-connect cameras, has come forward to acknowledge that its products were exploited and that the attackers had taken advantage of security vulnerabilities resulting from weak default passwords.

Continue reading →

When people think of online malware, they sometimes think infections only come from 'bad' websites, such as pornography and warez. Yeah, those types of sites can definitely house malware, but so can any site. In fact, bad guys will often target users through seemingly wholesome places, where a person may let their guard down.

Today, McAfee announces its annual 'Most Dangerous Celebrities' list. No, the celebrities themselves are not a danger to the public -- as far as I know, at least. Actually, these are people that, when their names are entered as search terms, can cause an increased chance of leading to malware. For 2016, McAfee lists Amy Schumer as the most dangerous in this regard.

Continue reading →