Written By Shane Schick

Spam Campaigns Using IQY Files Infect Japanese Users With BEBLOH and URSNIF Malware

Researchers discovered spam campaigns last month that exploited IQY files to flood Japanese users with BEBLOH and URSNIF malware.

DanaBot’s Anti-VM Update Shows How Quickly Financial Cyberthreats Evolve

DanaBot, one of the most recent financial cyberthreats, has developed a way to avoid detection on virtual machines as it shifts focus from Australia to Poland.

Security Threat Group Spoofs Login Screens to Gain Unauthorized Access at 76 Universities in 14 Countries

A security threat group called COBALT DICKENS used more than 16 domains and 300 websites to create bogus login screens for 76 different universities in an attack that spanned 14 countries.

AppleJeus Trojan Targets Both Windows and MacOS in Attack Against Cryptocurrency Exchange

A recent attack against a cryptocurrency exchange planted a Trojan that spread across both Windows and MacOS machines to steal information and digital coins, according to security researchers.

Ramnit Infects More Than 100,000 Machines in Two Months

A new campaign involving the Ramnit botnet that infected 100,000 computers over a two-month period may foreshadow an even larger attack, researchers warn.

Princess Evolution Offers Majority of Spoils to Ransomware-as-a-Service Affiliates

The creators of a ransomware-as-a-service threat dubbed Princess Evolution are looking for affiliates to spread the Rig exploit kit in exchange for 60 percent of what's stolen.

New Ransomware Attacks Use Powerful Encryption to Impede Analysis and Evade Detection

New ransomware attacks from GandCrab suggest that the authors are moving quickly to improve its ability to evade detection and impede analysis by security researchers.

Banking Trojans Trickbot and IceID Partner for Distribution and Development

Trickbot has formed a partnership with another banking Trojan, IcedID, to help distribute each other's malware more widely — and possibly co-develop new capabilities.

Emotet Trojan Uses Complex Modules to Evade Standard Protection

According to security researchers, the Emotet Trojan is not only still active but has become more sophisticated and persistent in the four years since its initial discovery.

Phishing Campaign Uses FTP Links to Deliver DanaBot Banking Trojan

Australian businesses have been targeted in a phishing campaign that uses FTP links to deliver the DanaBot banking Trojan, which is designed to steal financial information and other private data.