Written By Shane Schick

Threat Actors Combine Windows Utilities in Malware Campaign Targeting Users in Brazil

Researchers observed threat actors impersonating the Brazilian postal service in a malware campaign that combines legitimate Windows files such as WMI and CertUtil to steal banking data.

30,000 Android Users Infected With Banking Malware From 29 Bogus Apps

Nearly 30,000 Android users accidentally downloaded banking malware after filling out phishing forms that were personalized based on the apps they use.

Chalubo Bot Family Launches Distributed Denial-of-Service Attacks Against Linux Systems

Researchers discovered a family of bots dubbed Chalubo launching distributed denial-of-service (DDoS) attacks to brute-force Linux-based systems running internet-facing SSH servers.

DustSquad Uses Windows Trojan to Target Central Asian Officials With Octopus Malware

Researchers reported that the Octopus malware is using a Windows Trojan to target political entities based in Central Asia.

Threat Actors Obfuscate JavaScript to Hide Crypto-Mining Malware

Cybercriminals buried crypto-mining malware inside compromised websites in an effort to hijack victims' computing resources.

YouTube Scam Lures Eager ‘Doctor Who’ Fans to Reveal Personal Data

Researchers uncovered a YouTube scam in which several fraudulent channels urge unsuspecting "Doctor Who" fans to submit personal data to supposedly stream the British science fiction show.

Researchers Find 18 Security Vulnerabilities in Foxit PDF Reader

A free browser plugin for creating, editing and viewing PDF files contains 18 security vulnerabilities that could expose users to remote code execution.

Viro Botnet Uses Spamming and Keylogging Capabilities to Spread Ransomware

Researchers observed the Viro botnet spreading spam, spying on users' keystrokes and distributing ransom notes written in French to victims in the U.S.

Tax Refund Phishing Cases Resurface in Scheme Targeting UK Users

Cybercriminals have been getting an early start on tax-related phishing cases by promising U.K. users a sizable refund in an attempt to steal credit card details and other personal information.

OilRig Group Aims BONDUPDATER Trojan Malware at Middle Eastern Governments

The OilRig threat group recently targeted government offices in the Middle East with a spear phishing attack that involved the Trojan malware BONDUPDATER.