April 3, 2019 Shade Ransomware Campaign Compromises at Least 500 WordPress and Joomla Websites 2 min read - Security researchers discovered a hidden HTTP directory that is allowing threat actors to install Shade ransomware on WordPress and Joomla websites.
February 20, 2019 Threat Actors Impersonate Oil and Gas Companies in Latest Shade Ransomware Attack 2 min read - Digital criminals tried to impersonate oil and gas companies in a recent attack campaign distributing Shade ransomware.
December 14, 2018 Magecart Group’s Use of Credit Card-Skimming JavaScript Attack on the Rise 2 min read - An online retailer was hit by a JavaScript attack from a group associated with Magecart, a collective of cybercriminals that specializes in skimming credit card numbers from compromised websites.
December 11, 2018 Popular JavaScript Library for Node.JS Infected With Malware to Empty Bitcoin Wallets 2 min read - For several months, a version of a popular JavaScript library for Node.js contained malicious code that enabled digital attackers to compromise users' bitcoin wallets.
November 29, 2018 OceanLotus Watering Hole Campaign Compromises 21 High-Profile Southeast Asian Websites 2 min read - A watering hole campaign that has been active in Southeast Asia since September has compromised at least 21 websites, including government and media domains.
October 17, 2018 Threat Actors Obfuscate JavaScript to Hide Crypto-Mining Malware 2 min read - Cybercriminals buried crypto-mining malware inside compromised websites in an effort to hijack victims' computing resources.
August 9, 2018 Fileless Malware CactusTorch Executes Harmful .NET Assemblies From Memory 2 min read - Security researchers observed CactusTorch, a fileless malware, using a .NET executable to run harmful .NET assemblies from memory.
Fraud Protection May 1, 2018 Analyzing PDF and Office Documents Delivered Via Malspam 6 min read - Endpoint detection and antiphishing tools can help users filter basic spam email, but detecting malspam in PDF and Microsoft Office documents requires a more thorough investigation.
October 10, 2017 What the Shell? New Security Breach Uses CHM Files to Cover Banking Trojans 2 min read - A new banking Trojan is using old PowerShell tricks to hide its activity from detection tools by continually launching malicious CHM files.
September 28, 2017 Mobile Stock Trading Apps Vulnerable to Attack 2 min read - Over 20 mobile apps commonly used for stock trading are not very secure, according to recent security research.