Security researchers recently identified two malware distribution campaigns that infect customers of Brazilian financial institutions with banking Trojans.
Researchers observed the TA505 threat group spreading a previously undocumented remote access Trojan (RAT) called tRaT.
A recent Hawkeye keylogger campaign leveraged an old Microsoft Office Equation Editor vulnerability to steal user credentials, passwords and clipboard content.
A ransomware-as-a-service program called FilesLocker offers affiliates commissions of up to 75 percent on all revenue stolen from victims.
A new Cutwail spam campaign is leveraging steganography — hiding data within images — to compromise devices and download URLZone.
Researchers observed threat actors impersonating the Brazilian postal service in a malware campaign that combines legitimate Windows files such as WMI and CertUtil to steal banking data.
A PowerShell malware downloader known as sLoad uses geofencing, customized emails and device reconnaissance to identify high-value Trojan targets.
Nearly 30,000 Android users accidentally downloaded banking malware after filling out phishing forms that were personalized based on the apps they use.
The TimpDoor malware family enables cybercriminals to turn infected Android devices into network proxies without users' knowledge.
SEO poisoning is on the rise again. How do threat actors use search engine results to drive victims to malicious sites, and what can users do to protect themselves?