A recent Hawkeye keylogger campaign leveraged an old Microsoft Office Equation Editor vulnerability to steal user credentials, passwords and clipboard content.
A new Cutwail spam campaign is leveraging steganography — hiding data within images — to compromise devices and download URLZone.
The U.S. Fire Administration's five key components of a fire safety education program serve as a useful framework for CISOs looking to boost their company's ability to respond to a cyber emergency.
IBM X-Force researchers observed the Necurs botnet spewing millions of spam emails from more than 30,000 malicious IPs to extort bitcoin from victims who may or may not have viewed adult content.
Researchers observed the Viro botnet spreading spam, spying on users' keystrokes and distributing ransom notes written in French to victims in the U.S.
Researchers discovered spam campaigns last month that exploited IQY files to flood Japanese users with BEBLOH and URSNIF malware.
Spammers are targeting financial institutions using Excel Web Query (IQY) files that conceal a new downloader malware, according to security researchers.
Endpoint detection and antiphishing tools can help users filter basic spam email, but detecting malspam in PDF and Microsoft Office documents requires a more thorough investigation.
Security researchers observed a spam campaign that leverages PowerShell's AutoClose feature to deliver a banking Trojan while eluding sandbox detection.
Security researchers discovered a new malware attack that exploits Dynamic Data Exchange, an outdated Office feature, to infect corporate devices.