In 2017 and 2018, threat actors used a toolkit called KoffeyMaker in multiple black box ATM attacks targeting Eastern European financial institutions.
Researchers observed threat actors impersonating the Brazilian postal service in a malware campaign that combines legitimate Windows files such as WMI and CertUtil to steal banking data.
A new attack campaign is using Rich Text Format (RTF) files to distribute the Agent Tesla Trojan along with other malware.
Researchers reported that the Octopus malware is using a Windows Trojan to target political entities based in Central Asia.
A new version of GandCrab, another malware security warning. This iteration uses NTCrypt to facilitate code obfuscation and hook more potential victims.
Since the open source release of the PowerShell framework in 2016, IBM X-Force Incident Response and Intelligence Services (IRIS) has identified an upward trend in malicious PowerShell use.
Researchers discovered two new monero malware attacks: one that targets Windows with stealthy mining operations, and another that masquerades as a Google Play Store update for Android.
Latest Version of TrickBot Malware Uses Macro-Enabled Word Documents to Deliver New Stealth Code Injection
The latest version of TrickBot malware leverages malicious macros to deliver stealthy code injection, fool users and compromise computers.
A recent attack against a cryptocurrency exchange planted a Trojan that spread across both Windows and MacOS machines to steal information and digital coins, according to security researchers.
Google pulled 145 Android apps from its Play Store after Palo Alto Networks discovered that they were infected with Windows malware, posing a mobile app security threat to the software ecosystem.