New details emerge of how North Korean-linked APT won trust of experts and exploited Visual Studio to infect systems with ‘Comebacker’ malware. [...]

The Pro-Ocean cryptojacking malware now comes with the ability to spread like a worm, as well as harboring new detection-evasion tactics. [...]

A growing number of cybersecurity vendors like CrowdStrike, Fidelis, FireEye, Malwarebytes, Palo Alto Networks and Qualys are confirming being targeted in the espionage attack. [...]

A coordinated effort has captured the command-and-control servers of the Emotet botnet: Emotet establishes a backdoor onto Windows computer systems via automated phishing emails that distribute Word documents compromised with malware. Subjects of emails and documents in Emotet campaigns are regularly altered to provide the best chance of luring …

The detection-evasion tool, libprocesshider, hides TeamTNT's malware from process-information programs. [...]

The suspect allegedly has extorted $27.6 million from ransomware victims, mostly in the healthcare sector. [...]

Hundreds of servers and 1 million Emotet infections have been dismantled globally, while authorities have taken NetWalker's Dark Web leaks site offline and charged a suspect. [...]

Sophisticated and dangerous, DanaBot has resurfaced after laying dormant for seven months. [...]

An unmonitored account belonging to a deceased employee allowed Nefilim to exfiltrate data and infiltrate systems for a month, without being noticed. [...]

Enlarge (credit: Dmitry Nogaev | Getty Images) Google has warned it has uncovered an “ongoing” state-backed hacking campaign run by North Korea targeting cyber security researchers. The Silicon Valley group said its threat analysis team found that cyber attackers posing as researchers had created numerous fake social media profiles on …

Exclusive: former cybersecurity chief calls for law change and warns situation is ‘close to getting out of control’ Insurers are inadvertently funding organised crime by paying out claims from companies who have paid ransoms to regain access to data and systems after a hacking attack, Britain’s former top …

The CursedGrabber malware has infiltrated the open-source software code repository. [...]

Up to 4,000 stolen files have been released by hackers who launched a ransomware attack against the Scottish Environmental Protection Agency on Christmas Eve. [...]

Investigation launched after teachers warn of worm on devices handed out for home schooling Coronavirus – latest updates See all our coronavirus coverage The government has launched an investigation into reports that laptops it distributed to support vulnerable children during lockdown had been infected with malware connected to Russian servers …

Joyce will replace Anne Neuberger, who is now deputy national security advisor for the incoming Biden administration. [...]

The post-compromise backdoor installs Cobalt Strike to help attackers more laterally through victim networks. [...]

The FreakOut malware is adding infected Linux devices to a botnet, in order to launch DDoS and cryptomining attacks. [...]

Medical-device security has long been a challenge, suffering the same uphill management battle that the entire sprawling mess of IoT gadgets has faced. [...]

Watering-hole attacks executed by ‘experts’ exploited Chrome, Windows and Android flaws and were carried out on two servers. [...]

Capcom, the game developer behind Resident Evil, Street Fighter and Dark Stalkers, now says its recent attack compromised the personal data of up to 400,000 gamers. [...]

The BumbleBee web shell allows APT attackers to upload and download files, and move laterally by running commands. [...]

Enlarge (credit: Getty Images ) The malware used to hack Microsoft, security company FireEye, and at least a half-dozen federal agencies has “interesting similarities” to malicious software that has been circulating since at least 2015, researchers said on Monday. Sunburst is the name security researchers have given to malware that …

Researchers have spotted notable code overlap between the Sunburst backdoor and a known Turla weapon. [...]

Researchers have spotted notable code overlap between the Sunburst backdoor and a known Turla weapon. [...]

Researchers at Recorded Future report a rise in cracked Cobalt Strike and other open-source adversarial tools with easy-to-use interfaces. [...]