Researchers with Palo Alto Networks have discovered a sophisticated new strand of Mac malware that uses a combination of techniques to steal cryptocurrency from online wallets or exchange accounts. The malware, dubbed CookieMiner, can steal browser cookies for popular cryptocurrency exchanges, passwords saved in Google Chrome and iPhone text messages

Carbon Black researchers have uncovered a sophisticated malware campaign involving the infamous Ursnif Trojan, also known as Dreambot, and the popular GandCrab ransomware. In the first stage of the campaign, threat actors distribute spam emails containing Microsoft Word documents that have been corrupted with malicious macro scripts. The macros inside

As part of a cybersecurity initiative launched in March of last year, 265 security researchers have spent the last 10 months identifying and shutting down a total of almost 100,000 websites that were used to distribute malware. The URLhaus initiative was started by abuse.ch, a Swiss nonprofit aimed at fighting

A new report by Malwarebytes underlines how cybercriminals have shifted their focus in 2018 from campaigns targeting individual users to those focusing exclusively on high-value business targets. Endpoint attacks have also increased. Trojans were the most prevalent type of malware targeting companies, with the sophisticated Emotet and Trickbot Trojans as prime

Once again, cybercriminals have managed to sneak malicious apps onto the Google Play Store. Researchers with Trend Micro have found two Android apps on Google Play that serve the Anubis banking Trojan, but only if information from the motion sensors on the targeted device indicate movement. The two apps are Currency

Rocke Group, a cybercrime group believed to be operating from China, has developed cryptocurrency mining software that can uninstall cloud-based security solutions from targeted systems as a way of evading detection. Researchers with Palo Alto have so far only found proof that the malware works on Chinese cloud security solutions,

The latest edition of Check Point’s Most Wanted Malware list indicates that cryptojackers – malware that covertly mines cryptocurrency on infected devices – remain the most prevalent type of malware. The four highest entries are all cryptojackers, with Coinhive clinching the top spot once again. A notable newcomer on the

Researchers at cybersecurity firm Proofpoint have discovered a new attack campaign by TA505, a notorious cybercrime group responsible for various major attacks in recent years, including the Locky ransomware campaign. The campaign combines two types of malware, ServHelper and FlawedGrace. ServHelper is the newest of the two, being discovered only in November of last year. It installs

A new malware variant monitors a public Twitter feed that is used to post Command and Control commands via steganographic messaging in meme photos. “When activated on an infected machine the Trojan began monitoring the Twitter feed for updates. The images contained hidden ‘print’ commands which told the Trojan to

“Operation Sharpshooter uses a new implant to target mainly English-speaking nuclear, defense, energy and financial companies. Researchers have detected a widespread reconnaissance campaign using a never-before-seen implant framework to infiltrate global defense and critical infrastructure players — including nuclear, defense, energy and financial companies. The campaign, dubbed Operation Sharpshooter, began