Phishers Gain Persistence at EU, Asia Hospitality Orgs
Separate but similar campaigns described by Microsoft and Trend Micro use malicious zip files to spread malware via social engineering and obsfucation, including blockchain abuse.
Antivirus software detects, blocks, and removes malicious code, helping reduce the risk of malware-driven data theft and system disruption.
Search across headline titles and summaries.
Background for this topic.
Antivirus software scans files and running processes to detect and remove malicious code such as viruses, worms, trojans, ransomware, and spyware. It uses signature databases, heuristic rules, and behavioral analysis to identify threats during real-time monitoring or scheduled scans. Regular updates to detection rules are necessary to recognize new malware variants and reduce false negatives.
While antivirus helps block many common malware infections on endpoints, it has limited effectiveness against advanced threats like fileless malware or attacks that evade signature detection. Security teams should combine antivirus with complementary tools such as endpoint detection and response (EDR) to improve visibility and threat hunting. Proper tuning is important to minimize false positives and performance impacts that can disrupt operations or obscure genuine alerts.
Weekly headline count for the current query.
Separate but similar campaigns described by Microsoft and Trend Micro use malicious zip files to spread malware via social engineering and obsfucation, including blockchain abuse.
Once CrowdStrike's nemesis, Microsoft is now a collaborator. A shared interest in Formula 1 helped thaw the years-long fierce rivalry.
By weaponizing the ThrottleStop.sys driver, attackers are disrupting antivirus and endpoint detection and response (EDR) systems.
With legit sounding names, EvilAI's "productivity" apps are reviving classic threats like Trojans while adding new evasion capabilities against modern antivirus defenses.
Trend Micro's Salvatore Gariuolo talks with the Black Hat USA 2025 News Desk about how the new ISO 15118 standard for electric vehicle smart charging and vehicle-to-grid communications can be weaponized by threat actors.
Two critical vulnerabilities affect the security vendor's management console, one of which is under active exploitation. The company has updated cloud-based products but won't have a patch for its on-premises version until mid-August.
The "Direct Send" feature simplifies internal message delivery for trusted systems, and the campaign successfully duped both Microsoft Defender and third-party secure email gateways.
Worried about hackers employing LLMs to write powerful malware? Using targeted reinforcement learning (RL) to train open source models in specific tasks has yielded the capability to do just that.
The threat of wiping files and servers clean gives Anubis affiliates yet another way to leverage ransomware victims who may be hesitant to pay to get their data back, Trend Micro said.
ESET published research on the Iranian APT "BladedFeline," which researchers believe is a subgroup of the cyber-espionage entity APT34.
Trend Micro researchers detailed an emerging ransomware campaign by a new group known as "CrazyHunter" that is targeting critical sectors in Taiwan.
Researchers found the threat actor attempting to use the now-patched flaw to load and execute a malicious dynamic link library on infected systems.
The cybersecurity artificial intelligence (AI) model and agent will help organizations improve threat detection and incident response.
Researchers at Kaspersky discovered cyber-espionage activity that used the vulnerability in a one-click phishing attack to deliver malware.
Trend Micro uncovered a method that nation-state threat actors are using to target victims via the Windows .Ink shortcut file extension.
Researchers from Symantec showed how OpenAI's Operator agent, currently in research preview, can be used to construct a basic phishing attack from start to finish.
This move comes less than a year after the United States banned Kaspersky products, out of the same fear that the company is under Russian government control.
The most recent iteration of the open source infostealer skates by antivirus programs on Macs, using an encryption mechanism stolen from Apple's own antivirus product.
Building on its broad security portfolio, Microsoft’s new exposure management is now available in the Microsoft Defender portal with third-party-connectors on the way.