Security news aggregator

Latest coverage for Infection

Infection refers to malware entering a device or network, enabling unauthorized access, data theft, disruption, or further compromise.

6 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

A malware infection occurs when malicious code executes on a device or enters an environment, enabling unauthorized actions such as persistence, data theft, encryption, or further compromise. The term commonly covers viruses, worms, trojans, spyware, and similar malware; an infection may begin through a malicious attachment, exploit, drive-by download, removable media, or stolen credentials. Its effects depend on the malware and the privileges of the affected account, and an infected host does not necessarily spread automatically.

For security practitioners, the key concerns are identifying affected hosts, determining the initial access and scope, and preventing lateral movement. Useful controls include timely vulnerability remediation, email and web filtering, application controls, least-privilege accounts, and endpoint monitoring for unusual processes, persistence, or network connections. When infection is suspected, isolate the system without destroying evidence, investigate related accounts and devices, revoke exposed credentials, remove or rebuild the malware, and validate that restored systems are clean.

Showing 6 most recent headlines Filtered view
Bank Info Security 8 months, 2 weeks ago

Russian Police Bust Suspected Meduza Infostealer Developers

3 'Young IT Specialists' Arrested After Malware Tied to Government Agency InfectionRussian police have arrested "three young IT specialists" in Moscow, charging them with developing and selling the notorious Meduza information-stealing malware, and members of their group using the infostealer to breach a Russian government institution in May and exfiltrate data.

Krebs on Security 8 months, 2 weeks ago

Aisuru Botnet Shifts from DDoS to Residential Proxies

Aisuru, the botnet responsible for a series of record-smashing distributed denial-of-service (DDoS) attacks this year, recently was overhauled to support a more low-key, lucrative and sustainable business: Renting hundreds of thousands of infected Internet of Things (IoT) devices to proxy services that help cybercriminals anonymize their traffic. Experts says a glut of proxies from Aisuru and other sources is fueling large-scale data harvesting efforts tied to various artificial intelligence (AI) projects, helping content scrapers evade detection by routing their traffic through residential connections that appear to be regular Internet users.

Bank Info Security 8 months, 2 weeks ago

'Herodotus' Android Trojan Mimics Human Sluggishness

Trojan Poised for Use in Campaigns Across the GlobeAndroid malware advertised as "Herodotus" on cybercrime forums injects a randomized pause of up to three seconds whenever a hacker bypasses the keyboard on an infected device to enter account credentials. Systems that rely on indicators such as input timing may wave through the transaction.

Continuous investigation on the Water Saci campaign reveals innovative email-based C&C system, multi-vector persistence, and real-time command capabilities that allow attackers to orchestrate coordinated botnet operations, gather detailed campaign intelligence, and dynamically control malware activity across multiple infected machines.