Security news aggregator

Latest coverage for Malware

The Malware tag covers malware families, infrastructure analysis, incident impact, disruption efforts, and defensive guidance to reduce cybersecurity risk.

6 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

Malware is software intentionally created or modified to perform unauthorized or harmful actions on a computer, device, or network. The term covers distinct families and functions, including viruses, worms, trojans, spyware, botnet clients, and ransomware; a single sample may combine several capabilities. Its behavior—not its label—determines the security concern: it may execute code, persist, alter or encrypt data, steal credentials, or provide unauthorized remote access.

For practitioners, malware reporting is most useful when it identifies the family or tool conservatively and provides evidence such as affected platforms, samples, infrastructure, or observed behavior. Defenses include promptly patching vulnerable software, restricting execution and privileges, monitoring endpoints and networks, maintaining tested backups, and isolating suspected systems for analysis. Detection should use behavior and verified indicators rather than names alone, since variants change. If malware processes personal or regulated data, investigations should also address privacy, evidence preservation, and applicable reporting obligations.

Showing 6 most recent headlines Filtered view
Bank Info Security 9 months, 3 weeks ago

North Korea Fake Job Recruiters Up Their Backdoor Game

Eset: Lazarus Group Shares Backdoor With Newer Pyongyang Threat ActorA gang of North Korean hackers behind fake IT job recruitment scams now have access to a remote access Trojan favored by their more technically advanced counterparts tracked collectively as the Lazarus Group, say security researchers.

Bank Info Security 9 months, 3 weeks ago

Phishing Campaign Lobs Malicious SVG Attachments at Ukraine

Government Agencies Targeted With Infostealers and Cryptomining MalwareA fake police alert is the social engineering cornerstone of an ongoing phishing campaign targeting Ukrainian government agencies, warn security researchers. They're tracking a surge in malicious SVG file attachments, in this case leading to information-stealing and cryptocurrency-mining malware.

Bank Info Security 9 months, 3 weeks ago

Feds Isolate Cisco Firewalls to Defend Against 'Arcane Door'

CISA Issues Emergency Directive After Cisco Exploits Persist After RebootCISA issued an emergency directive Thursday after discovering an advanced hacking campaign exploiting two persistent zero-days in Cisco firewall gear - malware that survives system reboots and upgrades - forcing agencies to disconnect vulnerable devices by Friday.

Bank Info Security 9 months, 3 weeks ago

Chinese Hackers Deploy New PlugX Variant

Sophisticated Cyberespionage Campaign Targets Asian Telecom, Manufacturing SectorsA remote access Trojan that's a staple of Chinese nation-state hacking is part of an ongoing campaign targeting telecom and manufacturing sectors in Central and South Asian countries. The threat actor, tracked as Naikon, apparently has access to a new variant of PlugX malware.

Bank Info Security 9 months, 3 weeks ago

Mandiant: Chinese Espionage Tool Embedded in US Systems

Researchers Uncover Covert Chinese Access to US Service Provider InfrastructureMandiant said it has tracked a Chinese-linked espionage campaign using BRICKSTORM malware to quietly embed within U.S. infrastructure and service providers for over a year, exploiting appliance-level blind spots to maintain persistence, evade detection and potentially develop zero-day exploits.

Bank Info Security 9 months, 3 weeks ago

Hackers Obfuscated Malware With Verbose AI Code

Attackers Hid Malware in Vector ImageHackers behind a phishing campaign appear to have used artificial intelligence-generated code to hide malware behind a wall of overly complex and useless code, said Microsoft. "Not something a human would typically write from scratch due to its complexity, verbosity and lack of practical utility."