Security news aggregator

Latest coverage for Malware

The Malware tag covers malware families, infrastructure analysis, incident impact, disruption efforts, and defensive guidance to reduce cybersecurity risk.

32 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

Malware is software intentionally created or modified to perform unauthorized or harmful actions on a computer, device, or network. The term covers distinct families and functions, including viruses, worms, trojans, spyware, botnet clients, and ransomware; a single sample may combine several capabilities. Its behavior—not its label—determines the security concern: it may execute code, persist, alter or encrypt data, steal credentials, or provide unauthorized remote access.

For practitioners, malware reporting is most useful when it identifies the family or tool conservatively and provides evidence such as affected platforms, samples, infrastructure, or observed behavior. Defenses include promptly patching vulnerable software, restricting execution and privileges, monitoring endpoints and networks, maintaining tested backups, and isolating suspected systems for analysis. Detection should use behavior and verified indicators rather than names alone, since variants change. If malware processes personal or regulated data, investigations should also address privacy, evidence preservation, and applicable reporting obligations.

Showing 20 most recent headlines of 32 Filtered view

Tehran Baits Aerospace Sector into Downloading Malware With Fake Job OffersIranian state hackers are taking a page out of North Korean tactics to entice job seekers into downloading malware, with security researchers spotting a Tehran campaign directed against the aerospace industry. It's possible that Pyongyang shared its attack methods and tools.

Bank Info Security 1 year, 8 months ago

Hackers Lurking in Critical Infrastructure to Wage Attacks

Australian Government Warns of Nation-State Actors' Plans to Weaponize MalwareThe Australian government is alerting critical infrastructure providers that state-sponsored actors are positioning malware in their networks that can be weaponized to disrupt operations during major crises or a military conflict. The hackers employ living-off-the-land technique to avoid detection.

Plus a bonus hard-coded local API key A now-patched, high-severity bug in Fortinet's FortiClient VPN application potentially allows a low-privilege rogue user or malware on a vulnerable Windows system to gain higher privileges from another user, execute code and possibly take over the box, and delete log files.…

Bank Info Security 1 year, 8 months ago

Cryptohack Roundup: FTX Files Lawsuits to Recover Funds

Also: Arrests in $232M Scam, Guilty Plea in $73M Pig-Butchering CaseThis week, FTX sued to recover money, FTX's Caroline Ellison began her prison sentence, South Korea arrested hundreds in $232M scam, a guilty plea in a $73M pig-butchering case, BlueNoroff launched a new attack campaign, GodFather malware and WonderFi CEO kidnapped and released after ransom payment.

The Iranian threat actor known as TA455 has been observed taking a leaf out of a North Korean hacking group's playbook to orchestrate its own version of the Dream Job campaign targeting the aerospace industry by offering fake jobs since at least September 2023

Loading more headlines...