Security News

The Anatsa banking trojan has been targeting users in Europe by infecting Android devices through malware droppers hosted on Google Play. Last summer, ThreatFabric warned of another Europe-focused Anatsa campaign that also used dropper apps hosted on Google Play, primarily fake PDF viewer apps.

A Ukrainian national has pleaded guilty in the U.S. to his role in two different malware schemes, Zeus and IcedID, between May 2009 and February 2021. Vyacheslav Igorevich Penchukov (aka...

Google has open sourced Magika, an in-house machine-learning-powered file identifier, as part of its AI Cyber Defense Initiative, which aims to give IT network defenders and others better automated tools. Enter Magika, which uses a trained model to rapidly identify file types from file data, and it's an approach the Big G thinks works well enough to use in production.

Vyacheslav Igorevich Penchukov, 37, pleaded guilty to two counts related to his leadership role in both the Zeus and IcedID malware operations this week, netting millions of dollars in the process. Penchukov first became involved in the Zeus banking trojan as early as May 2009 but was only arrested over a decade later in Geneva, Switzerland in 2022.

Ukrainian national Vyacheslav Igorevich Penchukov, one of the heads of the notorious JabberZeus cybercrime gang, has pleaded guilty to charges related to his leadership roles in the Zeus and IcedID malware groups. The U.S. Department of Justice first charged him in 2012 for his involvement in the Zeus malware operation and the theft of millions of dollars using personal identification numbers, bank account numbers, credentials, and other sensitive info stolen from infected devices.

Using a guide and pre-formatted malware response checklist, written by Erik Eckel for TechRepublic Premium can save organizations considerable time and effort for bringing security and sanity to initial infection response efforts. The specific information to be immediately collected.

Security researchers have identified and analyzed new malware they call TinyTurla-NG and TurlaPower-NG used by the Russian hacker group Turla to maintain access to a target's network and to steal sensitive data. According to the researchers, TinyTurla-NG is actively targeting multiple NGOs in Poland.

One of the variants observed uses on Windows a fake installer for an Adobe product to trick the user into deploying the malware. Sophos' Advanced Threat Response Joint Task Force, or Sophos X-Ops for short, noticed fresh Qbot activity recently, with up to 10 new malware builds emerging since mid-December.

A Chinese-speaking threat actor codenamed GoldFactory has been attributed to the development of highly sophisticated banking trojans, including a previously undocumented iOS malware called...

Cyber baddies have turned to ad networks to measure malware deployment and to avoid detection, according to HP Wolf Security. The security group's Q4 2024 Threat Insights Report finds criminals have adopted ad tech tools to make their social engineering attacks more effective.