Security News

The chameleon-like pseudo-Darkleech campaign, responsible for prolific exploit kit attacks and ransomware infections, has again made a change to its code that will frustrate researchers.

The same group of cybercriminals behind YiSpecter, a strain of iOS malware uncovered last year, are also behind a new type of Android malware, HummingBad.

The scope of the ThinkPwn UEFI vulnerability disclosed last week has grown past Lenovo and HP laptop firmware to motherboards sold by Gigabyte.

Researchers are keeping a close eye on new ransomware called Zepto that is either a variant of the Locky ransomware or something altogether new.

The Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) warned users several builds of energy automation software this week.

LizardStresser botnet hijacks 1,300 internet-accessible video cameras, enlisting them as pawns in 400Gbps DDoS attacks targeting Brazilian banks and several U.S. gaming firms.

A breach at Massachusetts General Hospital has potentially compromised the information of roughly 4,300 dental patients, the hospital warned Wednesday.

Foxit patched a dozen vulnerabilities in its PDF reader software this week, more than half of which could be used to directly execute arbitrary code on vulnerable installations of the product.

Conficker returns from obsolescence to help hijack medical devices and steal patient records.

The FTC closes roughly 70 percent of the investigations it opens and is weighing how to better handle PCI-DSS and other standards, an agency official said this week.