malware
2020 was a disaster, but the pandemic put security in the spotlight
Let’s preface this year’s predictions by acknowledging and admitting how hilariously wrong we were when this time last year we said that 2020 “showed promise.” In fairness (almost) nobody saw…
Featured Article
5 questions every IT team should be able to answer
It’s more important than ever to know if your IT team has made sound investments and has the agility needed to operate successfully in the face of continued uncertainty.
Researchers say hardcoded passwords in GE medical imaging devices could put patient data at risk
Dozens of medical imaging devices built by General Electric are secured with hardcoded default passwords that can’t be easily changed, but could be exploited to access sensitive patient scans, according…
Decrypted: Apple and Facebook’s privacy feud, Twitter hires Mudge, mysterious zero-days
Trump’s election denialism saw him retaliate in a way that isn’t just putting the remainder of his presidency in jeopardy, it’s already putting the next administration in harm’s way. In…
Menlo Security announces $100M Series E on $800M valuation
Menlo Security, a malware and phishing prevention startup, announced a $100 million Series E today on an $800 million valuation. The round was led by Vista Equity Partners with help…
Decrypted: Grayshift raises $47M, Apple bugs under attack, video game maker hacked
The election is over, but not without a hitch or two. Some voters in Georgia and Ohio had to use paper ballots after hand sanitizer leaked into voting machines —…
Maze, a notorious ransomware group, says it’s shutting down
One of the most active and notorious data-stealing ransomware groups, Maze, says it is “officially closed.” The announcement came as a waffling statement, riddled with spelling mistakes and published on…
Google reveals a new Windows zero-day bug it says is under active attack
Google has dropped details of a previously undisclosed vulnerability in Windows, which it says hackers are actively exploiting. As a result, Google gave Microsoft just a week to fix the…
Security testing firm NSS Labs ceases operations, citing coronavirus
Security testing company NSS Labs “ceased operations” last week, the company said in a notice on its website, citing impacts related to the ongoing coronavirus pandemic. The Austin, Texas-based company…
US charges Russian hackers blamed for Ukraine power outages and the NotPetya ransomware attack
Six Russian intelligence officers accused of launching some of the “world’s most destructive malware” — including an attack that took down the Ukraine power grid in December 2015 and the…
After breach, Twitter hires a new cybersecurity chief
Following a high-profile breach in July, Twitter has hired Rinki Sethi as its new chief information security officer. Sethi most recently served as chief information security officer at cloud data…
Healthcare giant UHS hit by ransomware attack, sources say
Universal Health Services, one of the largest healthcare providers in the U.S., has been hit by a ransomware attack. The attack hit UHS systems early on Sunday morning, according to…
Cygilant, a threat detection cybersecurity company, has confirmed a ransomware attack. Christina Lattuca, Cygilant’s chief financial officer, said in a statement that the company was “aware of a ransomware attack impacting a…
Decrypted: Tesla’s ransomware near miss, Palantir’s S-1 risk factors
Another busy week in cybersecurity. In case you missed it: A widely used messaging app used by over a million protesters has several major security flaws; a little-known loophole has…
Apple mistakenly approved a widely used malware to run on Macs
Apple has some of the strictest rules to prevent malicious software from landing in its app store, even if on occasion a bad app slips through the net. But last…
An ongoing global outage at sport and fitness tech giant Garmin was caused by a ransomware attack, according to two sources with direct knowledge of the incident. The incident began…
Security researchers have discovered a new kind of ransomware that uses a little-known Java file format to make it more difficult to detect before it detonates its file-encrypting payload. Consulting…
A new Android bug, StrandHogg 2.0, lets malware pose as real apps and steal user data
Security researchers have found a major vulnerability in almost every version of Android, which lets malware imitate legitimate apps to steal app passwords and other sensitive data. The vulnerability, dubbed…
Meet EventBot, a new Android malware that steals banking passwords and two-factor codes
Security researchers are sounding the alarm over a newly discovered Android malware that targets banking apps and cryptocurrency wallets. The malware, which researchers at security firm Cybereason recently discovered and…
Box adds automated malware detection to Box Shield security product
With more folks working at home than ever, and many on machines outside the purview of IT and security teams, it’s becoming increasingly imperative to find creative ways to protect…
Zoom’s troubled year just got worse. Now that a large portion of the world is working from home to ride out the coronavirus pandemic, Zoom’s popularity has rocketed, but also…
Microsoft says hackers are attacking Windows users with a new unpatched bug
Microsoft says attackers are exploiting a previously undisclosed security vulnerability found in all supported versions of Windows, including Windows 10. But the software giant said there is currently no patch…
Google’s Advanced Protection program for high-risk users now includes malware protection
Google is expanding the feature set for its Advanced Protection Program, a security offering that helps safeguard Google Accounts of those at risk for targeted attacks — like politicians, journalists,…
Hackers hit NutriBullet website with credit card-stealing malware
Magecart hackers have struck again, this time targeting the NutriBullet website. According to new research by security firm RiskIQ, hackers broke into the blender maker’s website several times over the…
Hackers are jumping on the COVID-19 pandemic to spread malware
If there’s one thing certain during a pandemic, it’s that hackers will use it for their own gain. Don’t be too surprised. Every time there’s a major news story, a…
Hackers are targeting other hackers by infecting their tools with malware
A newly discovered malware campaign suggests that hackers have themselves become the targets of other hackers, who are infecting and repackaging popular hacking tools with malware. Cybereason’s Amit Serper found…
A major electronics manufacturer for defense and communications markets was knocked offline after a ransomware attack, TechCrunch has learned. A source with knowledge of the incident told TechCrunch that the…
How to identify and remove KidsGuard ‘stalkerware’ from your phone
We reported today on KidsGuard, a powerful mobile spyware. Not only is the app secretly installed on thousands of Android phones without the owners’ consent, it also left a server…
Intezer raises $15M for its DNA-style ‘genetic’ approach to identifying and tracking malware code
As the total cost of cybercrime reaches into trillions of dollars and continues to rise, an Israeli firm called Intezer — which has built a way to analyse, identify and eradicate malware…
Microsoft and NSA say a security bug affects millions of Windows 10 computers
Microsoft has released a security patch for a dangerous vulnerability affecting hundreds of millions of computers running Windows 10. The vulnerability is found in a decades-old Windows cryptographic component, known…