Malware researchers at ESET have uncovered a widespread cybercriminal operation that has seized control of tens of thousands of Unix servers. Learn more about how to check your systems for compromise, and prevent innocent computer users from being attacked.
Operation Windigo – the vivisection of a large Linux server‑side credential‑stealing malware campaign
Our report titled “Operation Windigo – the vivisection of a large Linux server-side credential-stealing malware campaign" details our analysis of a set of malicious programs that infect servers and desktop PCs, and send nearly 500,000 web users to malicious content daily."
A “particularly unpleasant” phishing email purporting to be the results of a blood count report showing that the recipient may have cancer is circulating. It seems to be sent from a government health care organization - but it's a malware-laced scam.
Microsoft Word users have been urged to update their software after attacks against users of MS Word 2010, where opening a “specially crafted” Rich Text Format file allowed attackers to remotely execute code on the victim’s machine.
A post promising a video of a plane landing on water has been circulating on Facebook, with a title suggesting that it contains news footage of the rescue of passengers on board the missing flight MH370 - but there is no video, and it's a criminal scam.
The emerging ‘internet of things’ raises big security questions, and vulnerabilities in connected devices such as ‘smart’ fridges may force companies to work together in a way never previously seen, according to Microsoft’s Jan Neutze.
Microsoft releases a fix for a zero-day vulnerability that has already been exploited by hackers in targeted attacks against some organisations. Don't delay!
Android phones and tablets from four different manufacturers are arriving with malware “pre-installed” - a bogus version of Netflix which sends password and credit card information to Russia, according to app security specialist Marble Security.
A virus designed to infect Wi-Fi networks can spread through cities “as efficiently as the common cold spreads between humans”, researchers at the University of Liverpool have found.
Win32/Corkow is banking malware with a focus on corporate banking users. We can confirm that several thousand users, mostly in Russia and Ukraine, were victims of the Trojan in 2013. In this post, we expand on its unique functionality.
Pirated versions of popular Mac apps, spread via torrent sites, try to infect your computer with malware... and steal Bitcoins.
If you have received an unexpected email, claiming to come from British Airways, about an upcoming flight that you haven’t booked – please be on your guard. Online criminals are attempting to infect innocent users’ computers, by disguising their attack as an e-ticket from the airline.
Researchers have demonstrated an attack that completely bypasses the protections offered by EMET - a Microsoft toolkit used to provide safeguards against zero-day attacks, according to Ars Technica.
A large majority of routers used in small offices are plagued with security vulnerabilities - with up to 80% of small office/home office models having critical security weaknesses, according to a survey by Tripwire.
In this blog post, we provide an in-depth analysis of Linux/Ebury - the most sophisticated Linux backdoor ever seen by our researchers. It is built to steal OpenSSH credentials and maintain access to a compromised server.
The increasing use of QR codes as a way to add interactive elements, apps and websites to display advertising, competitions or print magazines could pose a risk to smartphone users, Australian researchers at Murdoch University have warned
Malware dubbed ‘Moon’ due to images found within the malware has spread rapidly through many models of Linksys routers - even ones protected by passwords - it's still not clear how many are infected - or if the malware has a purpose beyond simply spreading.
If your system administrator looks a little frazzled this week, be nice to him or her and don't grumble too much about the photocopier being jammed. It may be that they have more serious issues on their mind.
A little-known banking trojan, developed in Russia, has managed to infect thousands of victims' computers without the knowledge of their owners. Graham Cluley takes a closer look.
A small American law firm has admitted that every document on a server at the North Carolina company has fallen prey to the Cryptolocker ransomware, according to a report by local station WSO CTV.