Hackers are using a recent report about cyberthreats to Tibetan activists as a lure in a new attack against pro-Tibet organizations that distributes Windows and Mac malware, researchers from security vendor AlienVault said on Monday.
Security researchers have discovered a new variant of the Duqu cyberespionage malware that was designed to evade detection by antivirus products and other security tools.
The average organizational cost of data breaches has decreased for the first time in seven years, according to a study released by Symantec and the Ponemon Institute on Tuesday.
A hard-to-detect piece of malware that doesn't create any files on the affected systems was dropped onto the computers of visitors to popular news sites in Russia in a drive-by download attack, according to security researchers from antivirus firm Kaspersky Lab.
Luigi Auriemma, the researcher who discovered a recently patched critical vulnerability in Microsoft's Remote Desktop Protocol (RDP), published a proof-of-concept exploit for it after a separate working exploit, which he said possibly originated from Microsoft, was leaked online on Friday.
Security companies have recently identified multiple malware threats that use stolen digital certificates to sign their components in an attempt to avoid detection and bypass Windows defenses.
Tech support scammers have started targeting antivirus customers and have diversified their techniques, according to reports from antivirus vendors Avast and ESET.
Cybercriminals are impersonating victims in order to obtain replacement SIM cards from their mobile carriers, which they then use to defeat phone-based Internet banking protections, security vendor Trusteer said in a blog post.
A limitation built recently into Google Chrome to detect and block Flash Player exploits ended up breaking certain Flash-based applications and games for some users.
Internet Explorer 9 was the second browser to succumb to white-hat hackers during the Pwn2Own contest at the CanSecWest security conference in Vancouver.
Google has patched a critical Chrome vulnerability disclosed Wednesday at the CanSecWest security conference in Vancouver that can be exploited to escape from a browser's secure sandbox.
Malware experts from Kaspersky Lab have asked the programming community for help identifying the programming language, compiler or framework that was used to write an important part of the Duqu Trojan, in the hope that it could reveal clues about who created it or why.
During Google's Pwnium contest at the CanSecWest security conference in Vancouver on Wednesday, Russian bug hunter Sergey Glazunov demonstrated a Chrome exploit that completely defeats the browser's much touted security sandbox.
The latest version of a distributed denial-of-service (DDoS) bot called Armageddon integrates a relatively new exploit known as Apache Killer, DDoS mitigation vendor Arbor Networks said on Tuesday.
The disclosure Tuesday by U.S. authorities that Sabu, the former leader of prominent hacker group LulzSec, is a 28-year-old man from New York City named Hector Xavier Monsegur, corresponds with much of the information released about him by rival hackers in the past.