Old banking malware called Dorkbot has reemerged in 2018 to become a serious threat.

Google has removed the Interface Online Chrome extension from the Chrome Web Store. The plugin was used by criminals in Brazil to target corporate users with the aim of stealing banking credentials.

Researchers at My Online Security and the SANS Internet Storm Center have analyzed spam campaigns utilizing plausible imitations of legitimate banking domains to spread the Trickbot banking malware.

Criminals have made use of the leaked source code for the Nukebot banking Trojan, crafting modified versions of the malware to target banks in the U.S. and France.

QakBot, a worm-like, information-stealing strain of malware is back and locking users out of their Active Directory accounts.

Google said a permissions flaw that puts Android users at heightened risk of malware, ransomware and adware attacks will not be fixed until the release of its next mobile OS, Android O.

Notorious spammer Peter Levashov was arrested over the weekend; Levashov is the alleged botmaster behind the Kelihos botnet.

Mike Mimoso, Tom Spring, and Chris Brook discuss security-wise what they hope will and won’t change under a Trump presidency, then discuss the news of the week, including SHA-1 deprecation, Carbanak’s return, and the WhatsApp “backdoor” debacle.

Researchers have observed an uptick in attacks using the banking malware Floki Bot against U.S., Canadian and Brazilian banks and insurance firms.

Researchers have found a phony Flash Player download for Android that installs banking malware and steals banking credentials.