A unique attack called DNSMessenger uses DNS queries to carry out malicious PowerShell commands on compromised computers.

A unique attack called DNSMessenger uses DNS queries to carry out malicious PowerShell commands on compromised computers.

Three vulnerabilities, all which can lead to remote code execution, exist in the LibTIFF library.

Researchers said they observed three separate spam campaigns pushing an updated version of Locky on Monday.

Researchers said they’ve seen an uptick in RIG Exploit Kit traffic and that attackers have begun using the kit to peddle CrypMIC ransomware.

A global malvertising campaign exposing potentially one million users to the risk of being infected with CrypMIC ransomware delivered via the Neutrino Exploit Kit has been shut down, according to researchers. Cisco’s Talos Security Intelligence and Research Group, which discovered the criminal activity, said the malvertising campaign stretched across North America, EU, Asia-Pac and the...

Researchers have observed ransomware so sophisticated over the last few months that we’ve seen a variant tease researchers with strings of hidden code and another composed entirely of JavaScript. But not every attacker is technically proficient; researchers are suggesting the ones behind a new strain of ransomware may just be plain lazy. The ransomware Ranscam simply deletes users’ files, even if the...

The libarchive programming library was recently patched against three critical memory-related vulnerabilities that could be abused to execute code on computers running the vulnerable software. As is the case with most open source software packages, patching the core library is only half the battle; admins must now ensure that third-party software running the library is...

Several vulnerabilities were fixed this week in the file archiver 7-Zip that could have led to arbitrary code execution and file corruption. The developer behind the tool-which is open source and can be used with any compression, conversion, or encryption method-is urging users to update to the most recent patched version, 16.00, as soon as possible to...

Researchers found a vulnerability in the classic compression standard Lhasa, once a mainstay for game developers in the mid-’90s and still in use today. Researchers at Cisco’s security research arm, Cisco Talos, identified the vulnerability calling it as a classic heap-spray exploit. In a report disclosing the vulnerability, Talos reports a rigged LHA and LZH...