A new variant of the banking trojan Dridex is part of a sophisticated phishing attack targeting users of the cloud-based accounting firm Xero.

The first large scale Locky campaign in months has been detected via the Necurs botnet.

Dridex has undergone a massive update and now sports a new injection method for evading detection based on the technique known as AtomBombing.

Dridex banking malware returns with a new bypass technique that allows the malware to execute without triggering a Windows UAC alert to the user.