A new variant of the banking trojan Dridex is part of a sophisticated phishing attack targeting users of the cloud-based accounting firm Xero.

Dridex has undergone a massive update and now sports a new injection method for evading detection based on the technique known as AtomBombing.

Dridex banking malware returns with a new bypass technique that allows the malware to execute without triggering a Windows UAC alert to the user.

A massive Locky ransomware campaign spotted this month targets primarily the healthcare sector and is delivered in phishing campaigns. The payload, researchers at FireEye said, is dropped via .DOCM attachments, which are macro-enabled Office 2007 Word documents. Especially hard hit are hospitals in the United States followed by Japan, Korea and Thailand, according to research published Wednesday by...

The notorious Necurs botnet is back in business, after mysteriously going dark for nearly a month. Researchers report the Necurs has returned to spewing massive volumes of email containing an improved version of the potent Locky ransomware and the Dridex banking Trojan. According to Proofpoint which has been tracking Necurs, criminals behind the botnet began...