Spam is back with a vengeance, thanks to the demise of attack vectors such as Adobe Flash.

Here is a look at what exploit kits, CVEs and other web-based threats are keeping security professionals working overtime in 2018.

Researchers highlight a privately held traffic distribution system tool for malware called BlackTDS that lowers the bar to entry for threat actors.

Security researchers say the Blackmoon banking Trojan targeting exclusively South Korean financial institutions has developed a new malware infection technique.

As Microsoft hardens its defenses with tools such as Control Flow Guard, researchers at Endgame are preparing for the reality of Counterfeit Object-Oriented Programming attacks to move from theoretical to real.

An exploit kit called DNSChanger is attacking routers, not browsers, through a malvertising campaign.

In a deep analysis of RIG, Cisco Talos team outlined the way the exploit kit combines different web technologies such as DoSWF, JavaScript, Flash and VBscript to obfuscate attacks.

Cisco Talos identified the Sundown exploit kit as an up-and-coming contender that may soon rival RIG in terms of size and volume.

Researchers said they’ve seen an uptick in RIG Exploit Kit traffic and that attackers have begun using the kit to peddle CrypMIC ransomware.

The June arrest of a Russian cybercrime gang responsible for the Lurk Trojan also put to rest the infamous Angler Exploit Kit. Researchers at Kaspersky Lab today published a detailed report on the Lurk takedown, confirming at the same time the connection between the Lurk gang and Angler. Activity around Angler all but disappeared once...