The first large scale Locky campaign in months has been detected via the Necurs botnet.

An Android app that falsely claimed to be a tool for keeping smartphones up-to-date with the latest version of the OS was found surreptitiously tracking the physical location of it users using spyware called SMSVova.

A white hat hacker is believed responsible for the Hajime IoT botnet because its main objective appears to be to secure IoT devices vulnerable to the notorious Mirai malware.

Endpoints are still encountering exploits for the LNK vulnerability, one of the principal infection mechanisms used by the Stuxnet worm.

InterContinental Hotels Group said on Friday that it found malware designed to access payment card data at more than 1,000 of its hotels.

A new ransomware-as-a-service called Karmen appeals to ransomware newbies with a low price, easy setup and developer updates.

At the Kaspersky Lab Security Analyst Summit, Android Security Team malware analyst Elena Kovakina explained Google’s strategy for countering ransomware on Android.

Mike Mimoso, Tom Spring, and Chris Brook recap Infiltrate Con in Miami last week, and Kaspersky Lab’s Security Analyst Summit in St. Maarten

Here are the exploit kits to watch for over the next three to six months.

Researchers have learned that the recently patched Office zero day was used to target victims in Russia with FINSPY spyware.