Researchers report Angler Exploit Kit attacks have become more brazen and are now targeting top websites with new tricks that can evade browser-based antimalware protection. Karl Sigler, a Trustwave SpiderLabs researcher, told Threatpost his lab found the Anger Exploit Kit on a popular website for the second time in a week, exposing just under million...

Mike Mimoso and Chris Brook discuss the news of the week including the ongoing FBiOS battle, a judge’s confirmation that the DoD funded research to uncloak Tor users, and news surrounding Operation Blockbuster. They also preview next week’s RSA Conference in San Francisco, Calif. Download: http://traffic.libsyn.com/digitalunderground/Threatpost_News_Wrap_February_26_2016.mp3 Music by Chris Gonsalves

A five-year campaign primarily focused on extracting sensitive information from Japanese oil, gas, and electric utilities was outlined by researchers on Tuesday. Referred to as Operation Dust Storm (.PDF) by researchers at Cylance, the campaign has managed to stay persistent over the years, and especially lately, by using dynamic DNS domains and customized backdoors. While the group...

The nation-state sponsored hacker group allegedly behind the 2014 attack against Sony Pictures Entertainment has been linked to similar intrusions against a number of companies in South Korea including the Dark Seoul and Operation Troy attacks. A coalition of security companies called Operation Blockbuster, including Kaspersky Lab, Novetta, AlienVault, Invincea, ThreatConnect, Volexity, Symantec, and PunchCyber today published...

Threatpost editor Mike Mimoso talks with Roberto Martinez and Santiago Pontiroli, researchers with Kaspersky Lab’s Global Research and Analysis Team (GReAT) about ATM malware, jackpotting, and why it works so well in Latin America. [embedded content]

Exploits for a vulnerability in Microsoft Silverlight have found their way into the dangerous Angler Exploit Kit a little more than a month after it was patched. French security researcher Kafeine said he was able to get independent confirmation from researchers at Kaspersky Lab that the exploit targeted CVE-2016-0034, which was fixed by Microsoft in...

A 400 percent surge in tax-related phishing and malware incidents is making this tax season the most treacherous yet for taxpayers. According to an Internal Revenue Service bulletin, this year’s attacks include the tried-and-true email phishing, but also newer forms of attacks that include bogus text messages and attempts to trick people into handing over...

Source code for the potent Android malware GM Bot has been leaked to underground forums, according to IBM security experts. The impact, IBM X-Force threat intelligence says, will be an uptick in GM Bot variants and the number of attacks targeting financial applications on Android-based devices. Limor Kessem, a cybersecurity analyst with IBM Trusteer, said...

Attackers managed to hijack the website of the Linux Mint operating system to push a backdoored ISO image of the software to users over the weekend. The developers behind the software, one of, if not the most popular Linux distribution, are unsure what the hackers are aiming to achieve by the move but acknowledge that...

Exploit kits infecting thousands of WordPress websites are setting their sights on the open-source content management system Joomla in a new campaign spotted by a researcher at the SANS Institute’s Internet Storm Center. “The group behind the WordPress ‘admedia’ campaign is now apparently targeting Joomla sites,” said Brad Duncan, security researcher at Rackspace. “We are starting...