Developers behind the malicious downloader Hancitor have bolstered the malware again, this time with new delivery approaches that make it more difficult to detect.

An anime site popular in Mexico and South America has been infected with malware redirecting visitors to a Neutrino Exploit Kit landing page. The site, Jkanime, streams anime video and has 33 million monthly visitors. Neutrino is currently the top dog among exploit kits after two of the bigger kits, Angler and Nuclear, have apparently...

In the ransomware world, it doesn’t take long for today’s darling to become yesterday’s news. Case in point: Locky. Not long ago, Locky was at the core of debilitating infections at major hospitals in California and the Washington, D.C., area, affecting not only access to patient data but also patient care. That was in mid-February...

Attackers are not through testing the limits of what they can do with new features in ransomware samples. That latest found in the wild is called PowerWare and it was discovered a week ago targeting a company in the healthcare industry, researchers at Carbon Black told Threatpost. What sets PowerWare apart from other crypto-ransomware samples...

Apple iOS devices are in the crosshairs of another malware attack that has already infected an estimated six million non-jailbroken iOS devices in China, according to researchers. Palo Alto Networks found the new malware called AceDeceiver that infects iOS devices via Windows PCs and which leverages design flaws in Apple’s DRM software. So far, AceDeceiver has only impacted iOS...

It’s likely that the first functional ransomware for OS X is a dud. Discovered on Friday by researchers at Palo Alto Networks, the KeRanger ransomware sits dormant for three days before encrypting files from a comprehensive list of 300 file extensions; today would be Day 3. The malware was included in a Trojanized version of...

It’s been difficult to keep track of all the different strains of ransomware that have plagued users over the last year or two. Unlike many of them the latest to grab headlines is spreading through a decidedly old school vector: document-based macros. Named Locky, the ransomware appears to borrow a technique from the Dridex banking malware. Victims...

Researchers believe a single group is responsible for a series of attacks over the years to spy on Tibetan and Uyghur activists. For four years the group has used a cornucopia of spearphishing emails, a watering hole attack, and a backdoor Trojan to carry out espionage. Dubbed Scarlet Mimic, the attacks are primarily spread through...