The Ursnif banking Trojan began targeting financial institutions in Japan during Q3 2017 and continues to operate in the region as we enter Q4.
Security researchers observed a spam campaign that leverages PowerShell's AutoClose feature to deliver a banking Trojan while eluding sandbox detection.
The cybercriminals behind the Necurs botnet are now taking screenshots of victims' machines to improve the performance of ransomware attacks.
IBM X-Force Research discovered a new variant of Zberp that evades API threat detection tools using a code injection technique it borrowed from Carberp.
The cybergang operating the TrickBot banking Trojan were unusually active over the summer, launching new campaigns in Latin America and updating its code.
A new banking Trojan is using old PowerShell tricks to hide its activity from detection tools by continually launching malicious CHM files.
Cisco Talos discovered a new banking Trojan that exploits an authentic VMware binary to hide its malicious activities from security researchers.
A new banking malware called Red Alert 2.0 poses a significant threat to Android users. The Trojan leverages third-party apps to steal data.
A new, upgraded version of remote access malware Client Maximus points to the growing sophistication of cybercriminals in Brazil.
A malware group is using Facebook's CDN servers to store malicious files that it later uses as a vehicle for security breaches targeting Brazilian users.