Yesterday our colleagues from Palo Alto Networks presented their Minidionis research (also known by the Kaspersky name – “CloudLook”). It’s another backdoor from the APT group responsible for other attacks, such as CozyDuke , MiniDuke, and CosmicDuke. Analyzing this malware, we noticed that attackers implemented a cloud drive capability to store malware and download them onto infected […]

PC Magazine has named Panda Free as the best free antivirus of 2015. Ranking ahead of the likes of Bitdefender, Malwarebytes and Avast, Panda’s antivirus has been awarded the Editor’s Choice by this prestigious media outlet. The features highlighted include its speed and ease of installation along with its cloud based technology. What’s more, its […]

By now, many of you loyal KrebsOnSecurity readers have seen stories in the mainstream press about the coordinated global law enforcement takedown of Darkode[dot]me, an English-language cybercrime forum that served as a breeding ground for botnets, malware and just about every other form of virtual badness. This post is an attempt to distill several years’ […]

The good times are rolling for videogame companies as the sector has witnessed sustained growth in the last few years and, luckily, 2015 doesn’t look like it’s about to break this trend. According to recent estimates by Newzoo, an industry consultant, businesses in the sector are expecting global gaming revenues of $91.5 billion dollars – […]

Microsoft releases a long list of updates to multiple technologies today with 14 Security Bulletins (MS15-058, MS15-065 – MS15-077) patching 58 vulnerabilities, and at least 47 of them reported through a a responsible disclosure channel. Meanwhile, several are being used and detected ITW as a part of limited targeted attacks, like the Microsoft Office RCE cve-2015-2424, […]

This being the second Tuesday of the month, it’s officially Patch Tuesday. But it’s not just Microsoft Windows users who need to update today: Adobe has released fixes for several products, including a Flash Player bundle that patches two vulnerabilities for which exploit code is available online. Separately, Oracle issued a critical patch update that […]

The TeslaCrypt family of ransomware encryptors is a relatively new threat: its samples were first detected in February 2015. Since then the malware has been widely portrayed in mass media as the ‘curse’ of computer gamers because it targets many game-related file types (game saves, user profiles, etc.). The Trojan’s targets have included people in […]