Don't-Miss Stories

Cybercriminals are using the Tor network to control their botnets

Malware writers are increasingly considering the Tor anonymity network as an option for hiding the real location of their command-and-control (C&C) servers, according to researchers from security firm ESET.

Citadel malware active on 20,000 PCs in Japan, says Trend Micro

Citadel malware is installed on over 20,000 PCs in Japan and actively sending financial information it harvests to servers abroad, according to security software vendor Trend Micro.

Symantec spots two Android apps using 'master key' vulnerability

Hackers are now using a critical vulnerability in Android to modify legitimate smartphone applications, according to Symantec, putting users at risk of being spied on.

Report: Android spyware infections on the rise

About 1 percent of Android devices are infected with malware, according to Alcatel-Lucent's Kindsight Security Labs.

US leads 'dirty dozen' of spam traffickers, Sophos study says

Sophos has selected its "dirty dozen" of countries that relay spam for the second quarter of 2013, and the U.S. has taken the top spot.

New digitally signed Mac malware confuses users with right-to-left file name tricks

The malware is digitally signed and is probably used in targeted attacks, researchers from F-Secure said.

security

Malware campaign strikes Asian, European governments

Trend Micro says it detected a targeted attack that sent malware-laden emails to representatives of 16 European countries and some Asian governments.

Unusual file-infecting malware steals FTP credentials

A new version of a file-infecting malware program that's being distributed through drive-by download attacks is also capable of stealing FTP (File Transfer Protocol) credentials, according to security researchers from antivirus firm Trend Micro.

Hackers use Dropbox, WordPress to spread malware

The attackers did not exploit any vulnerabilities, but they opened up accounts and used the services as their infrastructure

Paying bug bounties is a better investment than hiring a security team, study claims

Paying rewards to independent security researchers for finding software problems is a vastly better investment than hiring employees to do the same work, according to researchers from the University of California Berkeley.