For the first time since Proofpoint researchers discovered CryptXXX, the ransomware is being distributed via malicious documents attached to email messages.
Proofpoint researchers discover a cloned Pokemon GO Android APK backdoored with the malicious remote access tool (RAT) DroidJack.
Proofpoint researchers track an advanced persistent threat as Chinese actors target Russian and European military and diplomatic interests.
Proofpoint researchers describe the malware involved in a recent uptick in banking Trojans targeting Canadian interests.
Proofpoint researchers identified a new ransomware called "Bart" from actors who have been spreading Dridex and Locky.
Proofpoint researchers dissect the payload from the first large Locky ransomware campaign in over 3 weeks.
Proofpoint researchers have been tracking the relatively sudden shutdown of several elements of the advanced threat ecosystem, including the Angler exploit kit, which now appears to extend well beyond the disruption of the Necurs botnet we covered last week.
Proofpoint researchers take a look at the effects of an apparent outage in the massive Necurs botnet on two of the biggest names in malware: Dridex and Locky.
Proofpoint researchers track new campaigns from a familiar actor using evasive macros and distributing a new Dridex sub-botnet targeting Swiss banking institutions.
With its latest version, detected last week by Proofpoint researchers, CryptXXX breaks the currently available decryption tool and adds new capabilities to encrypt shared network resources, among other updates.