Arrested as he returned his rental car at Barcelona’s airport, a 33-year-old Russian faces up to five years in jail after admitting to being the mastermind behind the sophisticated NeverQuest banking trojan.

Read more in my article on the Hot for Security blog.

The credential-stealing Pony malware is masquerading as Microsoft Publisher documents in an effort to infect unsuspecting users.

David Bisson reports.

Join me and fellow computer security industry veterans Vanja Svajcer and Carole Theriault as we have another casual chat about whatever is on our minds.

This week: An alleged hacker finds the downside to car rental, a New York Times Twitter account announces Vladimir Putin is planning to launch a missile attack against the United States, and an “upskirt” website leaks its user data.

Oh, and Vanja forces Graham to share an embarrassing privacy-breaching lavatory anecdote.

Beware poisoned parking tickets!

David Bisson reports.

A database containing over 2,000 MailChimp passwords has been found online.

MailChimp wasn’t hacked. Instead, the password-stealing Vawtrak malware might be to blame.

Criminals have updated the AbbadonPOS malware with the ability to search for known point-of-sale (PoS) processes, in its hunt for consumers’ credit card data.

Beware spammed-out poisoned Word documents, warns David Bisson.

Twenty years on, you might have imagined that macro malware would have been assigned to the dustbin of history. But sadly, it’s seeing something of a resurgence.