The United States and China announced Friday that the two nations have agreed to initial norms of cyber activities.
Kaspersky Lab claims to have pinpointed how the Turla cyber-espionage group has been able to hide its command and control servers for the past eight years.
The Darkhotel APT group swapped out its previous Flash zero-days this past month for an exposed Hacking Team zero-day.
A secret NSA map was obtained by a news outlet shows the locations of "Victims of Chinese Cyber Espionage" targets based in the U.S.
Vague language in a new Chinese security law has multinational tech firms concerned that China may use it to force them to build backdoors or provide encryption keys and source code.
Lawmakers proposed "Protecting Individuals from Mass Aerial Surveillance Act" on Wednesday to require federal authorities to obtain warrants to conduct aerial surveillance.
A Canadian woman was arrested for allegedly infecting computers using a RAT, and harassing and spying on victims.
The screen sharing platform Puush was hit by a cyber attack this weekend that injected malware into the server.
A (NYPD) officer was arrested Wednesday morning for allegedly hacking into a restricted NYPD computer and other sensitive law enforcement databases.
One of Canada's intelligence agencies has been secretly monitoring file downloads across the world for years.
A group of cybercriminals believed to be Russian are exploiting a zero-day vulnerability to deliver malware and gather information from various organizations around the world.
Nation-states can now skip over costly and time-consuming R&D by stealing corporate and government data and turning that information into a competitive advantage.
The oil giant confirms that Stuxnet infected its network back in 2010, when the malware was first discovered - making Chevron the first U.S. company to admit it was struck by the virus.
Kurt Grutzmacher was planning to disclose and demo vulnerabilities in the networking products from Huawei and H3C, a subsidiary of HP.
Already famous for their sophistication, Flame and Gauss malware have yielded a new develompent. Dubbed MiniFlame, the component is deployed after Flame and Gauss already are installed on targeted machines.
Dell SecureWorks researchers believe recent attacks targeting oil and energy companies in various countries are connected to cyber criminals behind RSA's breach and the GhostNet esionage campaign.
Flame's cryptofunctionality silenced all the haters, says F-Secure's Mikko Hyppönen.
The Cybersecurity Act of 2012 was defeated in the Senate, FinFisher spyware analyzed, nation-state-created espionage malware Gauss, and other breaking security news
The latest evidence of cyber espionage weaponry could be a harbinger of nation-state assaults to come.
Flame, Stuxnet, breach at LinkedIn and other security news
Flame, aka Skywiper, is a sophisticated tool used to locate and steal data accessible from the infected computer. The malware uses multiple exploits to propagate and is highly configurable.
While the characteristics of the spy virus are important to note, the question is why it went undetected for so long.
Does the fact that the Flame malware stayed below the radar for so long prove that signature detection is dead?
While the investigation is just beginning into the massive espionage toolkit known as Flame, which has targeted computers, mainly in Iran, it is important to consider the consequences of this malware.
Private and public sectors must take seriously the need to share threat data to prevent cyber attacks, but a heavy-handed approach like CISPA places us at far greater risk as a country.
Much of the breach conversation over the past year has been devoted to so-called hacktivists. But nation-state adversaries, bent on looting organizations of intellectual property, are another breed entirely.
At a recent SC Magazine Roundtable, gov't security pros bemoaned the difficulty in obtaining resources. But instead of crying over spilled milk, they traded ideas for mitigating risk in a down economy.
Instead of spending billions of dollars to supply massive armies, today's adversaries hire code-writers to create attacks that run autonomously for years with little or no human intervention.
Sign up to our newsletters
SC Magazine Articles
- FireEye: First multi-vendor ATM malware targeting cardholders
- Customer data possibly compromised in online photo store malware attack
- Excellus BlueCross BlueShield announces breach, 10.5M records at risk
- CVS employee steals data on 55K Molina Healthcare members
- False Facebook 'dislike button' ensnares users
- Stored XSS vulnerability identified in Jetpack plugin for WordPress
- Experian, T-Mobile breach exposes 15 million customers, but what will happen to the data?
- Only a matter of time before cyber-attack hits broader finance
- Don't spend more, spend better: Interview with FireEye's Richard Turner
- Landmark European data protection judgement