Emerging Threats News, Articles and Updates
Driven by increasing use of cloud and mobile services, and cyber criminal activity from hacktivists, terrorist groups, nation-state actors and those out for financial gain, the global cyber security market is expected to grow by 11.3 percent each year.
There is no doubt that data security and privacy concerns have almost completely migrated to the mobile channel.
In 2011 and the new age of cyberwarfare, what differentiates a military corporation from a security corporation? Are you now working in a cyberwarfare capacity? If so, what restrictions on global trade should CIOs be concerned with?
Ten years of evolving threats: A look back at the impact of notable malicious wares of the past decadeNovember 15, 2010
As security firm Fortinet celebrates 10 years in business, Fortiguard Labs took a look at the 10 most intriguing threats during the past decade and showed how their feature sets have evolved, Darwin-like, over time.
Researchers at CA say they have detected a new variant of the Storm Worm, the infamous botnet best known for its spam-producing abilities, but which was effectively killed off more than a year ago.
Losses related to cybercrime more than doubled from 2008 to last year, according to a report from the Internet Crime Complaint Center (IC3)
The organized and well-resourced cybercriminals who compromised systems at Google, Adobe and more than 30 other large companies used a previously unknown, zero-day Internet Explorer exploit as part of their arsenal to install data-stealing malware on target machines, researchers at McAfee revealed Thursday.
With a few thousand dollars and widely available open-source tools, the encryption algorithm used to protect most cell phone communications can be cracked, allowing an attacker to listen in on phone calls, researchers revealed Sunday at a security conference.
A newly discovered SSL flaw could allow an attacker to launch a man-in-the-middle attack and intercept an SSL-protected session, according to researchers.
A snooping application, called PhoneSnoop, allows an attacker to remotely activate a BlackBerry microphone and listen in on surrounding conversations.
A new report suggests that, instead of threatening retaliatory attacks to deter cyberwar, the U.S. military should employ more diplomatic strategies.
A newly revealed banking trojan is considered one of the biggest threats on the internet because of the way it can quickly spread.
A flaw in all versions of BIND 9 reportedly being widely exploited has the potential to cause widespread damage if it goes unpatched, security experts said.
Not enough emphasis is placed on the integrity of software, according to a software assurance group, which hopes to change that mentality with a new framework.
Hackers are leveraging the popularity of a summer blockbuster to dish out malware, according to anti-virus provider ThreatFire. Links related to the new "Harry Potter" movie are popping up across the web, especially on sites such as Digg.com and Blogspot.com, the company said Thursday in a blog post. If users follow the link, they are brought to a site claiming to offer a video of the movie but actually tries to get them to install a host of malware, including the Koobface worm and rogue anti-virus programs. — DK
Researchers are set to discuss a wide range of topics at the annual Black Hat conference.
A new threat dubbed "Nine-Ball" has compromised up to 40,000 legitimate websites that are now infecting users with an information-stealing trojan, according to security vendor Websense.
Cybercriminals are using Twitter to propagate malicious links in an attack that's easier to mount than black-hat search-engine optimization (SEO), according to PandaLabs.
The URL hosting the Gumblar attack, which has compromised thousands of legitimate websites with code that silently redirects users to a single Chinese domain, heads its list of Top 10 malware sites, according to Google.
A new attack targeting Outlook users has morphed from trying to retrieve login credentials to attempting to infect users with fake anti-virus products.
Users of popular blogging platform Twitter fell victim this past week to a scareware scam.
A group of computer hackers based in Turkey breached the sites of two U.S. Army facilities, leveraging SQL injection attacks.
A mass injection attack similar but unrelated to Gumblar has infected more than 40,000 websites, according to new research from Websense.
Microsoft on Thursday issued a security advisory for a new vulnerability in DirectX, used on Windows to enable graphics and sound, that could enable a remote hacker to execute arbitrary code if users open specially crafted QuickTime files. Microsoft said that it was aware of active attacks using exploit code for the vulnerability. Windows 2000 (SP4), Windows XP, and Windows Server 2003 are vulnerable; all versions of Windows Vista and Windows Server 2008 are not. — CAM
A review of federal cybersecurity policies, scheduled for release Friday, will serve as a call to action for the public and private sectors.
White House spokesman Robert Gibbs announced Tuesday that President Obama will release the highly anticipated 60-day review of federal government cybersecurity initiatives on Friday. The report was developed by Melissa Hathaway, who started investigating federal cybersecurity infrastructure and policies during February, and delivered the finished document in April. Gibbs called the report is an important first step toward securing the nation's cyberinfrastructure. — CAM
The U.S. military is developing and testing several new offensive and defense cyberdevices, including a system that would enable non-expert military personnel to launch a cyberattack, a defense and aerospace industry publication reported last week.
A number of security organizations are offering tips to deal with the Gumblar drive-by exploit, which is growing ever more pervasive.
Two reports released this week confirmed the tidal shift in the type of websites into which cybercriminals are injecting malware.
A new study from Panda Security found that 67 percent of teenagers surveyed admitted to having tried to hack into friends' instant messaging or social network accounts.
SC Magazine Articles
- Some U.S. Bancorp workers' W-2 info exposed in ADP data breach
- Spearphishing attack nets $495K from investment firm
- Updated: Gmail, Yahoo email credentials among millions found on the dark web
- Report: Ransomware feeds off poor endpoint security
- Organizations need formal vendor risk management programs, study
- State Dept. criticized for poor records management, Clinton broke rules, IG report says
- APWG report: Phishing surges by 250 percent in Q1 2016
- Apple rehires crypto legend Jon Callas
- China's quantum communications satellite to improve data security, thwart hackers
- 34% of Brits willing to sacrifice their online safety for weight loss