The weakness allows for an intruder to quietly have access to any files stored on the server.
Adrian-Tiberiu Oprea, a Romanian man, admitted that he helped steal payment card data from hundreds of U.S.-based point-of-sale (POS) systems at the sandwich chain.
Mapco disclosed this week that hackers compromised its payment card processing systems to steal credit and debit card information belonging to an unknown number of customers.
Intel-owned McAfee has acquired next-generation firewall maker Stonesoft for $389 million, the companies announced Monday.
The microblogging service told news organizations that they will continue to be "high value targets to hackers."
The FBI sought to obtain a special warrant to install surveillance software on the suspect's computer.
The not-guilty plea came a day after Reuters fired the Keys from his role as deputy social media editor.
Microsoft is now issuing a replacement patch for a fix that was shelved two weeks ago after customers reported problems resulting after they installed it.
According to an interview he subsequently conducted with Politico, Keys said Reuters never mentioned the indictment as a reason for his firing.
Mark Reinhold, the chief architect of the Java platform group, announced the delay late last week.
Spam campaigns are sending out spurious emails purported to be from Facebook, LinkedIn, American Airlines and financial institutions, McAfee researchers found.
An accused member of the hacktivist group LulzSec on Thursday has been sentenced by a federal judge in Los Angeles for his role in hacking into the systems of Sony Pictures Entertainment, according to reports.
Utilizing a card skimmer, the defendants stole the banking information of 175 patrons of various Chicago restaurants, and made over $200,000 in illegal purchases.
China and the United States plan to erect a cyber security working group in light of continued worries over the former's alleged cyber espionage activities, according to reports.
German research institute AV-TEST conducted the study over a period of 18 months.
The new feature is immediately available for users and "secret" codes can be accessed via SMS or through the Google Authenticator app.
The unsuccessful attacks were the result of email addresses being publicly posted on an electric company's website.
Attackers use phishing emails, which include links to a fake Adobe Flash update, to lure victims into installing the Stels trojan.
The release patches 13 vulnerabilities, five of which are deemed "critical."
Electronic road signs in St. Charles, Ill. were hacked on Thursday, displaying messages that had nothing to do with a pipeline project taking place nearby.
A new do-it-yourself botnet generating tool has leaked in the wild, but miscreants believe it's not worth its $10,000 price tag.
Phishing attacks were among the top 12 schemes hatched by tax season scammers.
Wells Fargo's online banking website was allegedly struck by a cyber attack on Tuesday, temporarily limiting service for its customers.
A Romanian citizen was sentenced in a New Haven, Conn. U.S. District Court.
Attached as a malicious APK file in a spear phishing email, once installed, the program siphons data that includes contacts, call logs, SMS messages, and more.
Matthew Weaver used a keylogger to steal student passwords and cast 480 votes for himself as student council president.
Even IT security professionals are clearly ignoring basic security rules, a new survey found.
Matthew Keys denies he gave "anyone" login information that could enable them to make changes to a Los Angeles Times article.
A survey of 5,000 senior IT managers conducted by market research firm B2B International has found that 35 percent of organizations worldwide don't use encryption to protect data.
The deputy undersecretary for cyber security at DHS, Michael Weatherford, has resigned to take a position as principal at global security advisory firm, The Chertoff Group.
Matthew Keys, 26, was indicted in California on charges that he helped Anonymous members deface the website of the Los Angeles Times.
A Manhattan man will serve anywhere from four-and-a-half to 13-and-a-half years in prison for organizing a card-skimming ring that led to the fraudulent purchase of luxury goods.
A fake Twitter account posing as newly elected Pope Jorge Bergoglio deceived more than 100,000 followers, posting strange messages.
A representative of JPMorgan Chase has confirmed the website of the banking giant suffered a distributed denial-of-service attack Tuesday.
As the FBI continues to investigate the dumped data of high-ranking government officials and celebrities, Equifax confirms that some of the information published was accessed from AnnualCreditReport.com.
Expected to close in April, the deal will make Tripwire one of the largest security and vulnerability management vendors in the industry.
Researchers also found that the median number of vulnerabilities per application was 13 flaws.
The Federal Trade Commission and the Better Business Bureau are alerting businesses about the new threat.
Known for distributing postal-themed spam, the Asprox botnet has remained effective, though less noticeable due to evasion techniques.
Adobe this week released an update to its Flash Player to close three vulnerabilities, two of which are under active attack.
The site was hacked Thursday afternoon and contained links to the RedKit exploit kit
Twitter's director of information security is helping other users not suffer the same fate as Burger King and Jeep.
Adobe on Wednesday made available a security update to its Reader and Acrobat software to close two vulnerabilities that are under active attack.
The electronics giant is scheduled go before a California judge in September to request the suit dismissal.
Attorneys representing accused Anonymous member and political activist Jeremy Hammond has requested that the judge presiding over his case recuse herself due to a conflict of interest, according to reports.
After news broke that Pope Benedict XVI would step down as head of the Catholic Church, fraudsters took to Twitter to take advantage of the developing story.
The U.S. Department of Energy (DOE) looks to step up its security efforts by spending $20 million on more advanced cyber security tools.
The FBI is looking into hacks involving email accounts with which President George H. W. Bush corresponded.
Sen. Stuart Reid (R-Utah) began drafting the bill last year, following a massive breach in the state of nearly 800,000 Medicaid records.
Less than a day after The New York Times revealed that its reporters were targeted by Chinese hackers, The Wall Street Journal disclosed on Thursday that its systems were also breached by attackers from China wanting to observe the newspaper's coverage of the country.
The U.S. hosts 631 active command-and-control hubs for botnets, according to McAfee.
Barrett Brown, who sometimes publicly spoke for the Anonymous collective, pleaded innocent on Wednesday in Dallas federal court to new charges that he concealed evidence, apparently related to a raid on his apartment earlier this year, according to a report.
Cloud hosting provider FireHost noted a 160 percent spike in XSS attacks from Q3 to Q4 2012.
After exposing the personal data of millions of customers, Sony Computer Entertainment Europe has earned a £250,000 penalty.
The updated trojan contains a new plug-in that can carry out a slew of malicious functions in the VoIP service.
Oracle on Tuesday shipped its quarterly security update to close 86 vulnerabilities across its product line.
The payment processor suffered a breach in 2011, where 1.5 million credit and debit card numbers were compromised.
A majority of the bugs patched in the latest version of Mozilla's web browser were deemed "critical."
A bug report leads to an update in a Facebook app.
The tool can be customized for each of the four major mobile operating systems
The acquisition is expected to close Dec. 31 for an undisclosed amount.
The anti-virus pioneer returned to the U.S. on Wednesday following deportation from Guatemala.
A federal investigation launched seven years ago into a phishing campaign targeting customers of the People's United Bank in Connecticut has netted a 10th conviction, prosecutors said Tuesday.
Anti-virus company founder John McAfee reportedly suffered two mild heart attacks Thursday, while being detained in Guatemala.
A hacker, selling an exploit on a cyber crime forum for $700 a pop, found a vulnerability in Yahoo.com that could allow attackers to intercept or send emails from victims' email accounts.
Mozilla has packaged fixes for nearly 30 security vulnerabilities into the latest version of its web browser, Firefox 17.
The PCI Security Standards Council, the body that manages payment security industries guidelines, on Friday released a methodology for meeting a risk management requirement included in the standard.
Connectusers.com, an Adobe customer forum for its Connect online-conferencing service, was pulled offline by Adobe after the forum's database was breached.
Google announced Tuesday that the Adobe Flash Player, which comes built in to its Chrome browser, is also now "sandboxed" for all major platforms, including Windows, Mac, Linux and Chrome OS.
An unnamed man from Staffordshire, England, was arrested and questioned about his involvement in plans to DDoS websites for the Home Office and Home Secretary Theresa May.
The scheduled patch addresses seven "critical" flaws that could allow attackers to take over affected systems.
Controversial bug-seller Vupen has discovered a zero-day that bypasses multiple exploit safeguards in Windows 8.
Phishing emails targeting victims of Sandy begin to make the rounds online.
Even though the ransomware perpetrators claim to be hacktivist group Anonymous, researchers believe scammers are likely copycats.
EMC has acquired Menlo Park, Calif.-based online fraud detection provider Silver Tail Systems. Silver Tail, which offers "real-time web session and behavioral analysis" for banking, e-commerce and government customers, will operate as part of RSA, EMC's security division.
Scammers use a click-the-pic ruse to redirect users to the Blackhole exploit kit
The U.S. Department of Homeland Security awarded 34 contracts to secure domestic critical infrastructure.
Facebook announced this week that it is donating $250,000 to the Center for Information Assurance and Joint Forensics Research at the University of Alabama at Birmingham (UAB).
The FCC lifted a ban on basic cable signal encryption in a move to prevent illegal access to cable.
Flaws in several Oracle products will be addressed by the quarterly update.
Rapid7, a Boston-based vulnerability management and penetration testing company, has acquired Seattle start-up Mobilisafe, which makes cloud-based mobile risk management technology.
Microsoft on Tuesday announced the release of a survey that organizations can use to gauge their capability to migrate to the cloud.
Microsoft on Thursday announced that it has acquired PhoneFactor, provider of multifactor authentication technology delivered via a mobile device.
Barnaby Jack, well known for showcasing ATM vulnerabilities, is on his way back to IOActive after a year-long stint with McAfee.
The vulnerability, notably demonstrated at the Ekoparty security conference in Buenos Aires last month, could allow an attacker to remotely reset phones running Android operating systems.
Qualys, a cloud security provider headquartered in Redwood City, Calif., began trading Friday on the NASDAQ, debuting at $12 a share.
The agency that regulates the transmission of electricity, oil and natural gas in the United States has created a new office to concentrate on cyber security.
The most critical flaw could lead to the installation of the backdoor trojan Poison Ivy on victims' machines.
Attackers could link password hash with specific session key to crack users' passwords.
Massachusetts Eye and Ear Infirmary and Massachusetts Eye and Ear Associates have agreed to pay $1.5 million to settle potential HIPAA violations.
A 14-member gang alleged to have used stolen identities in a tax refund scheme have been charged in five criminal complaints with conspiracy to defraud the United States and other counts of theft of government property.
The Northrup Grumman Foundation has contributed $1 million to the Air Force Association toward the growing CyberPatriot competition.
Charged in 2011 with conspiracy to commit computer fraud, wire fraud and access device fraud, two hackers have pleaded guilty to hijacking the processing systems of more than 150 Subway restaurants.
Targets of the malware include government portals and Turkish financial institutions.
Charlie Miller, well-known for his work in penetration testing, will be joining Twitter's security team.
Apple has released Java updates to patch vulnerabilities in Mac OS X Lion, Mountain Lion and Snow Leopard.
Security firm McAfee said it's amassed 1.5 million more malware samples in the second quarter of this year compared to the first quarter.
The latest version of Mozilla's Firefox browser features security fixes for more than 30 vulnerabilities.
A new data-stealing trojan has turned up on the systems of one of Radware's customers, according to researchers at the network security firm.
In a week, Adobe pushed two security updates for vulnerabilities in its Flash Player, affecting Windows, Macintosh, Linux and Android operating systems.
