The Necurs and Zbot trojans, as well as CryptoLocker ransomware, has been observed by researchers as being spread through another trojan, known as Fareit.
Mozilla will offer bug bounty hunters $10,000 if they dig up critical vulnerabilities in a new certificate verification library, which is on pace to be included in Firefox 31.
The UK revenue agency is considering selling anonymized taxpayer data to third parties.
Nine men were sentenced this week, with the group's leader getting five-and-a-half years.
Officials haven't confirmed a DDoS scheme, but noted the attackers hit the hospital's website with large attacks designed to overwhelm it with traffic.
The FBI believes that the lax security systems that the health care industry has in place make it a prime target for cyber attacks.
The bank also oversaw last year's "Waking Shark II" simulated cyber attacks throughout London.
The men allegedly infiltrated 30 government websites in addition to private sector sites.
Released Tuesday, the update prevents exploit via "triple handshake" attacks, which could allow a bypass of encryption safeguards.
The new media policy states that U.S. intelligence employees who have "unauthorized" contact with the media could lose their jobs.
AOL confirmed on Monday that it was aware of the issue and working to remediate the situation.
A Philadelphia man entered an open guilty plea to a scam that lowered the monthly bills of 5,790 Comcast customers who each paid between $75-$100.
In an open letter to the NIST, a group comprised of a dozen privacy groups urged the agency be more transparent.
Parents and educators questioned data privacy and security at the startup, which was financed in part by the Bill and Melinda Gates Foundation.
Pretty Good Privacy, or PGP, is an encryption method that was created in the early '90s.
Security firm Mandiant detailed the heartbleed exploit, which was used on one of its clients.
A Dutch minister of justice will decide where Vladimir Drinkman will land to face charges related to his involvement in the cyber crime collective responsible for the Heartland Payment breach.
Facebook debunked a reported claim by Mauritania Attacker, the alleged leader of hacktivist collective AnonGhost, that the social media website is vulnerable to DNS attacks.
After reviewing government websites for Heartbleed exploits, HealthCare.gov changed users' passwords.
The threat, dubbed "Unflod Baby Panda," was discovered by Reddit users and analyzed by researchers at the German-based security firm, SektionEins.
The bill would ban businesses from storing sensitive payment data, for any long than required, even if it is encrypted.
After suffering a massive bitcoin theft, the exchange faces liquidation of its assets in Japan.
A University of Pittsburgh Medical Center spokeswoman announced that at least 788 employees were victims of tax fraud as a result of a February attack.
Bugcrowd, an Australian security start-up, will organize the funding drive in hopes to further secure the open source software.
A new website created to aid consumers in quickly reporting cyber crime is now available.
Unknown attackers used the finance director's email account to request wire transfers from the school district's accounting department.
Grams Darknet Market Search is patterned after Google and can only be accessed through the Tor browser.
The message snafu affected only customers with a Virgin.net account.
The possibly foreign malware affected all computer systems and left little for investigators to work from because it was designed to self-destruct.
Emails purporting to come from Starbucks actually come attached with a modified version of the Zeus banking trojan, but numerous spelling and grammar mistakes should give the scam away.
Researchers identified a vulnerability in WhatsApp that could enable an attacker to intercept shared locations using a man-in-the-middle attack, or a rogue access point.
The company is currently dealing with a lawsuit that challenges its email scanning practices.
An upcoming college competition will test students' abilities to defend a simulated small company's servers against possible security threats and attacks while keeping the servers running.
London-based CNS Hut3 warns that flaws in many Heartbleed detection tools could give companies a "false sense of security."
Two members of different Android app piracy groups pleaded guilty this week to conspiracy to commit criminal copyright infringement.
About 18 percent of online adults have had personal information stolen, and more than 20 percent had an email or social networking account compromised.
LaCie confirmed an unauthorized party used malware to access its online payment system for almost a year and could have stolen customer information.
The Next Generation Identification database currently has more than 16 million face images, and is expected to house more than 52 million images by next year.
Lawyers for Mark Karpeles told a federal judge the Mt. Gox founder must first secure legal counsel to represent him in a Treasury Department subpoena.
An attacker stole information on 500,000 individuals that submitted inquiries on the Harley Medical Group website, and then attempted to extort the UK-based cosmetic surgery group for money.
The head of Google's Webspam team would like to see the company reward developers for encryption in an attempt to better protect Web users.
Fidel Salinas allegedly attempted to access the Hidalgo County server multiple times between November 2011 and January 2012.
The law, Wis. Stat. Section 995.55, was enacted last week.
A quick fix was issued to Flickr SQL injection flaws that could open the door for remote code execution after a researcher identified the issues and reported it to Yahoo.
The social insurance numbers of 900 taxpayers were accessed in the breach, according to the agency.
After a Kentucky bill passed on Thursday, only three states remain that do not have any data breach notification laws.
An online poker news site tested dozens of sites and found numerous vulnerabilities.
A Twitter account attempting to mask itself as part of an EA Sports official support team sent video game players a malicious link that could have handed over hundreds of logins.
Surveillance video released in Lakewood, Colo., shows a suspect known as Steve Locke carrying purchases made with stolen cards.
A federal appeals court determined that New Jersey was the wrong venue to convict and sentence AT&T hacker Andrew "weev" Auernheimer.
Plaintiffs claim that stolen personal information was sold and used for fraud and identity theft.
The personal information was used to create fake cards and create charges worth at least $115,000.
The device was found attached to a MetroCard machine at the Columbus Circle 1 train station.
In the wake of uneven disclosure of the Heartbleed bug among companies affected, a joint agency statement outlined a framework for information sharing.
A vulnerability in Google Chrome can allow an attacker to stealthily listen in on someone, even if microphone access is blocked.
The Heartbleed Bug is a critical OpenSSL flaw said to leave online information, including payment card data, vulnerable to being exposed.
On Tuesday, the company unveiled the coming changes.
A Georgia man has plead guilty to racketeering charges related to a credit card trafficking ruse that resulted in more than $50 million being lost globally.
Jamie Dimon wrote that the bank will have spent more than $250 million annually by the end of the year on cyber security and faces increasingly complex and more dangerous" attacks.
Introduced Tuesday, the Digital Privacy Act includes stiff penalties for organizations that fail to adequately respond to breaches.
The July event allows students to work alongside professionals to learn about car IT security and then participate in challenges to apply their knowledge practically.
Efforts are now reportedly underway in Iowa and North Carolina as part of a multistate probe.
A Tuesday update addresses critical Adobe Flash Player vulnerabilities that could allow an attacker to take control of Windows, Macintosh and Linux systems.
Blackberry issued an advisory yesterday warning Blackberry 10 customers that a remote code execution vulnerability could threaten their phones' security.
Educational institutions may be the target of Anonymous in its latest 'OpSafeEdu' campaign, according to an alert issued by the Center for Internet Security.
The Federal Trade filed a complaint against the operators of "Jerk.com" for breaking the FTC Act by misleading consumers.
Under the reforms, state and local law enforcement must obtain search warrants to access electronic devices' location information and electronic communications content.
Experts have uncovered a phishing ruse that leverages a fake voting campaign to trick users into giving up their Facebook login credentials.
A Flickr flaw that Yahoo initially would not recognize as a bug has now been fixed, and the internet corporation is compensating the bug bounty hunter that brought it to attention two months ago.
The vulnerability allows fake apps to hijack real app updates then uses them to steal stored information.
After a favorable lower court ruling, a political activist tried to bypass the federal appeals process by directly petitioning the Supreme Court.
An additional 170,200 Los Angeles County Department of Health Services clients were identified as having been impacted in the February theft of computers from Sutherland Healthcare Solutions.
A public face of the hacktivist collective Anonymous reaches plea deal with federal prosecutors but still faces a charge for threatening a federal agent.
Google paid more than $1 million to Italy after a regulator found the company's Street View cars violated citizens' privacy by taking photos without their knowledge and permission.
A default "admin" password left in place by Optus for remote administration can allow hackers to access subscribers' home phones and networks.
The social media giant received close to 15,000 submissions, 687 of which were valid.
A five-year-old figured out a bug in Xbox One that allowed him to log into his dad's account and have fun with games he was told not to play.
The Federal Financial Institutions Examination Council (FFIEC) notified the industry on Wednesday.
On Wednesday, Yahoo's CISO Alex Stamos announced the security measures.
Added security and no longer having to memorize increasingly difficult passwords are some of the benefits resident members of Singapore's NTUC will get by activating their new OneKey two-factor authentication devices.
Target customers aren't as happy as they were at this time last year after the company's massive data breach, according to new research.
A former Microsoft employee has pleaded guilty to charges related to sharing software code for looming company products.
A bug demonstrated by a YouTube user on Wednesday may enable a thief to delete an iCloud account, disable Find My iPhone, and ultimately restore the device, without the need of a password.
Ellie Mae had its services shut down yesterday after a suspected distributed denial-of-service (DDoS) attack.
The FTC Chairwoman cites 50 cases the commission has settled, including recent agreements with Fandango and Credit Karma.
A U.S. Bankruptcy judge ordered Mt. Gox CEO Mark Karpeles to appear for a deposition on April 17 at the offices of the Bitcoin exchange's law firm.
Experts have discovered a piece of malware that has infected 24,000 computers worldwide, and has been used by up to 487 criminal groups.
Apple's Tuesday update to Safari 7.0.3 and 6.1.3 fixes 27 vulnerabilities, most of which can enable arbitrary code execution.
A database of more than 158,000 Boxee.tv accounts was posted anonymously on the Tor Network, according to a security company.
HiringSolved, a start-up recruiting company, was named in an amended complaint, as well as its founder. The social networking service claims they violated its terms of agreement, as well as copyright and hacking laws.
Ross Ulbricht's attorney argued that Bitcoin isn't money in its legal definition.
Five phony Google apps appeared in the app store, each with a $1.99 price tag, before being removed by the company.
The hacktivist collective Anonymous organized a DDoS attack that made good on its promise to shut down the Albuquerque Police Department's website.
In addition to tapping German Chancellor Merkel's cell phone, the NSA included her and more than 100 foreign leaders in a surveillance database.
In the month since its discovery, CryptoDefense has been profitable for its authors who have targeted Windows users, Symantec says.
After researchers showed how they could take control of and take data off recent Philips Smart TVs, the Wi-Fi Alliance has contacted the technology company over its passphrase implementation relating to Miracast.
Canada's government was plagued by more data breaches in a recent 10-month period than in the 10 years prior with nearly 80 percent occurring at the CRA.
Poor sales and a drop in income in the wake of a high-profile breach prompt Standards & Poor to downgrade Target's credit rating one level.
Hacked Pinterest accounts began posting weight loss spam, and pictures of butts too.