Americans worry about online crime, but leave themselves open to attack

A new Norton by Symantec study found 80 percent of Americans are worried they will be victimized by an online crime, but at the same time consumers are over confident in the belief that their online habits are safe.

BrtMedia video malvertising highlights industry shortcomings

Researchers at Malwarebytes spotted a video malvertising campaign that highlights the ad industry's lack of security.

Cryptowall 4.0 spotted in nuclear exploit kit

Researchers at SANS Internet Storm Center spotted a nuclear exploit kit delivering the Cryptowall ransomware in nuclear exploit kits.

Senate Judiciary Committee to meet on corporate cyber-espionage

The Senate Judiciary Committee will meet next Wednesday to discuss international cybertheft of corporate intellectual property.

New Linux server ransomware demands $999 bitcoin

Already a scourge on personal computers, as well as personal websites, ransomware is now going after Linux web servers.

Dell PCs vulnerable to ID-scraping code

Dell computers can be tinkered with to expose the number employees use to identify customers

Dell ships laptops pre-vulnerable to Man-in-the-Middle attacks

Dell reported that it has been shipping Inspiron 14 laptops since August that inadvertently contained the security certificate, eDellRoot, that essentially gives hackers complete access to the system.

GitHub of dark web offers anonymity, political neutrality

Dark web version of GitHub offers a place for developers to code controversial projects anonymously.

Sean Tierney to lead threat intelligence at IID

Sean Tierney, a former Morgan Stanley cyberdefense expert, is the new vice president of threat intelligence for IID.

FDIC offers additional cybersecurity resources

New online educational tools to assist bank executives in defending against cybercrime have been added to the website of the FDIC.

CryptoCoinsNews offers bounty for perpetrator of DDoS attack

CryptoCoinsNews and Hacked are offering a reward for information on a cyberattack launched against them.

LastPass flaws revealed, other password managers also vulnerable

Password managers are intended to make life easier and safer for consumers, but researchers from Salesforce have discovered a way to crack LastPass and this could mean other similar services are also vulnerable.

Information disclosure bug patched with VMware update

VMware issued an advisory to patch an information disclosure issue.

IT staffer in Georgia axed over leak of PII of 6M voters

A technology staffer in the Georgia office of the Secretary of State was fired following the dissemination a month ago of discs containing the personal information of six million Georgia voters.

China looks to build uncrackable smartphones

China is looking to construct its own secure smartphones capable of evading U.S. surveillance programs.

ISIS issues manual for using the web anonymously

From an IT standpoint it is clear the Islamic terror group ISIS takes its internet security protocols seriously.

N.C. man sentenced for running site that pirated $6M worth of music

N.C. man sentenced for operating second largest music piracy site in the country.

Anonymous shutters 5.5K pro-ISIS Twitter accounts

Anonymous claimed it took down 5,500 pro-ISIS Twitter accounts on its #OpParis Twitter account.

ISIS 'help desk' to support terror activities

The jihadist extremist militant group ISIS reportedly is taking the technological angle of its efforts seriously enough to create a "help desk" to teach recruits tricks that will allow them to communicate and pull off attacks.

Apple's Siri can leak personal data

Further security and privacy risks to users of Siri, Apple's personal assistant, have been revealed that could allow anyone to gain entry to personal data on someone else's iOS device.

G-20 nations agree: No cybertheft of intellectual property

G-20 nations struck a deal at a two-day summit in Antalya, Turkey.

Adobe update addresses secuirty issues discovered in ColdFusion and LiveCycle DS, and Premiere Clip

Adobe released security updates that address three security issues affecting its ColdFusion, LiveCycle DS, and Premiere Clip 9 products.

Plymouth boy charged over international cyber-attacks

A 15-year-old boy from the UK has been charged in connection with cyber-attacks on websites around the world and in connection with bomb hoaxes targeting North American airlines.

SC Congress Chicago: Using the proper procurement process

When it comes to procuring the correct software for an organization Ricardo LaFosse, CISO for Cook County, Ill. made several to the attendees at SC Congress Chicago today.

Trust, privacy and security issues to grow with IoT, new report

The Georgia Institute of Technology found that devices and sensors are increasingly finding their way into industry and consumers' lives.

Anonymous declares war on ISIS after Paris attacks

Hacker group Anonymous has declared war against ISIS in retaliation for the attacks in Paris on Friday night, in a YouTube video.

Magnitude EK usage gains momentum with latest Flash vulnerability

What had been the relatively quiet Magnitude exploit kit (EK) has been picking up some steam of late having been spotted on several online ad networks, according to a researcher at Malwarebytes.

U.K. man headed to prison for DDoS attacks

A 51-year-old British man is headed to prison after being found guilty of DDoS attacks that knocked more than 300 websites offline in 2013.

Gmail plans to notify users when inbound emails are unencrypted

Google announced that it will soon start to notify users when incoming Gmails are unencrypted

FBI seeking one of the JPMorgan hackers

The FBI and U.S. Secret Service are looking for Joshua Samuel Aaron, one of the four people indicted by U.S. authorities this week for the JPMorgan Chase hack.

Microsoft plans to open two new data centers in Germany

Microsoft reported this week it will deliver several of its Cloud services from two new datacenters in Germany.

Cherry Picker POS malware spotted in wild: Trustwave

Researchers have spotted the POS malware dubbed "Cherry Picker" targeting the food and beverage industry.

Juniper Networks names Kevin Walker security CTO

Juniper Networks today appointed Kevin Walker as security chief technology officer.

Malvertising on Barclays Premier League fantasy site exploits Flash vulnerabilities

Malwarebytes spotted malvertising on the Barclays Premier League official fantasy site that redirected users to Nuclear Exploit Kits that exploited Flash vulnerabilities.

D.C. man pleads guilty to filing fraudulent income tax returns

A Washington D.C.-based man pleaded guilty on Tuesday to charges that he participated in an identity fraud scheme that netted more than $315,000 in fraudulent federal income tax returns.

U.S., Cuba officials meet over cybercrime

U.S. and Cuban officials met Monday to discuss cybercrime, according to the State Department.

Apple, Google pull malicious InstaAgent app from stores

Google and Apple have both removed the third-party Instagram app InstaAgent from their respective app stores that was busy stealing user passwords.

Critical flaw patched in Symantec console

A security update patches a critical flaw in the management console for Symantec Endpoint Protection Manager.

Obama taps acting OPM director Cobert to take over full time

Beth Cobert, acting director of the Office of Personnel Management's (OPM) was nominated Tuesday by President Obama to become the department's permanent leader.

DHS official to meet with China to discuss cybersecurity agreement

Homeland Security Deputy Secretary Alejandro Mayorka will meet with senior Chinese officials to discuss cybersecurity agreements.

New round of venture capital for Tenable Network Security

With $250 million being raised in a Series B funding round, Tenable Network Security has its welcome sign out looking to fill dozens of openings in a number of countries.

Ford vows to protect data, seeks car owner permission to share

Even as it adds more electronics to its vehicles, Ford will make personal data protection a priority, promising not to use customer data without the express consent of the car owner, a Ford executive said Wednesday, speaking at Web Summit in Dublin.

Seven House Democrats travel to China to talk cybersecurity

Seven House Democrats traveled to China this past week to discuss cybersecurity, among other issues.

Islamic State retaliates for drone killing, leaks credentials for 54K Twitter accounts

Cyber Caliphate hacked and leaked account credentials for more than 54,000 Twitter as well as personal details on U.S. officials.

Blue Coat tacks on Elastica for $280M

Blue Coat Systems will acquire Elastica, a cloud security startup founded in 2012. Blue Coat will pay $280 million for the San Jose, Calif., cloud security company which started up iin 2012.

Hackers go after construction plans for new Australian subs

Shipbuilders bidding to construct the next generation of submarines for the Royal Australian Navy are reporting multiple hacking attempts with the German firm ThyssenKrupp saying there are 30 to 40 intrusion attempts every day.'s cyber hygiene leaves models at risk puts models and users at risk with weak password security

Cyber-protection events for public supported by EC3

Europol's European Cybercrime Centre (EC3) is supporting a series of cyber-safety walk-in events commencing on 9 November.

High-Frequency trader convicted in first federal prosecution of "spoofing" charges

Michael Cosiscia was convicted for disrupting commodity futures prices in a $1.4 million fraud scheme marking the first federal prosecution of its kind.

European Commission issues Safe Harbor guidelines while new deal remains to be seen

The European Commission issued new Safe Harbor clear guidelines along with a time frame to finish negotiating a fresh deal on Friday.

Financial agency warns of increased ransomware attacks

Regulatory agencies in the U.S. are increasingly concerned by ransomware attacks against financial institutions. The Federal Financial Institutions Examination Council (FFIEC) published a statement warning financial institutions of an uptick in the "frequency and severity of cyber attacks involving extortion."

Cox to pay $595,000 over Lizard Squad hack

Cox Communications reached a $595,000 civil settlement with the Federal Communications Commission's Enforcement Bureau bringing to a close an investigation over whether Cox failed to properly protect customer data.

ProtonMail hit with ransom demand after DDoS attacks

Email service provider ProtonMail paid a ransom demand after experiencing two apparent DDoS attacks, but to no avail.

Scottish man indicted for using Twitter to manipulate stock prices

A Scottish citizen was indicted by a federal grand jury in San Francisco Thursday for allegedly using Twitter accounts to manipulate stock prices causing $1.6 million in losses to shareholders.

Anonymous releases names of supposed KKK members

Anonymous followed up on its threat to out people it believes are KKK members with the release of hundreds of names on Pastebin.

Many U.K. workers willing to sell their company's IP: Study

Demonstrating that financial gain can be a motivator for nefarious activity, 35 percent of employees were willing to sell their firm's intellectual property if the price was right.

U.S. officials targeted in spate of Iranian cyber attacks

Iran's Revolutionary Guard Corps (IRGC) launched a spate of cyberattacks targeting the email and social media accounts of Obama administration personnel in recent weeks.

'Crackas with Attitude' say they're at it again; claim hack of FBI deputy's email

The teen hackers who infiltrated the email account of CIA Director John Brennan said they are prying into the accounts of other government officials, most recently claiming to hack an email account of FBI Deputy Director Mark Giuliano.

Chaffetz proposes federal bill to ban warrantless stingray use

Rep. Jason Chaffetz (R-Utah) introduced a bill aiming to ban the use of stingrays and other surveillance equipment without a warrant.

JPMorgan Chase CSO reportedly reassigned following data breach

JPMorgan Chase & Co.'s CSO Jim Cummings reportedly was reassigned to a new position within the bank following the company's major data breach this past year.

Health and Human Services CIO will be stepping down

HHS CIO Frank Baitman is stepping down from his post at the end of the month.

XcodeGhost hits U.S.firms, targets iOS 9

XcodeGhost has been spotted in U.S. enterprises along with a new variant that is designed to infect iOS 9 systems.

Goldman invests $35 million in iboss Cybersecurity

Iboss Cybersecurity raised $35 million from Goldman Sachs' Private Capital Investing group, in a Series A transaction that values the company in excess of $500 million.

OPM appoints new cyber advisor

The U.S. Office of Personnel Management (OPM) appointed Clifton Triplett as the agency's new cyber and information advisor.

NEWS ALERT: U.S. releases privacy framework for federal agencies

The U.S. government Tuesday put forth a privacy framework for federal agencies.

Google patches two critical vulnerabilities in Nexus devices

Google has patched two vulnerabilities in Nexus devices that could enable remote code execution and more.

Banks warn Apple Pay users against storing family members' fingerprints on iPhones

Banks are warning Apple Pay users against storing other people's fingerprints on their iPhones, with a threat that would void terms & conditions agreements.

Salt Lake schools hit with DDoS attack

The Salt Lake City School District was struck by a DDoS attack last Friday that brought down the district's website, phone system and online administrative tools.

Firefox 42 offers tracking protection feature to boost privacy

Mozilla included a Tracking Protection feature in the new Firefox Version 42.0 for Windows, Mac, Linux and Android that will give users more control over the information they share with third parties.

Kevin Spacey, WISeKey team up to raise cyberawareness

The internet security firm WISeKey has named "House of Cards" actor Kevin Spacey as an industry ambassador to help raise awareness for cybersecurity issues.

Kaspersky says CoinVault and Bitcryptor done

Kaspersky Lab has declared CoinVault and Bitcryptor dead following the both the arrest of its alleged authors and release of a final set of decryption keys.

F-Secure launches bug bounty program with max reward valued at nearly $17,000

F-Secure launched a bug bounty this past week, which could dole out max rewards amounting to approximately $16,527.

Latest Adobe Flash vulnerability now in Angler, Nuclear EKs

Malwarebytes is reporting that once again Adobe Flash Player has become a target as the recently patched zero-day exploit that was discovered and patched has become a part of several exploit kits (EK).

U.S. Air Force adds extra pay for cyberspace specialists

The U.S. Air Force has added cyber warfare operations as a job position eligible for special duty pay.

First National Bank of Omaha issuing new debit cards after large breach

An unannounced data breach at a large firm prompted First National Bank of Omaha to reissue debit cards to customers in seven states.

ACLU questions FBI aerial surveillance of Baltimore protests, calls for greater transparency

The American Civil Liberties Union called for greater transparency from the FBI after obtaining FOIA documents detailing surveillance flights conducted during the Baltimore protests.

European and American authorities reportedly closing in on Safe Habor 2.0 agreement

European and American diplomats are reportedly negotiating a "Safe Harbor 2.0" agreement to allow for data transfers to the United States while also addressing European privacy concerns, Reuters reported on Thursday.

German police coordinate with Europol to nab DroidJack users

German police, working with the European Union's criminal intelligence and judicial agencies Europol and Eurojust, conducted raids on the homes of DroidJack users throughout Germany.

Germany seeks agreement with China to thwart cyberespionage

In a pact similar to the one it formed with the U.S., China has agreed to work with Germany to put an end to cyberespionage.

European Parliament vote urges EU countries to protect Edward Snowden

The European Parliament voted on Thursday to call on EU member states to drop criminal charges against Edward Snowden and prevent his extradition.

Anonymous threatens to expose the identities of KKK members

The hacking group Anonymous is threatening to pull off the hoods of 1,000 Ku Klux Klan members as part of an on-going battle between two groups.

Scottish hair salon pays hackers after ransomware attack

Ellen Conlin Hair & Beauty, a Scottish chain of hair salons owned by the husband-wife team Ellen Conlin-Main and Ken Main, reportedly paid hackers € 1,000 in Bitcoin to recover the salon's data.

Researchers leak location and enable MitM attacks on LTE devices

Researchers demonstrate attacks against LTE devices to expose vulnerabilities and practical attack points.

Border gateway protocol pegged as major internet vulnerability

Border gateway protocol, BGP, is being pointed out as a source of lacking internet security in a recent Wall Street Journal article.

Anthem attack possibly over insurance industry knowledge

The suspected Chinese hack of health insurer Anthem may have had more to do with that nation's leaders being interested in learning how to provide healthcare for its population than stealing data.

Cisco to acquire Lancope for $452 million

Cisco will acquire Lancope, a network behavior analytics and cybersecurity firm, for $452 million in cash and equity.

Hackers target Asian mobile porn enthusiasts with malware

Chinese, Japanese and Taiwanese Android users are being hit with an abundance of porn-themed malware, according to a new Trend Micro report.

Iranian hackers show growing interest in Android RATs

Iranian hackers show increasing interest in DroidJack and AndroRAT over other other RATs commonly used to target Android devices.

Yahoo names Bob Lord as CISO

Yahoo hired Bob Lord as the company's new CISO, according to a blog post by Jay Rossiter, SVP, product and engineering, science and technology at Yahoo.

CISA WATCH: Four of five CISA amendments struck down during morning Senate session

The Senate met to discuss and vote on amendments to CISA on Tuesday and most of the morning's amendments were struck down.

IRS owned at least one Stingray, records show

The IRS has owned at least one Stingray, Freedom of Information Act (FIOA) documents show.

CISA Watch: Final bill preview draws EFF criticism

The Electronic Frontier Foundation took issue with an amendment released by the sponsors of the Cyber Information Sharing Act (CISA) that it says previews the final version of CISA, saying that two such releases in two days "should be a sign to Senators that more debate is needed" on the bill.

Diebold creates iris-scanning ATM, no card required

A new ATM will be able to grant customers permission to withdraw money through a scan of their irises or a QR code on their smartphones.

Adobe Shockwave Player update addresses critical vulnerability

Adobe on Tuesday released a security update for Shockwave Player that addresses a critical memory corruption vulnerability.

Tumblr, Etsy and others urge EU to further discuss net neutrality ramifications for new proposal

The European Union plans to discuss new rules this week that, in its eyes, will "protect" net neutrality; some tech companies have argued otherwise.

Wichita schools investigates possible cyber attack

The Wichita, Kansas public school system is investigating a possible hacking attempt on one of its networks that took place on Oct. 23.

Facebook quietly supporting CISA, privacy group says

A digital privacy group called Fight for the Future said Facebook has been quietly supporting CISA, while publicly opposing the cyber bill, quoting anonymous sources.

Duuzer trojan targets S. Korea industry

Researchers at Symantec discovered a backdoor trojan targeting the manufacturing industry in South Korea.

Former NSA chief's startup picks up $32.5M in funding

Trident Capital Cybersecurity took the lead in a $32.5 million round of Series A funding for IronNet Cybersecurity, a startup founded by former National Security Agency (NSA) Director Keith Alexander.

Phishing campaign targets Android users in Russia

A new phishing campaign targeting Android users in Russia threatens to steal the mobile banking credentials of mobile banking users, according to post on the Symantec blog.

Sign up to our newsletters