Tax and donation information was revealed on hundreds of Canadians, some of them prominent.
A year after the massive breach at the retailer, authorities are keeping mum, but security pros say signs point to Ukrainian man.
An executive's system was reportedly infected by malware after he charged an e-cigarette purchased on eBay through his system's USB port.
The National Association of Federal Credit Unions is asking Congress to establish national data breach and notification standards for retailers.
Rebecca Richards took to Tumblr to address concerns about the NSA's activities and Edward Snowden's leaks.
The Boston-based hospital agreed to the fine related to its 2012 data breach which left information on thousands of patients vulnerable to compromise.
The company disclosed the lawsuits as part of its quarterly earnings report.
The technology company launched a new dashboard to keep users aware of devices that are linked up to their accounts.
A researcher at Symantec traced DroidJack's origins back to legitimate Android app developers and previous RATs.
The potential issue began on Monday when an image of a skeleton appeared on employee computers along with a message stating, "Hacked By #GOP."
A phony Starbucks Instagram account is potentially being leveraged by miscreants to steal personal information.
In a message to members, Malwarebytes CEO Marcin Kleczynski said no personal data was stolen when a forum server was hacked.
The latest update of the software provides futher hardening against a vulnerability that was mitigated in the Oct. 14, 2014 release.
Police nabbed five suspects in a series of raids, all for being suspected of using Remote Access Trojans to compromise computers.
A judge made public documents related to 529 requests by police in Charlotte, N.C. as part of their cellphone surveillance efforts.
In a letter to NIST, privacy organizations and companies called for secure encryption standards.
The FBI and Homeland Security's US-CERT team have both warned that online scams, taking advantage of the holiday shopping frenzy, will be plentiful this season.
The 29-member Global Commission of Internet Governance Innovation features political leaders, global academics and business leaders that will explore pressing topics in the digital world.
Experts at Symantec have come across a sophisticated cyber espionage tool that exhibits a rare complexity of features similar to past cyberespionage malware.
The director of the NSA stated that China, as well as "one or two" other countries, is capable of launching cyberattacks to shut down electric grids and other critical infrastructure in parts of the U.S.
Jacob Mahonri Espinal hacked into his school's computer system to bring his grades up from academic probation status to straight As.
Two telemarketing operations conned thousands of customers by tricking them into buying into tech support services for computer problems that didn't exist.
Earlier this month, it was revealed that DOJ uses "dirtboxes" attached to aircrafts to spy on Americans' mobile devices.
The EFF, Amnesty International and other organizations are lending support to Detekt, an open source spyware detection tool.
Researchers at Kaspersky Lab said the first trojan banker, published by "Governo Federal," was predictable.
An advisory was issued on Wednesday regarding a denial-of-service vulnerability in Drupal 7 and a session hijacking flaw in Drupal 6 and 7.
Panelists at the closing keynote at SC Congress 2014 in Chicago urged attendees to work with the FBI to unravel breaches.
Researchers at McAfee have identified a new attack that exploit a Microsoft Word ActiveX control vulnerability.
The popular messaging app announced on Tuesday that it has already begun encrypting users' messages.
Google Chrome 39 was promoted to the stable channel for Windows, Mac and Linux on Tuesday and contains 42 security fixes.
With more than 400 technical, government and cyber experts involved, Cyber Coalition 2014 tested the speed of sharing threat intelligence.
Nicolae Popescu and Dumitru Daniel Bosogioiu are wanted for organizing an international crime scheme that led to millions of lost dollars.
PricewaterhouseCoopers surveyed more than 700 financial service companies and found that they plan to bulk up their cybersecurity efforts in the coming years.
Brian Krebs reported on Monday that malware found in Staples stores was observed to be communicating with command-and-control networks used by attackers in the Michaels payment card breach.
The tech company delayed the release of bulletin MS14-068 until Tuesday.
The tech company addressed vulnerabilities in its newly released iOS 10 and improved reliablity on OS X Yosemite.
Democrats on a House oversight committee have asked Secretary of State John Kerry when the breach was first discovered.
Veterans Affairs has failed an annual cybersecuirty audit for the 16th year in a row, a new report reveals.
Judges in Pierce County, Wash. approved a new requirement that would make law enforcement officials explicitly cite when they plan to use 'stingray' technology during an investigation.
More than half of UK organizations would consider hiring a hacker or person with a criminal record in order to keep ahead of cyber crooks, a KPMG survey found.
Gh0st RAT was identified in a spear phishing campaign to target Tibetan NGOs recently.
Police in Beijing arrested three suspects behind the malware that targeted users in China.
Israeli police arrested eight former Leumi employees in a scheme to extort millions of shekels.
Facebook unveiled its "Privacy Basics," guidelines that help users control and protect their information.
Security firm Symantec calls the cyberespionage campaign "Operation CloudyOmega."
Arturas Samoilovas allegedly illegally accessed the computer network of Eaton Corporation and installed malware after he was denied a position at the company.
The funding will support the development of two new supercomputers.
A federal judge has said Apple must face a lawsuit that claims it didn't reveal that text messages would be blocked when iPhone users switched to Androids.
Apple maintains that customers aren't at-risk targets for the Masque Attack if they operate within the App Store. Meanwhile, US-CERT issued a warning regarding the attack.
A report by Ari Kaplan Advisors and sponsored by Nuix found most infosec pros collaborate with data managers.
An app masquerading as a provider of downloadable content was, in actuality, a SMS trojan that could have subscriber victims to a daily feed that cost 37 cents per day.
The personal information included card and linked account numbers, card expiry dates and cardholder names.
Researchers at Fortinet have uncovered an aggressive variant of Dofoil, a botnet once believed to be dead.
The Intel Security Digital Safety Program supports cybersecurity education among elementary school children.
Kaspersky Lab researchers are confident they have identified the first five victims, or patient zeroes, of the Stuxnet worm.
Researchers at Integrity Labs say the vulnerability, if left unpatched, could allow attackers to gain control over affected devices.
Software updates are now available for the Flash player and Adobe AIR after vulnerabilities were found that could give attackers the ability to execute code or escalate privileges on a machine.
The attacks were detected and incident response began immediately, with unscheduled maintenance being performed to mitigate the threat.
The American Postal Workers Union filed charges to the National Labor Relations Board against the Postal Service for failing to notify them earlier about the recent breach.
In a notification letter to customers, Amex said law enforcement has arrested an individual possessing stolen personal and account information.
Trend Micro researchers observing two keyloggers have released their findings in a paper.
Attackers are using stolen email addresses to try to steal victims' bank account numbers.
Following a review by the board and Kheradpir's involvement in "a particular negotiation with a customer" there has been a shift in leadership at the network services firm.
Home Depot's breach could have resulted from a vulnerability in Windows that was patched too late into the attack.
The Kaspersky Labs Global Research and Analysis Team came across the campaign, which hides on the networks of hotels located in various countries.
A college student showing off his technical prowess hacked into websites of malls, hospitals and universities.
Mozilla is heeding user desire for internet privacy by collaborating with the Tor Project and the Center for Democracy & Technology.
The Department of Energy contract will allow Norse to support the agency's Cybersecurity Risk Information Sharing Program (CRISP).
US-CERT issued an alert on Monday, warning all users that Microsoft is ending support for the Windows Server 2003 operating system on July 14, 2015.
A letter sent to Congressional leaders states that legislation to address data breaches should cover all entities that handle sensitive information.
The PCI Security Standards Council announced its new Special Interest Group (SIG) projects for 2015 earlier this week.
The Associated Press reported that a hack, similar to past intrusions by Chinese hackers, went unnoticed by USIS for months.
Damballa observed the spike in infections, which followed a Backoff peak in Q3.
The government has begun encrypting user data on two websites providing AIDS-related information.
Christopher Lykes, a former employee with the South Carolina Department of Health and Human Services, was sentenced to three years of probation and must serve 300 hours of community service.
The Electronic Frontier Foundation will have a change in leadership come January as Shari Steele steps down.
Accuvant and FishNet Security are joining forces to offer a broader suite of services, smarter solutions, more expertise and expanded reach.
In a preview of its 2014 CISO study, IBM revealed leaders' top cloud security concerns.
New European restrictions will require spyware manufacturers to get the EU's permission before exporting their product.
FS-ISAC teamed up with the Depository Trust & Clearing Corp on the Soltra Edge platform which will deliver information on breaches and threats to the financial sector.
Fredrik Neij was arrested at the Thai-Laos border earlier this week on copyright violation charges.
The social media company reported that governments made 34,946 requests for user data, which represented a 24 percent increase since the last half of 2013.
More than 130,000 computers have been infected by the malware in the country, which encrypts communication with its C&C servers to avoid detection.
Vladimir Drinkman, who was charged for his involvement in the Heartland breach, is currently in the Netherlands.
The tool, called "notogotofail," tests whether devices and applications are secured against known TLS/SSL flaws and misconfigurations.
FireEye researchers have observed ties between DDoS attacks against Hong Kong pro-democracy protesters and APT activity based in China.
A Swedish hacker says he won't divulge details of the vulnerability until January, after Apple patches it.
Scott Walton served as a lead member of the SnappzMarket Group, which conspired to illegally reproduce and distribute more than one million copyrighted Android apps.
Shannon is a senior member of IEEE and is well-versed in working with industry, government and academia on cyber issues.
The social media site launched its Tor-friendly version to accommodate users who might want to keep their identities anonymous.
The newly created company Resolution1 will be responsible for cybersecurity incident response business.
The increase could be attributed to a recently discovered spam campaign that involves phony emails claiming to be from the Canadian Post or USPS.
Researchers at PhishMe warned of the campaign that uses purported payment confirmations to fool victims.
In its Q3 threat intelligence report, Solutionary learned that 75 percent of organizations it assisted had no response team or policies and procedures to address cyber incidents.
Conducted by the European Union Agency for Network and Information Security, the simulation launched 2,000 attacks on the networks of various critical infrastructure organizations.
In readying a libel suit against DoubleVerify, FilmOn says it discovered that the firm deliberately distributed malware.
Sen. Charles Schumer of New York has called on federal law enforcement officials to stop "copy cat websites."
Researchers at Trend Micro found that attackers were targeting Simple Mail Transfer Protocol (SMTP) servers to execute malicious code and an IRC bot.
The Italian spyware company had its manuals posted online that detail how thoroughly an infected user's actions can be monitored.
A recent Gallup Crime poll indicates that Americans' top two worries revolve around having credit card data stolen or their computer or smartphones compromised.
Sign up to our newsletters
SC Magazine Articles
- APT operation 'Double Tap' exploits serious Windows OLE bug
- 'DoubleDirect' MitM attack affects iOS, Android and OS X users
- Android malware 'NotCompatible' evolves, spawns resilient botnet
- The Internet of Things (IoT) will fail if security has no context
- Regin: nation-state possibly behind the stealthy modular spying malware
- Operators disable firewall features to increase network performance, survey finds
- DDoS attacks cost organizations $40,000 per hour, survey finds
- Waste no time patching Windows Schannel, OLE bugs, experts warn
- Study: 68 percent of healthcare breaches caused by loss or theft of devices, files
- Spin.com redirects to Rig Exploit Kit, infects users with malware, Symantec observes
- Study: 'High priority' issues hamper endpoint security solution implementation
- Researchers identify POS malware targeting ticket machines, electronic kiosks
- Pirated Joomla, WordPress, Drupal themes and plugins contain CryptoPHP backdoor
- DDoS attacks grew in size, threats became more complex, Q3 reports say
- Man gets 18 months in prison for accessing Subway POS devices, loading up gift cards