Symantec researchers revealed that the backdoor is dropped after attackers exploit a Windows ActiveX vulnerability.
A blog post on Check and Secure website said 70 percent of U.K. users haven't fully updated their internet browsers
Daniel Stratman was a senior at University of Nebraska-Lincoln when he was arrested for hacking into the university's computer system and accessing personal information.
Lauri Love allegedly stole the information of more than 100,000 government employees and is already facing charges in New Jersey and New York.
European Central Bank discovered the breach when it received an anonymous email requesting money in exchange for the data.
The conference will be anchored by the Maryland Cyber Challenge and Competition, a security job fair, and more.
The two-week exercise, "Cyber Guard 14-1," was completed this month.
More than 12,000 patients' personal and health information was compromised in a breach at The Women & Infants Hospital of Rhode Island.
Miguel Corzo, the IT manager who was fired on Tuesday, claims Maricopa County Community College District is making him into a scapegoat.
Researchers at Symantec say attackers are becoming more aggressive and using Facebook scams to exploit users' computers.
The schools earned NSA's Centers for Academic Excellence designation for their cyber offerings.
The company sold its Junos Pulse products for $250 million to Siris Capital, a private equity firm.
In total, Firefox 31 brings 11 patches for several flaws affecting the web browser.
Android/Simplocker ransomware now encrypts archive files, asks to be installed as a Device Administrator, and delivers an English-language ransom message.
The Wall Street Journal confirmed on Tuesday that an outside party exploited a vulnerability and hacked into its new graphics systems.
Researchers at Websense say visitors to Metro.us are sent to websites hosting the Rig Exploit Kit, used in the past to distribute CryptoWall.
A McAfee study found that searches pertaining to Superman exposed users to the most infected websites.
Black Hat organizers say legal counsel for the Software Engineering Institute and Carnegie Mellon University nixed the session.
The ruling comes nearly three years after a computer theft occurred at the organization.
Indictments unsealed in the Northern District of Georgia on Monday charge members of three separate Android app piracy groups.
The command-and-control for a new ransomware identified by Microsoft as Critroni is hidden on the Tor network.
Credit card and debit card data may have been compromised at several Goodwill locations around the country.
The vulnerabilities can be exploited remotely, and fairly easily, by an attacker to hijack sessions and crash the web server of the product.
A man and a woman were sentenced to 14 years for conspiring to steal money in a phishing scheme that was then used to transport criminals into the U.K.
Shortened URLs on Facebook, leading to a risqué webcam video, are actually being used to spread malware.
Apple just recently began encrypting its user iCloud messages that are sent to third-party providers.
The SyScan +360 conference offered a $10,000 prize to anyone who uncovered vulnerabilities in Tesla's Model S car, which the automaker vowed to fix.
Bloomberg revealed that hackers used two zero-day flaws to breach NASDAQ's servers in 2010.
Through their new study, two Microsoft researchers concluded that users should reuse less complicated passwords for accounts that don't require as much protection.
An Israeli broadcasting regulator confirmed that the incident occurred.
The U.K.'s data security watchdog has disclosed a data breach it suffered in the last year.
An Australian daily deals website company, Catch of the Day, alerted its users on Friday of a data breach that impacted one of its websites in 2011.
The CryptoLocker copycat ransomware was behind the May breach, the firm said in a notification letter to New Hampshire's attorney general.
On Wednesday, Symantec released details on the malware's developed features.
The National Consumer League's findings prompted the state's attorney general to speak about data breaches' implications.
Much to the chagrin of privacy advocates and other security experts, the Cybersecurity Information Sharing Act of 2014 passed the Senate Intelligence Committee last week.
Lookout has identified a ScarePakage mobile ransomware that renders Android phones inoperable and attempts to extort ransom via MoneyPak vouchers.
While eBay reported healthy financials for the second quarter, CEO Jack Donahoe said the company is still recovering from a post-breach password reset.
Today, updated versions of the Cloud Controls Matrix and Consensus Assessments Initiatives Questionnaire hit the web.
As of Wednesday afternoon, 127 SSL certificates associated with malware and botnet activities have been blacklisted.
Oracle, the maker of the popular Java plug-in, recently confirmed the details.
The Russian Foreign Ministry lodged a protest with the U.S. Embassy in Moscow, demanding the return of Roman Seleznev.
A 17-year-old in Norway was arrested and charged with launching distributed denial-of-service attacks against banks and other companies in the country.
For the second time in as many months, an Illinois judge has dismissed a class-action suit against Advocate spawned by a data breach last summer.
Google has hired a team of researchers who will be dedicated to digging up vulnerabilities, malware and other threats to internet users.
More than 7.3 million New York residents fell victim to 900 breaches in 2013, according to a report released by the state attorney general.
NIST presents 65 challenges of cloud computing divided into nine categories in an effort to build consensus and formulate solutions.
Multiple CNET servers containing more than one million usernames, emails and encrypted passwords were compromised this past weekend.
Cryptolocker is effectively non-functional and unable to encrypt newly infected computers, according to a status report filed by the Justice Department on Friday.
Apple published a security notice saying that older versions of Adobe Flash contain vulnerabilities that can be exploited by Rosetta Flash.
After receiving tens of thousands of link removal requests, Google has convened a panel of experts who will speak at public meetings in Europe.
Attackers are targeting hotel business center computers with keylogger malware, according to a U.S. Secret Service advisory to companies in the hospitality industry.
Apple responded to a Chinese television broadcasters allegations that the company is storing users information through its location tracking services.
Zberp malware was developed from the source code of Zeus and financial malware Carberp.
The Gameover variant of the nefarious Zeus trojan was disrupted in early June, but researchers with Malcovery are observing a return.
BitDefender, the firm that discovered the ransomware, detailed Cryptolocker's chances of making a comeback.
TrapX was alerted to the zero-day attack when the malware targeted servers with "finance" in their host names.
After Amazon refused to a settlement, the FTC filed suit to force the online company to make restitution and change practices in its app store.
CSIS researchers say the full source code for what's been dubbed the "smallest Trojan banker ever discovered" have been leaked in an underground forum.
For his role in massive phishing scheme involving stolen payment card data, a Romanian man was sentenced on Tuesday to 45 months in prison.
A cross-site scripting flaw impacting a Kaspersky website was quickly addressed by the security software company.
A researcher from Sophos Labs penned a Viral Bulletin warning that VBA macros had reappeared as "simple downloader trojan codes."
Microsoft will start complying with Europe's "right to be forgotten" ruling by offering its Bing users a form to request links be deleted.
Chinese hackers broke into databases at the Office of Personnel Management which house data on workers applying for top-secret security clearance.
Google recently blocked the fraudulent certificates, which were also revoked by India CCA.
A cross-site scripting vulnerability identified on the Kaspersky website could enable an attacker to steal a variety of data.
On Tuesday, the telecom giant published its second transparency report on government requests for customer data.
Keith Alexander is warning financial institutions of the threats their industry faces and offering to help them fight off attackers through his consulting firm.
The PCI Security Standards Council General Manager Bob Russo will retire at year's end; Stephen W. Orfei will take the helm in September.
A variant of espionage malware that plagued government entities and other organizations across the globe has returned with a new toolset and a different set of victims.
Adobe's patches address three vulnerabilities, including a critical bug in Flash Player that could be exploited to steal sensitive information.
Australia-based Bitcoins Reserve lost more than $62,000 after phishers began targeting bidders interested in the auction of 30,000 Bitcoins confiscated in the Silk Road takedown.
A phishing scam asks World Cup fans to sign a fake petition in support of a soccer play disqualified from playing after biting another player.
HotelStayUK shut down its HotelHippo booking site for good amidst assurances that other sites in the group are unaffected by security woes.
A new report claims that the NSA is automatically capturing peoples' information through its XKeyscore program after they search for the privacy programs
Cameron Lacroix, who recently plead guilty to computer hacking and payment card theft, faces new charges related to the hacking of Zendesk, which provides helpdesk services to Twitter.
Popular video sharing service DailyMotion was compromised on June 28, redirecting users to the Sweet Orange Exploit kit.
Small skimmers fit inside card readers rather than resting on top of them and coupled with mini cameras yield card and PIN data.
Target has asked a Minnesota court to stay discovery until motions to dismiss the claims have been addressed.
Microsoft has handed domain control back to No-IP after millions of customers were reportedly impacted by its legal action.
Symantec's report on the "Dragonfly" group brings additional insight on attackers spreading Havex malware.
The Privacy and Civil Liberties Oversight Board's report indicates internet communications needs less protection than phone calls.
Google has complied with a Goldman Sachs request to block access to an email containing sensitive data sent in error to a stranger's Gmail.
Microsoft is now using Transport Layer Security (TLS) encryption for both outbound and inbound email on Outlook.com.
A HotelHippo customer who happens to be a security consultant found multiple security flaws when he tried to book accommodations.
International hackers search for phone lines with unsecured voicemail ports, and then harness those lines to handle their customers' calls.
Alabama's Department of Public Health has sent letters to individuals whose personal information may have been compromised and used in a tax fraud operation.
A Harris Poll survey of 308 senior IT professionals found greater trust for Dropbox and similar apps among younger workers and top executives.
Dubbed Security Monkey, the latest tool is now available on the company's GitHub site for developers that utilize Amazon Web Services.
A point-of-sale and security systems vendor is notifying its customers, some of which are big restaurant chains, that its remote access service was breached.
The NSA is said to have threatened Denmark's government, warning that it would be excluded as a U.S.'s close ally if it didn't alter its encryption laws.
In late May, the company discovered that an unauthorized third party had accessed its computer systems and nicked customer information.
Apple addressed various vulnerabilities in Mavericks, Safari, iOS and Apple TV, several of which can enable arbitrary code execution.
The complaint, filed in the U.S. District Court for the Northern District of Illinois, alleges that the restaurant chain failed to protect their personal financial data.
A district court judge has ruled that the Court of Appeals for the Third Circuit can review an earlier decision to deny Wyndham's request for dismissal.
For years, Google has battled accusations that it violated WireTap Act for its use of Street View.
The serious buffer overflow vulnerability affects Android 4.3, or devices running Jelly Bean.
A 17-year-old London teen has been charged with computer misuse, fraud and money laundering offenses, partly for his role in the 2013 Spamhaus DDoS attacks.
The first privacy-driven mobile device is shipping to pre-order customers now and will begin accepting additional orders later this year.
The Office of the Director of Intelligence released a report based on information declassified by the Director of National Intelligence.