Rep. Ted Lieu (D-Calif.) is calling on the Federal Communications Commission (FCC) to accelerate its investigation of the SS7 flaw.
A Malwarebytes analysis of the espionage toolkit that recently infected Vietnam Airlines revealed a modular variant of the Korplug remote access trojan (RAT) that in this case disguises itself as a McAfee antivirus program.
Cisco updated a security advisory for a remote code execution vulnerability affecting the SNMP application-layer protocol.
The fish and wildlife agencies of Washington, Oregon and Idaho have temporarily suspended the sale of hunting and fishing licenses and tags after the vendor operating their online licensing system was apparently breached.
U.S. CIO Troy Scott promoted a $3 billion proposal to modernize government technologywhile speaking at an annual summit.
Dropbox is recommending to some users update the log in credentials for their account because a group of member emails and passwords may have been compromised.
Several public interest groups reached out to the FCC calling for action concerning the implementation of DSRC technology.
Baltimore police have been running an aerial surveillance program capable of tracking people and cars since early 2016, which is being paid for not by the city, but an unnamed private citizen and all of this has been done without public input.
VMware released security updates this week to address a local privilege escalation vulnerability in its VMware Identity Manager and vRealize Automation software, as well as a remote code execution vulnerability in the latter product.
Attackers used a flaw in the internet forum software vBulletin to breach 11 websites, exposing personal information of 27 million accounts.
Customers and researchers alike are chastising United Airlines' attempt at using two-factor authentication to secure its MileagePlus account holders.
The personal website of Saturday Night Live comedian and Ghostbusters star Leslie Jones was taken offline after hackers vandalized the site.
Three people have been charged in Switzerland for a global computer fraud scam.
Five suspected cyberthieves have reportedly fled Thailand after allegedly stealing approximately $350,000 in cash from 21 malware-infected ATMs operated by the state-run Government Savings Bank (GSB).
NYU scientists designed a new form of application-specific integrated circuit (ASIC) designed to spot hidden vulnerabilities in microchips.
A joint investigation by the Canadian and Australian governments looking at the hack of the adult dating site Ashley Madison found it lacked the safeguards needed to protect the personal information of its customers.
In a revision of its policies, the U.S. Department of Health and Human Services' Office for Civil Rights has instructed its regional offices to place more of an emphasis on investigating smaller health-care data breaches that affect fewer than 500 individuals.
GTAGaming, a fan forum for the popular game "Grad Theft Auto," was hacked, compromising the data on nearly 200,000 users.
Researchers believe Fancy Bear hacked the Olympic drug-testing agency in retaliation for WADA's recommendation to ban all Russian athletes from the Olympics.
The FBI is investigating the possible hack by Russian intelligence agencies of the New York Times and other news organizations.
Privacy groups have opposed a proposal by DHS that would collect information about the social media presence and online activities of visa-waiver program visitors to the U.S.
Thirteen German financial institutions and their subsidiaries have recently felt the wrath of GozNym as the downloader and banking malware hybrid intensifies its campaign against European banking customers.
Although a ransomware attack hit the city of Sarasota, Fla. in February, owing to an ongoing criminal investigation, details of the attack are only now being revealed.
NIST issued a far-reaching request for information, seeking cybersecurity suggestions from the private sector on a range of topics.
A two-factor authentication (2FA) vulnerability affecting PayPal's login portal process has been patched.
An Australian teen managed to avoid any jail time after pleading guilty to initiating distributed denial of service (DDoS) attacks against the nation's largest bank, his school and the Australian Cybercrime Online Reporting Network.
Belgian security officials reportedly turned to the National Security Agency (NSA) during an investigation that led to an accused Paris terrorist.
In the name of a slain gorilla, hacktivists appear to have targeted the twitter account Cincinnati Zoo & Botanical Garden director Thane Maynard.
A San Francisco Bay-area woman was arrested Thursday after doing a little too much to keep up with the Kardashians.
The social media giant listed these stats in a Thursday statement detailing the firm's most recent efforts to combat terrorism on its platform.
Former board members and senior employees at SWIFT, said the company did not monitor or make attempts to improve the poor security practices of its clients.
An employee of enterprise software firm Sage has been apprehended by police in London following a breach last week.
Malwarebytes researchers spotted a SMS scam in the UK targeting parents and adults who know someone by the name Sarah.
For security-conscious Mac users, Christmas has come early this year, with reports of Google's Macintosh Operations Team developing a new whitelisting and blacklisting system for macOS.
The National Security Agency (NSA) blamed a partial shutdown of NSA.gov on a storm that hit its headquarters earlier this week.
ESET researchers spotted the Nemucod downloader used to spread banking trojans and other malware operating in Brazil.
A cyber vigilante took internet justice into his own hands when he infected the computer of an tech support scammer with Locky ransomware.
A Pakistani security researcher discovered a vulnerability affecting Chrome and Firefox browsers configuration of URLs in address bars.
A dangerous SQL Injection vulnerability has been disclosed and patched that could affect the Ninja Forms plugin for WordPress, impacting the 600,000 sites using that website construction software.
The CERT Division of Carnegie Mellon University's Software Engineering Institute has reported multiple vulnerabilities in web-based help desk application ReadyDesk, version 9.1 and possibly others.
Ford Motor Company is teaming up with Baidu, to invest a combined total of $150 million into Velodyne's LiDAR technology for connected vehicles.
In what is being flagged as a threat to the health care sector, the source code of all of PilotFish Technology's software has been posted to the dark web.
Blackberry is pushing out a patch today that will make users of its PRIV and DTEK50 smartphone safe from QuadRooter, a vulnerability potentially impacting the 900 million devices in use powered by a Qualcomm processor.
China launched an orbital carrier rocket early Tuesday morning carrying the 'Micius' satellite, believed to be the world's first quantum satellite.
Very perceptive: Talos researchers spot three vulnerabilities in Lexmark Perceptive Document Filters
Cisco's Talos division today publicly disclosed three new vulnerabilities in Lexmark's Perceptive Document Filters product that if exploited with specifically crafted code could result in remote code execution.
Google launched a video-calling app, Duo, to go up against Apple's FaceTime, Facebook's Messenger, Skype and other apps for video conversations.
The persona known as Guccifer 2.0 published DCCC documents related to Florida primaries that provide detail into a re-districting effort that the hacker says shows congressional primaries are "becoming a farce."
Researchers spotted a new information stealing trojan, dubbed Shakti, that may be of Indian origin and is designed for corporate espionage.
London police have kicked off a pilot program that has law enforcement hiring private law firms to challenge cybercriminals in civil rather than criminal court.
Trend Micro researchers spotted a new variant of Locky ransomware using Windows Scripting Files (WSF) as a downloader.
If Zeus was the king of banking trojans, then newcomer Scylex is looking to claim Zeus' old perch atop the Mt. Olympus of financial malware.
Cisco has released an update to patch a vulnerability in its IOS XR Software for Cisco ASR 9001 Aggregation Services Routers that could lead to a denial of service condition.
Roman Valerevich Seleznev, a Russian charged with hacking into servers and global carding forum sites resulting in $170 million in phony credit card purchases, will face a federal jury this week.
Samsung has not provided details of the critical vulnerability, which appears to be exclusive to the S6 edge, prompting speculation that the flaw may be related to the QuadRooter vulnerabilities.
NETMYSOFT Chief Technical Officer Laxman Muthiyah spotted a vulnerability on Facebook's Rights Manager platform which allows Freebooting.
Aries Security researchers' "video-jacking" attack highlight yet another attack vector to consider when charging phone in unfamiliar locations.
Days after Australian gold medalist swimmer Mack Horton accused his Chinese rival Sun Yang of doping, the Swimming Australia website has been experiencing a large increase in traffic, seemingly due to a DDoS attack.
The EPA has 30 systems that contain personally identifiable information (PII), according to the At a Glance summary of the inspector general's report.
A high-severity preauthorization SSRF vulnerability in vBulletin forum software allows an unauthenticated attacker to perform a port scan of internal services and execute arbitrary system commands.
Software company Lavians Inc. is offering free utilities applications for download that actually contain the Bing.vc browser hijacker software, Intel's McAfee Labs warned in a blog post yesterday.
Nic Scott has been appointed to managing director for the UK and Ireland at Code42.
Apple quietly issued "an important security" update on Thursday to its operating system pushing out iOS 9.3.4.
Nearly 100 million Volkswagen vehicles are affected by a vulnerability that would allow an attacker to remotely and discretely unlock a car without a key.
As the FBI investigation into the hack of the Democratic National Committee broadens, it is being reported that the private email accounts of Hillary Clinton and more than 100 Democratic officials also have been breached.
Even after quelling the initial privacy issues that arose from the launch of Pokemon Go, Niantic Labs CEO John Hanke has a spotted history
The White House on Monday unveiled its finalized Federal Source Code policy, designed to encourage federal agencies to share code with each other, as well as the open-source software development community.
Researcher accidentally sent solar development device, says he can shut down electricity generation facilities
Security researcher Fred Bret-Mounet found vulnerabilities affecting the management unit on his home's solar array, a device that monitors solar panels over the internet.
Spyware that was recently found to have infiltrated Vietnam Airlines has also embedded itself in the website operations of various Vietnamese institutions, warned cybersecurity firm Bkav, the Vietnam News Agency reported.
A group of four banks in Australia want customers to be able to use the banks' own mobile apps when conducting financial transactions with Apple Pay.
The website hosting the online form for Australia's national census was brought down by a series of DDoS attacks on Tuesday, temporarily preventing some of the country's citizens from participating in the population survey.
Symantec researchers spotted an influx over the last few months in hacked Instagram accounts used to promote adult dating spam.
Adobe Experience Manager received a "hotfix" to patch four vulnerabilities that could allow cross scripting attacks.
Walmart.com customers are being flooded with emails urging them to reset their passwords in what looks to be a phishing attack, BGR has reported, based on a series of complaints recently made on social media.
The malicious downloader Nemucod, normally associated with ransomware, has reportedly switched payloads in its most recent known campaign, opting instead to infect victims with Kovter, a backdoor trojan capable of click fraud.
European privacy groups have voiced opposition to a planned surveillance data project that would significantly expand the technology capabilities of Romania's domestic intelligence service.
Venture capitalist investments in cybersecurity firms have seen a 235 percent growth rate over the past five years as cyberthreats increase.
A new ransomware iteration has been detected by Symantec that spreads via social engineering tactics disguised as an alert from Microsoft.
The online retailer has agreed to pay the penalty and to upgrade its data security practices.
Davina Pujari, Shaun Bridges third lawyer since he began his appeals process in December 2015, filed a motion to withdraw as counsel on appeal.
Two New Zealand researchers discovered that one of the most popular connected adult toys on the market sends user data back to its manufacturer.
USB pens distributed by the U.K.-based mobile network O2 as part of a promotional campaign for an eBook were discovered to contain a "Windows specific virus", according to a company statement.
Oregon State Hospital's maximum security ward is notifying patients of a data breach.
Michael Phelps is a world champion in the swimming pool, but on the Internet he just got blown out of the water by an apparent distributed denial of service (DDoS) attack that shut down his commercial website.
NATO's recent proclamation that cyberspace is an official domain of warfare, along with Russia's reported cyberaggressions against the U.S. and Ukraine, raises interesting questions about how one can responsibly manage cyberwarfare.
A group of Princeton professors found that voting machines are less protected than the iPhones used to navigate to the voting booth and are becoming less secure each year.
Researchers discovered a RAT that targets Android phones in China and Japan and appears to select victims based on their devices' IMEI codes.
Tripwire researcher Craig Young said a series of flaws he recently found in Ruckus routers making them vulnerable to several security issues is representative of the security problems found in many consumer connected devices.
A transfer of $400,000 was redirected to a group of Nigerian hackers.
There would be a lot more happy-go-lucky gamblers in Vegas if ATMs would spit out hundreds of dollars the way Rapid7 made one do in a demo at Black Hat that showed new EMV chip technology is not hack-proof.
Black Hat is not just an event for security industry insiders to gather and learn about the cyberthreats facing the world, it is also a premiere place to recruit new talent.
Citizen Lab researchers spotted a malware operation, dubbed Group5, targeting "well connected" Syrian opposition.
The U.S. Navy has launched a Capture the Flag (CTF) competition to secure the networks used by the Department of Navy (DoN).
Ransomware is a brilliant attack because it hits the sweet spot - the value of what they're taking away from you is more than what they're asking for, Zscaler CSO Michael Sutton told SCMagazine.com.
Version 48 of the Mozilla's web browser Firefox has just been released offering new features intended to improve the stability and security of the browsing experience.
Cybersecurity firm Sophos recently issued a warning that cyberthreats are becoming more localized in nature. At Black Hat, SCMagazine.com caught up with Sophos's John Shier to discuss these "designer" attacks.
Klimpton Hotels and Restaurants advised guests of a possible breach.
Panasonic Avionics Corporation developed a bug bounty program through HackerOne.
A battery status API, intended to allow site owners to serve low-power versions of sites and web apps, is being used to track users.
The fallout at the Democratic National Committee (DNC) over the leak of nearly 20,000 stolen emails continues with the announcement that three more top staffers will be exiting.
Security researcher David Coomber spotted a SSL certificate vulnerability in the Kaspersky Safe Browser iOS app.
SC Magazine Articles
- USAA members hit with multiple phishing attacks
- Industry pros react to Cisco, Fortinet advisories after possible Snowden NSA leak
- Trust exercise: Symantec's new website security expert is reaching out to hacker community
- Two-thirds of IT security pros surveyed expect a breach to hit their company, report
- Three zero-days found in iOS, Apple suggests users update their iPhone
- Microsoft Office 365 hit with massive Cerber ransomware attack, report
- CEO sacked after aircraft company grounded by whaling attack
- Microsoft warns of new, self-propagating ransomware in the wild
- Wendy's POS breach 'considerably' bigger than first thought