Malware infected Staples' point-of-sale systems at 115 of its 1,400 U.S. retail stores, mostly between Aug. 10 and Sept. 16.
An advisory is warning all users of GitHub for Windows and GitHub for Mac to update their clients as soon as possible.
Pointing out that North Korea had inflicted considerable damage in its Sony hack, President Obama said the U.S. would respond.
Individuals in Australia are being targeted with emails that claim to come from the State Debt and Recovery Office.
Federal contractor KeyPoint Government Solutions, which conducts background checks on federal employees, has been impacted by a data breach.
Following an investigation which involved other U.S. government departments and agencies, the agency concluded that the North Korean government conducted the Sony Pictures Entertainment cyber attack.
Barrett Brown appeared in federal court in Dallas Tuesday for sentencing, but will now have to wait until January to hear his fate.
Staff member credentials were used to access ICANN systems after spearphishing campaign that began in November.
An intruder initially gained access to an Ars Technica web server and was then able to access a more central machine using information from a "poorly located" backup file.
Palo Alto Networks Unit 42 researchers have identified the backdoor on numerous devices, so far leaving more than 10 million users vulnerable.
The new "Onyx" family of Boleto malware is altering its tactics to infect victims' transactions and possibly cause billions of dollars in losses.
Produced by Norton and Betabrand, the READY Active jeans and Work-It blazer feature pockets lined with RFID blocking material.
Apple won a class-action lawsuit that alleged they had used a software update to ensure iPod owners could only play songs sold in the iTunes Store or downloaded from CDs.
The publication, called "Cloud Computing Service Metrics Description," is currently in a public comment phase.
The DPA warned Google that by gathering personal information on internet users to personalize ads, it has violated a Dutch privacy act.
The newly discovered malware is the first ransomware variant to go after Japanese speakers, demanding ransom fees that range from $500 to $3600.
In a letter to employees, Sony warned against fraudsters and offered free identity theft protection.
Attackers exploiting a bug in the Slider Revolution plugin to compromise WordPress websites with malware may also be targeting zero-day vulnerabilities in Firefox and Internet Explorer 11.
A URL flaw that impacts mobile boarding passes for airlines, such as Southwest and Delta, was discovered on Tuesday.
Witnesses against Ross Ulbricht are being kept under wraps after New York district court judge Katherine Forrest determined their safety could be at-risk.
Several were arrested in Operation Torpedo, including former acting HHS cyber director DeFoggi.
The U.S. House of Representatives and the Senate passed to the CyberSecurity Enhancement Act of 2014, giving NIST the go-ahead to develop voluntary cyber standards for critical infrastructure.
A researcher identified a cross-site scripting vulnerability affecting the Citibank website, which has yet to be patched.
A new Ursnif malware variant has been detected in the wild, and the U.S. and United Kingdom are being particularly targeted.
The organization alerted partner companies of a breach that took place in July, in which attackers attempted to glean sensitive information.
Sean Nolan McDonough, also known as 'Narko,' pleaded guiltycomputer misuse and money laundering in connection to the massive denial-of-service attack (DDoS) on SpamHaus and Cloudflare.
BlackEnergy malware may be exploiting a vulnerability in Siemens SIMATIC WinCC software that was patched in early November.
The issue was found in Microsoft's Exchange Server 2010 SP3 Update Rollup 8, which was part of the MS14-075 bulletin.
Hackers that felled Sands Las Vegas websites exploited a weak link in the casino's networks to launch a wiper malware attack.
Emails between movie producer Scott Rudin and Sony co-chairman Amy Pascal leaked as a result of a cyber attack on the entertainment company.
Customers who used the St. Louis Parking Company's public parking lot at Union Station between October 6 and October 31 could be affected.
The security firm which specializes in authentication, is also a founding member of the FIDO Alliance, which recently published its Universal Authentication Framework.
Users who are duped and open up an attachment that claims to be a voice message become infected with the info-stealing malware.
A lower court had granted Neiman Marcus's motion for dismissal of a suit but the plaintiffs are trying to revive it on appeal.
Kaspersky initially thought the malware signature might be the work of malicious attackers.
Hackers linked to the Sony Pictures attack could now use the malware to dupe new targets, Kaspersky revealed.
Security researchers believe there are more than 30 vulnerabilities present in the development and hosting platform.
Google has taken steps to diminish the POODLE threat by "killing off SSLv3," but now the flaw threatens Transport Level Security.
Kaspersky Lab researchers detailed the new "Penquin" Turla in a recent blog post.
Local police seized servers, computers and additional equipment in the raid that took place in greater Stockholm and The Pirate Bay is still offline.
Dexter and LusyPOS, a malware variant revealed earlier this month, share traits, researchers at Trend Micro have discovered.
Researchers have uncovered XSS vulnerabilities at the travel and car service sites.
The alliance defined specifications for devices, servers and client software that will help usher in the "post password" era.
In an email sent to Sony Pictures' CEO and co-chairman hackers requested "monetary compensation."
Hector Monsegur remembered his arrest during an interview with Charlie Rose and went on to elaborate on security threats the U.S. faces.
Lizard Squad kept its promise that more attacks were on the horizon after taking down another gaming service following its Xbox Live DDoS attack last week.
In an annual forecast report, 54 percent of IT leaders said their budgets would accommodate increased salaries for security staff.
Mohammad Azhar Tahir used a XSS attack to hack into and deface the prime minister's website.
Geoffrey Commander was sentenced to 10 days in jail by a federal judge in Virginia for a DDoS attack on MasterCard.
Paul Shin Devine, the company's former global supply manager, admitted to being a part of a scheme where he received kickbacks from suppliers for providing them with product forecasts.
PaymentsMD and its former CEO will have to destroy all information collected related to its Patient Health Report service.
Ercan Findikoglu's extradition to the U.S. was blocked by a German court because his possible sentence was deemed too extreme.
The NSA intercepted communications from hundreds of email accounts from major cell phone network operators to exploit network weaknesses for surveillance purposes.
U.S. Senator Ron Wyden introduced the Secure Data Act on Thursday to prohibit federal agencies from mandating that backdoors and other security vulnerabilities be built into U.S. software and electronics.
On Thursday, Fey was named president and COO of Blue Coat.
Upon its release, Windows and Microsoft users are urged to update the software to address the vulnerabilities that have been given a priority rating of "1".
The women's clothing retailer said a November breach of its store payment system exposed account numbers and other payment card information.
Police responding to a fire at an estate in Nairobi found a sophisticated cyber command center likely to be used for cyber attacks in Kenya.
Financial institutions discovered fraudulent activity on customer credit cards recently used at Bebe stores, Brian Krebs reported.
Noe Iniguez posted a nude photo and derogatory remarks about his ex-girlfriend on her employer's Facebook page.
The case, which alleges negligence, failture to provide adequate security and claims a violation of Minnesota's Plastic Security Act, has been given the green light to move forward.
The U.S. House of Representatives unanimously approved three bills, including the Critical Infrastructure Protection Act.
Phishing emails are made to look like order confirmations from major retailers, like Best Buy, Target and Walmart, security firm Malcovery warns.
A Sucuri researcher found a vulnerability that could allow a malicious attacker to take over a user's sites and put them into maintenance mode.
The new POS malware shares traits with Dexter and Chewbacca, CTBS researchers said.
The endpoint security provider foresees a variety of threats in 2015, including OS X malware and more coordinated ransomware attacks.
Security researcher Dan Tentler revealed the findings to Forbes.
The hacktivist collective released a video on Monday expressing their disagreements with recent ordinances aimed at the homeless of the city.
Google issued a Lollipop 5.0.1 update that addresses a bug that could prompt an Android device to reset, deleting files and data.
The international crackdown effort, led by Europol, included the help of airlines and credit card companies.
Four months after its Bing removal request form went online, Microsoft has begun responding to users.
The hacker collective hit the gaming service with a DDoS attack that interrupted the connection for users in the United States and Canada on Monday.
Wang Jing wrote that the The Weather Channel's site used URLS to create its tags without filtering malicious script codes, which left them vulnerable to attack.
Nearly a week after its network was hacked, Sony had some of its major films leak before their release dates and the company brought in FireEye's Mandiant forensics unit to investigate.
The latest ruse leverages the uptick in holiday shopping in order to lure victims into giving up personal information.
Hammad Akbar, the CEO of companies that sold and advertised mobile spyware app StealthGenie, will pay the fine in what's considered a landmark criminal conviction.
Parking facility service provider SP+ announced that customer payment cards used at 17 locations may be at risk.
The cardstock vendor said it saw suspicious activity on its systems earlier this week and immediately began investigating.
Protesting the grand jury decision not to indict the police officer who shot Michael Brown, the hacktivists' post links to wizard's personal data on pastebin.
Tax and donation information was revealed on hundreds of Canadians, some of them prominent.
A year after the massive breach at the retailer, authorities are keeping mum, but security pros say signs point to Ukrainian man.
An executive's system was reportedly infected by malware after he charged an e-cigarette purchased on eBay through his system's USB port.
The National Association of Federal Credit Unions is asking Congress to establish national data breach and notification standards for retailers.
Rebecca Richards took to Tumblr to address concerns about the NSA's activities and Edward Snowden's leaks.
The Boston-based hospital agreed to the fine related to its 2012 data breach which left information on thousands of patients vulnerable to compromise.
The company disclosed the lawsuits as part of its quarterly earnings report.
The technology company launched a new dashboard to keep users aware of devices that are linked up to their accounts.
A researcher at Symantec traced DroidJack's origins back to legitimate Android app developers and previous RATs.
The potential issue began on Monday when an image of a skeleton appeared on employee computers along with a message stating, "Hacked By #GOP."
A phony Starbucks Instagram account is potentially being leveraged by miscreants to steal personal information.
In a message to members, Malwarebytes CEO Marcin Kleczynski said no personal data was stolen when a forum server was hacked.
The latest update of the software provides futher hardening against a vulnerability that was mitigated in the Oct. 14, 2014 release.
Police nabbed five suspects in a series of raids, all for being suspected of using Remote Access Trojans to compromise computers.
A judge made public documents related to 529 requests by police in Charlotte, N.C. as part of their cellphone surveillance efforts.
In a letter to NIST, privacy organizations and companies called for secure encryption standards.
The FBI and Homeland Security's US-CERT team have both warned that online scams, taking advantage of the holiday shopping frenzy, will be plentiful this season.
The 29-member Global Commission of Internet Governance Innovation features political leaders, global academics and business leaders that will explore pressing topics in the digital world.
Experts at Symantec have come across a sophisticated cyber espionage tool that exhibits a rare complexity of features similar to past cyberespionage malware.
The director of the NSA stated that China, as well as "one or two" other countries, is capable of launching cyberattacks to shut down electric grids and other critical infrastructure in parts of the U.S.
Jacob Mahonri Espinal hacked into his school's computer system to bring his grades up from academic probation status to straight As.
Sign up to our newsletters
SC Magazine Articles
- Impact of Linux bug 'grinch' spans servers, workstations, Android devices and more
- More than 100K WordPress sites compromised by malware due to plugin vulnerability
- Phishing email contains Word doc, enabling macros leads to malware infection
- Critical 'Misfortune Cookie' bug puts millions of internet-connected routers at risk
- White House calls Sony hack a "serious national security matter," gov't mulls proper response
- Neverquest botnet furthers crimeware-as-a-service biz for fraudsters
- Solo attacker likely responsible for phishing campaign, delivering Zeus variant
- Telecommunications companies on the line with FTC, FCC for cramming schemes
- The 10 POS malware families this holiday season
- White House calls Sony hack a "serious national security matter," gov't mulls proper response