The 23-year-old mastermind behind the hack of the Commission on Elections (COMELEC) website, which led to the exposure of 55 million voter records, was arrested by the Cybercrime Division of the National Bureau of Investigation in the Philippines Friday.
Hacking a connected car in Michigan could warrant a life sentence behind bars if recently proposed legislation is passed into law.
Several ISIS hacking groups announced that they have joined forces to form a large hacking group.
The online classified website Gumtree Australia alerted customers on Friday of a data breach after hackers stole their personally identifiable information last weekend.
A supposedly legitimate French software firm, Tuto4PC, has actually infected an estimated 12 million PC users with a generic Trojan disguised as downloadable utilities programs, according to an analysis from Cisco's Talos research division.
An Ohio firearms dealer notified the California Attorney General that the company experienced a data breach that compromised its customers' name and state identification information.
The Lansing, Mich., Board of Water & Light (BWL) hopes to be fully back online today after suffering a cyberattack earlier this week that knocked the utility's internal computer systems offline.
The U.S. House yesterday passed the Defend Trade Secrets Act of 2015, which creates a single U.S. standard for protecting companies from intellectual property theft through civil recourse against the offending parties in federal court.
A defense authorization bill could split off the U.S. Cyber Command from under the direction of U.S. Strategic Command and the NSA.
The EFF is revising its IM scorecard after a pair of researchers spotted vulnerabilities in platforms previously rated safe.
Cybercriminals are strengthening their DDoS attacks with more amplification and new methods to refine their botnets.
Wearables are the Internet of Things (IoT) devices most likely to emerge as a security threat or cause a breach, according to a new survey by Spiceworks and Cox Business.
Lawmakers are requesting an addendum to a defense authorization bill to mandate specialized training for U.S. cybersecurity troops engaged in war games.
Mozilla released 10 security advisories affecting its Firefox open-source web browser.
Facebook has updated its social login process after a security firm found a bug that could have enabled adversaries to steal victims' online identities.
The Qatar National Bank is investigating a possible massive data breach with more than 15,000 files, or 1.4GB of data, being compromised.
More than two months after a federal judge ruled the U.S. must privately disclose the hacking technique the FBI used to identify patrons of the child porn site Playpen, lawyers have filed a motion urging the case be dismissed if the government does not comply or drop the charges.
Emails sent to businesses demanding payment to avoid a DDoS attack were enough to spur some to pay off, even though no attacks resulted.
FireEye researchers have spotted in the wild a new version of the RuMMS malware family that is attacking people in Russia using a SMS text message phishing, or smishing, scheme to steal personal and banking data from the phone.
App users logging in over unsecured Wi-Fi hotspots may be exposing their personal information to data miners.
Odd "phantom trips' taken nearly a year after Uber log-in credentials surfaced on the dark web.
A researcher has discovered a way for attackers to sneak remotely hosted, unauthorized applications past Microsoft Windows' whitelisting security feature Applocker, by abusing the command-line utility Regsvr32.
A Georgia couple pleaded guilty for their role in the IRS 'Get Transcript' data breach that compromised 700,000 accounts.
Just-released figure doubles the number from less than a year ago of Facebook users accessing the site via Tor.
The Massachusetts Institute of Technology (MIT) introduced a bug bounty program last week that it termed "experimental."
The Anonymous-affiliated hacking group Ghost Squad yesterday launched a distributed denial of service attack against the Loyal White Knights of the KKK, knocking the white supremacist group's website out of service.
A report from the Society for Worldwide Interbank Financial Telecommunication (SWIFT) indicates the group was aware that malware was targeting its system when $81 million was stolen from a Bangladesh bank in March.
Cisco issued five security alerts this week, issuing software updates to patch a series of vulnerabilities, any of which could potentially trigger a denial of service condition.
Three years after Microsoft introduced a two-factor authentication into its Xbox Live online gaming network, Sony has confirmed it will incorporate the same security feature into its PlayStation Network services.
A teenager turned himself in to police in Staffordshire, U.K., where he was arrested on charges stemming from a breach of internet services provider TalkTalk.
Published reports are using an odd methodology in an attempt to decipher exactly how much the Federal Bureau of Investigation (FBI)paid to unlock the iPhone 5c belonging to one of the San Bernardino terrorists.
Two updates in TeslaCrypt illustrate that ransomware is not only spreading wider, but is also evolving with new capabilities.
Every day is Patch Tuesday for Adobe as the software company today issued an update for its Analytics AppMeasurement for Flash Library.
Filipino authorities Thursday confirmed the arrest one of three people believed to be responsible for breaching the COMELEC website.
Australian Prime Minister Malcolm Turnbull confirmed that the Australian Bureau of Meteorology was indeed a target of a cyberattack last year.
Americans are concerned that the FCC's Set-Top Box proposal, which will open the market to third-party vendors like Google, will compromise their privacy.
Aspiring hacktivists can now login to a chat service hosted by Anonymous to learn coding and encryption.
The terror attacks that struck Belgium and France also kicked off a period of increased cyber attack activity in both countries, according to a report by Cytegic.
A federal judge has ruled that Ashley Madison class action plaintiffs must use their real names to continue lawsuit.
Beware of fake mystery shopper scams, a new McAfee Labs consumer alert warned.
Stoked by headlines announcing major data breaches, the stock valuations of cybersecurity companies outperformed the Nasdaq and S&P 500 by double over the past three years.
A malicious insider was handed a nine-year prison sentence and a $1.7 million fine for hacking into the computer system of his former employer Locke Lord.
A wave of DDoS attacks were launched against the government-funded education network Janet yesterday morning.
The personal information of an undisclosed number of CVS customers in Calera, Ala., is at risk after a laptop was stolen from one of its vendors.
The Senate Subcommittee on Emerging Threats will meet today to hear testimony on cybersecurity issues and funding from Department of Homeland Security and U.S. Cyber Command representatives.
Newark's police department was hit with cyberattack that that shut down key systems for three days.
A deeper probe into the JBoss server vulnerabilities linked to recent Samsam ransomware attacks has uncovered 3.2 million unpatched machines that are potentially susceptible to this attack vector.
Researchers at MIT have developed a hybrid machine learning/human cybersecurity platform that reduces false positives and can predict a cyberattack with 85 percent assurance.
The Identity Theft Resource Center (ITRC) and IDT911 said that to date, the financial services, business, education, government and healthcare industrial sectors have experienced over 6,000 data breaches since 2005.
The Royal Canadian Mounted Police intercepted and decrypted around one million PIN-to-PIN BlackBerry messages,
Virtual reality firm Magic Leap has acquired Israeli cybersecurity company NorthBit.
Cybersecurity is the greatest threat since the atom bomb, said Apple co-founder Steve Wozniak.
The U.S. Cyber Command is taking the information security fight to ISIS hacking into the computers of individual fighters and interrupting the terror group's encrypted communications.
Lobbying firm The Fritts Group has contracted with General Motors to advocate for the introduction of self-driving vehicles on behalf of the Detroit-based automobile manufacturer.
VMware advised users to patch a critical issue that could allow man-in-the-middle (MitM) attacks or web session hijacking.
Experts are speculating that the FBI may be closely guarding a secret vulnerability in the Firefox browser that it can exploit for future law enforcement purposes, according to a Motherboard report yesterday.
Global citizens are collectively torn as to whether or not hacktivists constitute a public nuisance, or actually benefit society by holding criminal organizations, governments and corporations accountable, according to a new survey.
The risk level is "high" for multiple privilege escalation vulnerabilities that can affect any product or platform running Junos OS.
The hacking group Lizard Squad is taking credit for unleashing a distributed denial of service (DDoS) attack Wednesday against Blizzard that prevented some customers from signing onto Battle.net for several hours.
Well before the FBI's recent demand that Apple give up the keys to the encryption used in an iPhone 5c, the bureau engaged in a similar effort.
A new spam campaign tries to fool Facebook users into downloading malware by luring them to a fake YouTube page supposedly featuring a friend's video.
Anonymous and LulzSec leaked millions of records and launched cyberattacks on Italian businesses to protest Italy's labor laws.
An unauthenticated reboot flaw has potentially left millions of ARRIS SURFboard modems vulnerable to a simple attack.
Cybercriminals have put a new spin on the infamous 419 phishing scam offering "winners" a 2016 BMW X6M, a $1.5 million check and an Apple laptop in exchange for personal info.
A new ransomware named Jigsaw, inspired by the eponymous character in the Saw horror film franchise, subjects its victims to a countdown clock, deleting files every hour at an escalating rate until a ransom of $150 is paid.
The malware Qbot relies on stealth to secretly steal victims' credentials, but an unexpected glitch during a recent cyberattack alerted researchers to a new campaign featuring a more virulent strain of the software.
Adobe's April Patch Tuesday offering contained a single update fixing a flaw in its Creative Cloud Desktop Application.
Swedish military servers were used by hackers to launch 2013 attacks against U.S. financial institutions, according to reports.
The three-year long legal saga of former Department of Energy worker Charles Harvey Eccleston ended with his being sentenced to 18 months in prison for attempting to spearphish his former co-workers.
A variant of the notorious Citadel malware, dubbed Atmos, is targeting financial institutions in France, six months after Citadel's author was imprisoned.
The online prescription drug company OptumRx reported that an unknown number of customer records were compromised when a vendor employee's laptop was stolen.
Researchers at Trend Micro uncovered a new form of attack exploiting vulnerabilities in home routers.
A torrent site has added an extra layer of security for users logging in.
The FBI and DHS has scheduled a series of unclassified webinars and threat briefings across the U.S. addressing the 2015 cyberattack against Ukraine's power grid.
Security researchers at ESET reported that the spam-dispensing Mumblehard Linux botnet is no longer active due to the combined efforts of the company, the Cyber Police of Ukraine and CyS Centrum.
Georgetown University confirmed it was hit with a cyber attack last week but school officials said no data was compromised.
Exactly two years ago, Microsoft's Windows XP operating system reached its end of life, yet as of March 2016 nearly 11 percent of machines continue to use the defunct OS, the cybersecurity research firm ESET reported today.
Benjamin Earnest Nichols, a 37-year-old man from Oklahoma City faces a 10-year federal prison sentence for launching a DDoS attack against the website owned by a security researcher.
A breach at the National Childbirth Trust (NCT) in the U.K. compromised the information of 15,085 users.
German police Tuesday arrested the 22-year-old main suspect in a cybercriminal investigation spanning four countries.
Once relegated to Windows, the adware known as Pirrit has now been ported to work on the Mac OS X operating system, and this variant is more malicious than its predecessor ever was, according to the security firm Cybereason.
A U.S. district judge approved the settlement in a class action suit against Sony Entertainment.
A poor security practice in the payment authentication process in the Domino's Pizza Android mobile application allowed a U.K. security consultant to order a pizza free of charge.
The Instagram account of Australian fashion blogger Rozalia Russian was hijacked by an American hacker, who extorted $5,000 from her before handing back her credentials, according to a report in the Sydney Morning Herald.
One of the many possible cyber scenarios keeping U.S. commanders awake at night is having the Islamic State develop the capability to alter sensitive information that could endanger American forces.
Hackers are offering their services to break into corporate email for anyone paying $500, according to a new report from Dell SecureWorks.
MedStar Health was hit with samsam, or Samas, ransomware in an attack that forced the hospital group to take its systems offline in late March, according to story from the Associated Press.
U.S. toy manufacturer Mattel fell victim to a phishing campaign, but was able to recover its money.
A personal laptop and hard drives that may have contained data on close to 5 million medical patients was stolen from a Washington State federal building, prompting calls for the Department of Health and Human Services to reveal the extent of the damage.
Between October 2013 and February 2016, 17,642 global businesses collectively lost $2.3 billion to business email compromise scams, according to the FBI.
U.K.-based security researcher Jack Whitton netted $13,000 in Microsoft's bug bounty discovering a serious authentication vulnerability.
The U.S. Department of Homeland Security, in collaboration with Canadian Cyber Incident Response Centre, issued an official ransomware alert.
Researchers discovered more than 100 Android apps infected with Android.Spy.277.origin, an adware Trojan that contains spyware functionality.
Routers from Taiwan-based electronic hardware manufacturer Quanta Computer are plagued with serious vulnerabilities, according to researcher Pierre Kim in his blog, A Slice of Kimchi.
Cisco's recently launched line of FirePower firewall products are receiving a free "high severity" security update to fix a critical vulnerability.
A vulnerability affecting Nexus 5 Android devices was patched by Google
The Center for Democracy & Technology (CDT) has formed a 56-member strong inaugural Advisory Council that will advise on its policy advocacy work.
A researcher netted $500 from PayPal's bug bounty program for a vulnerability that could have allowed phishing and other attacks.
Reusable vulnerabilities affecting popular Firefox extensions discovered by researchers at Boston University and Northeastern University were disclosed at Black Hat Asia in Singapore.
SC Magazine Articles
- Was Spotify breached? Account info shows up on Pastebin
- Report: Ransomware feeds off poor endpoint security
- Researcher finds backdoor that accessed Facebook employee passwords
- Over 7M Minecraft mobile credentials exposed after Lifeboat data breach
- DōTERRA breach exposes customer info; including SS, DOB, and addresses
- UPDATE: Petya ransomware leverages Dropbox and overwrites hard drives
- Federal court bucks trend, rules general liability insurance covers data breach
- The anatomy of a spearphishing scam, or how to steal $100M with a fake email
- FBI investigating attack against computer networks at U.S. law firms