In a letter to the Department of Health and Human Services, Reps. Ted Lieu (D-Calif.) and Will Hurd (R-Texas) encouraged the agency to develop guidance for healthcare providers to use when responding to ransomware attacks.
DHS and U.S. Customs propose screening of social media accounts for foreign travelers.
Russia's lower house of parliament approved sweeping anti-terrorism legislation that requires companies to decrypt any message sent by users.
The demise of the Nuclear and Angler exploit kits (EK) has proven to be a financial boon for the backers of Neutrino, who have doubled the monthly rental price of this EK.
Viber, a popular social media app, is being targeted by malware capable of stealing photos and videos.
A newly discovered ransomware named Bart doesn't need to connect with a command-and-control server in order to encrypt victims' files, meaning even the strongest corporate firewalls may be unable to stop Bart from rendering a PC ineffective.
A disgruntled ex-employee of an insurance firm uploaded the personal details of 112,000 French police officers to a Google Drive account on June 2 possibly exposing the officer's personal information, including addresses.
A British teenager has admitted to instigating cyberattacks on SeaWorld in Florida, but has denied launching bomb threats to airlines in the U.S. via Twitter.
According to the signatures found on a U.K. parliament online petition, people in Antarctica, North Korea and Vatican City would like a second EU referendum to be held.
A prankster Saturday hacked the official SEC (Southeastern Conference) Twitter account and posted pictures of scantily clad women.
Israeli researchers have developed malware capable of transmitting data stolen from an air-gapped computer by manipulating the speed of its CPU and chassis cooling fans.
Three weeks after hijacking Facebook CEO Mark Zuckerberg's Twitter and Pinterest accounts, the mischievous OurMine hacking group appears to have briefly seized control of Google CEO Sundar Pichai's Quora account.
Cable provider Cable One alerted its customers of a phishing email scam looking to steal payment and personal information.
The SEC obtained an emergency court order from a New York court to freeze assets belonging to a UK citizen who allegedly engaged in a sophisticated hacking and market manipulation scheme.
MDM software, widely used to manage and secure employee devices in BYOD programs, compromise user privacy, according to a recent study.
Law enforcement officials in Knox County, Ill. earlier this week arrested a longtime IT employee of Abingdon-Avon School District #276 on electronic eavesdropping charges in connection with a recent data breach, according to local reports.
Citing the success enjoyed by the DoD's Hack the Pentagon bug bounty program, the HHS is considering using ethical hackers to discover flaws in medical devices and systems.
German and Austrian computer users are being targeted with a new malware campaign.
Rapid7 yesterday publicly disclosed a class of vulnerabilities in Swagger-codegen, a code generator for the OpenAPI specification, aka Swagger)
Unidentified individuals hacked into the loyalty program of at least 20 accounts at Air India to steal nearly $24,000 worth of frequent flier miles.
The Federal Trade Commission (FTC) fined the InMobi ad network $950,000 for tracking the location of hundreds of millions of consumers without consent.
Ethereum, a rival to bitcoin, is under seige after follow-up attacks continue to siphon funds based in the cryptocurrency.
A flaw opens users to the possibility of information leakage, denial of service, directory traversal and buffer overflow.
Annapolis, Maryland officials spotted malware on parking garage servers which may have compromised customer payment information.
House lawmakers voted on two bills aimed at creating effective partnerships between the U.S. Department of Homeland Security (DHS) and the private sector.
WordPress has released version 4.5.3 of its content management system, fixing eight security vulnerabilities that surfaced in previous versions, as well as 17 other bugs.
Google has made it easier for consumers to implement and make use of its two-factor authorization (2FA) system by adding a clickable prompt button that replaces the currently used texted six-digit code that is used to unlock an account.
The U.S. and Israel are set will announce a bilateral threat sharing program that is expected to begin in the next few months.
Scammers looked to steal payment information from Apple customers using phishing emails claiming that a virus was detected in the iTunes database.
Addressing a vulnerability that could have potentially resulted in remote code execution, Apple yesterday announced a firmware update for several of its AirPort Wi-Fi products.
The continuing need for the now out of stock IPv4 addresses has helped create a black market for these, according to the American Registry for Internet Numbers (ARIN).
Kaspersky Lab researchers obtained evidence suggesting the xDedic underground marketplace may have been larger than previously thought.
W3C digital rights management working group chairman vetoed a proposal to discuss HTML5 standards before renewing the group's charter.
U.S. Defense Secretary Ash Carter praised hackers who participated in the first ever "hack the Pentagon" bug bounty program which ended up revealing 138 vulnerabilities found on several Department of Defense's public websites.
Every version of the Microsoft Windows operating system is at risk from a number of security weaknesses detected by a Chinese researcher.
A Lizard Squad linked hacker taunted Blizzard Entertainment after server issues affected popular gaming networks.
Customers are at risk of marketers using the data to approach them with unsolicited offers.
CIA Director John Brennan was asked about reports that Twitter has not made the Dataminr analytics service available to U.S. intelligence agencies, but has made the service available to a Russian news outlet.
GitHub reported on June 14 someone launched a campaign to access several GitHub.com accounts using stolen login credentials.
Researchers at FireEye have found that certain iOS versions of the Vpon mobile ad software development kit (SKD) contain code that could allow bad actors to remotely take command of certain mobile apps.
A probe into the cybertheft of $81 million from the account of Bangladesh Bank held at the Federal Reserve Bank of New York is now under way by the U.S. attorney's office.
Apple is making it mandatory for its App Store developers to use HTTPS when connecting to the company's servers.
Following the shuttering of the Necurs botnet, security researchers noticed a subsequent drop in Angler exploit kits and other malware campaigns.
SAP this week patched 21 product vulnerabilities, including an information disclosure flaw that was originally disclosed more than three years ago.
Enterprises procuring detection and response technologies are at an advantage in fending off cyber incidents over those investing in perimeter-based solutions, a new RSA report found.
Authorities in Geneva have reportedly arrested a former IT worker at the law firm Mossack Fonseca in connection to the Panama Papers scandal that exposed global public officials' alleged misuse of offshore tax havens.
The U.S. Government Accountability Office has a few questions it would like the FBI to answer about its facial recognition database that contains 411 million photos.
Four vulnerabilities, one critical, were revealed in the web-based management interfaces of three Cisco products, including a firewall and two wireless routers (models RV110W, RV130W and RV215W).
A hacker called "Guccifer 2.0" claimed credit for breaking into the Democratic National Committee computer system and released the DNC's opposition research on Republican presidential candidate Donald Trump.
In a first of its kind case, an ISIS-linked hacker pleaded guilty to providing material support to a designated foreign terrorist organization.
Following the Orlando tragedy, an Anonymous hacker hijacked the Twitter accounts of ISIS supporters and flooded their profiles with gay porn.
An engineer is facing economic espionage charges after attempting to sell proprietary source code stolen from his former employer.
The U.S. Air Force lost 12 years of records containing fraud and abuse investigations from its inspector general and legislative liaison offices as a result of a database crash.
Users of PayPal are being targeted in a new phishing scheme that steals their credentials.
A vulnerability that could have allowed attackers to hijack incoming emails from Verizon users' inboxes without their knowledge was detected and, a month later, patched.
Presumptive Democratic presidential nominee Hillary Clinton told a crowd in Cleveland that she would push tech companies to cooperate with government requests for help in tracking and identifying terrorists and foiling their plots.
Encrypted messaging app Telegram reportedly contains an unpatched vulnerability that bad actors can exploit to send massive text messages that drive up data charges or cause mobile phones to crash.
NSA Deputy Director Richard Ledgett said his agency is researching opportunities to collect from internet of things devices.
Microsoft's June Patch Tuesday offering served up 16 update bulletins with five rated critical covering 44 CVEs, which equaled the number posted in May, but with three fewer critical issues.
House lawmakers are reportedly seeking to introduce legislative measures that would limit domestic surveillance conducted by the National Security Agency (NSA) and protect encrypted communications.
A jury convicted former IT professional Michael Thomas of Lewisville, Texas, under the Computer Fraud and Abuse Act, finding him guilty of sabotaging the computer systems of auto industry web software provider ClickMotive.
Louisiana grapples with hurricanes, gators, now a hacker who posted data of 290K citizens on dark web
A hacker has put drivers' license and other personal information on 290,000 of the bayou state's citizens for sale on the dark web.
South Korean law enforcement officials said North Korea spent two years hacking into more than 100,000 computers as a prelude to a nationwide cyberattack.
Gery Shalon and Ziv Orenstein, accused of orchestrating the largest-ever theft of customer data from a U.S. financial institution, were extradited from Israel to the U.S. late last week.
Updated: Cisco Talos stated today that it has a Teslacrypt decryptor tool up and running and ready for download that will work against any variant of this ransomware.
ClearSky researchers spotted the cyberespionage group the "Gaza Cybergang" resuming operations after shutting down activities in January 2016.
The Android trojan "Triada," known for granting superuser privileges to other downloaded Trojans, is now embedding itself into at least four browsers in order to intercept URL requests and send users instead to malicious mobile websites, according to Kaspersky Lab.
The Department of Homeland Security received a $1.8B infusion aimed at protecting against cyberattacks and safeguarding critical infrastructure.
A journalist convicted of hacking is facing a fine of $250K to pay back the employer he violated
The U.S. Office of Personnel Management (OPM) in April discreetly hired a cybersecurity adviser from within the Office of Management and Budget (OMB) to be its new CISO, according to a report.
Cisco Talos researchers spotted a vulnerability in ESnet iPerf3 that could allow remote code execution.
A new study examines consumer attitudes toward corporate hacking and companies should take heed.
Cisco Talos researchers spotted an arbitrary code execution vulnerability in PDFium, Google Chrome's default PDF reader.
All it takes is one of three words and impersonating the correct executive to pull off a successful Business Email Compromise attack, according to a new Trend Micro report.
Morgan Stanley agreed to pay a $1 million fine to settle a proceeding launched by the Securities and Exchange Commission's that the financial services giant failed to set up adequate precautions of customer data.
The botnet that was used to deliver Dridex and Locky appears to have vanished.
CiCi's Pizza may have suffered a point-of-sale (POS) breach through third party vendor.
Skype being used to distribute QRAT malware to unsuspecting travelers looking for help on filling out U.S, travel documents.
Uber paid Finnish researcher Jouko Pynnönen a $10,000 bounty for discovering a login bypass vulnerability.
Researchers examining SNSLocker ransomware discovered credentials of the server within the malware's source code.
State Farm is alerting customers of a data security incident involving a third party vendor's misuse of customer information.
After an unknown perpetrator impersonated her in mobile phone store, the FTC's chief technologist, Lorrie Cranor, warned mobile customers of phone and SIM card scams, and urged carriers to employ additional security measures.
More government personnel are needed to pursue and prosecute cyberthieves, ESET said.
Following several social media site breaches, Netflix said users whose passwords may have been compromised must change their login credentials.
The IRS has pumped up its web security by adding multifactor authentication to thwart cyberthieves eager for the trove of taxpayer information held in its databases.
Ten days after a malware attack crippled the University of Calgary's computer system school officials reported that it paid a $20,000 CDN, or $15,749 U.S.,ransom to regain access.
Many Mt. Gox victims are falling prey once again, this time to phishing scammers, according to Cyren researchers who have observed spam messages emanating from the Kraken exchange.
The NFL's Twitter account was hacked today with a tweet being posted stating that league commissioner Roger Goodell was dead.
Researchers spotted an upgraded version of the talking ransomware, Cerber, with more bite.
Tech-savvy ISIS sent out an alert that an unknown source has released fake Android apps that the terrorist group fears may be used to spy on them.
Human resources vendor Empathia announced a potential data breach affecting its employee assistance program.
An FBI special agent deposed in federal court has stated that the network investigative technique (NIT) used to identify members of child pornography site Playpen should not be defined as malware because its behavior was not malicious.
Sen. Sheldon Whitehouse (D-R.I.) proposed Monday the creation of a cybersecurity czar whose office would oversee the actions of the various federal agency inspector general (IG) offices ensuring each is performing at optimum levels.
A website belonging to the National Network of Abortion Funds was hacked around April 7.
FireEye has found the Angler Exploit Kit can now evade Microsoft's EMET and attack machines running Windows 7.
A federal court ruled that under its cyber policy, Chubb Ltd. will not have to reimburse restaurant chain P.F. Chang's for expenses charged the chain by its credit card processor after a 2014 data breach.
A number of groups have banded together to call for an end to warrantless mass surveillance.
A hacker that has targeted several American social media sites has now hit the Russian version of Facebook
The legislation, also known as the Draft Data Communications Bill, would enlist U.K.-based companies to store a 12-month backlog of data about every individual.
SC Magazine Articles
- Microsoft Office 365 hit with massive Cerber ransomware attack, report
- Brexit shakeup: How will the U.K.'s exit from the EU affect the technology sector?
- Blasphemy! Godless malware preys on nearly 90 percent of Android devices
- Dangerous connections: Risky LinkedIn behavior runs rampant, finds survey
- Updated: How will Brexit affect the cyber-security industry in UK and Europe?
- Microsoft Office 365 hit with massive Cerber ransomware attack, report
- Wendy's POS breach 'considerably' bigger than first thought
- No hacking required: Israeli researchers show how to steal data through PC components
- Don't connect your charging cell to a computer or you may get hacked!