Sony Pictures Entertainment sidestepped a class action suit by reaching a settlement with former employees whose information was exposed in a high-profile breach.
A London sexual health clinic accidentally leaked the HIV status, names, and email addresses of 780 patients in a newsletter.
Malwarebytes is reporting that a new variant of the adware installer has surfaced that grants access to a user's keychain.
Following one of the largest data breaches in U.S. government history, the Office of Personnel Management (OPM) and the Department of Defense (DoD) awarded Identity Theft Guard Solutions a $133,263,550 contract.
Trustwave announced Monday that it has been acquired by Singapore Telecommunication Limited for $770 million.
Trend Micro and ClearSky published an updated report on Rocket Kitten, a state-sponsored group targeting Israeli and European organizations.
After a stint at CipherCloud, former Forrester vice president and Intel Security exec Chenxi Wang has joined Twistlock to oversee corporate strategy and marketing.
Digital identities are being exploited on a routine basis by sophisticated cybercriminals, says a just released ThreatMetrix study.
In a story that could have been ripped from the pages from the now defunct News of the World, that newspaper's former editor Rebekah Brooks is reportedly in talks to return to News Corp.
A newly registered domain disguises itself as an official Electronic Frontier Foundation website and is being used in various spear phishing attacks.
Facebook is developing new technologies to help crack down on video piracy.
The automotive hacking prowess of security researchers Charlie Miller and Chris Valasek caught the eye of car service Uber, which has hired them to join the team at the company's Advanced Technologies Center.
A Virginia teenager was sentenced to136 months in prison and will have his internet activity monitored for the rest of his life for conspiring with the Islamic State in Iraq and the Levant (ISIL).
Finnish authorities nabbed Russian citizen Maxim Senakh, wanted in the U.S. on computer fraud charges for spreading malware.
The U.S. Court of Appeals for the District of Columbia Circuit overturned a judge's ruling on Friday, ultimately siding with the NSA's of phone metadata collection program.
Successful exploitation of the ColdFusion vulnerability could result in information disclosure, Adobe said.
Illinois Gov. Bruce Rauner called a recent breach notification amendment a "significant departure from the data protection laws of other states."
Eleven law firms filed with a Minnesota court this past week to ask for class-action certification over Target's 2013 data breach.
CERT issued a warning on Tuesday over a vulnerability in DSL routers that all contained the same hard-coded credentials.
In exchange for the use of the NSA's XKeyscore software, Germany's intelligence agency gives information on its targets to the U.S. agency.
Automakers are banding together to help guard against and mitigate a new breed of cyberattack targeting on-board computer systems.
Jing Zeng, a former Machine Zone exec was arrested on charges of stealing trade secrets while boarding a plane to China.
Microsoft's VP of Marketing for Windows and Devices, Yusuf Mehdi, gave his Twitter followers updates on the new OS earlier this week.
Cesar Mauricio Estrada-Davila, of Los Angeles, faces 150 charges relating to extorting young girls for naked photos.
Dropbox users may be the target of a new phishing scam that utilizes a compromised Wordpress site, according to a post by Dr. Johannes B. Ullrich on the SANS Internet Storm Center InfoSec Community Forums.
Researcher Jonathan Mayer documented AT&T injecting ads over HTTP connections on its free Wi-Fi hotspot.
Malware author Morgan Culbertson pleaded guilty on Tuesday in a Pittsburgh federal court.
A Las Vegas man pleaded guilty to sending more than 27 million Facebook messages in a massive spam campaign.
Torrent trackers are reportedly banning Windows 10 users due to concerns that the operating system is sharing user data with Microsoft.
Charlie Miller, a highly regarded security researcher, well known for demonstrating flaws on Apple products and in computer systems on vehicles, announced Monday he is leaving Twitter's security team.
Canada's primary privacy watchdog group and other international entities are investigating the Ashley Madison data breach after stolen data has continued to surface online.
An Alabama man, along with several partners, have been indicted on ID theft and other tax-related charges for filing false income tax returns.
The Third Circuit Court of Appeals Monday upheld a lower court decision confirming that the FTC had the authority to pursue enforcement action against Wyndham after a trio of breaches.
British teen Charlton Floate faces jail time after boasting about his role in taking down U.S. and U.K. government websites.
Rutgers hired three cybersecurity firms and plans to spend millions to protect its computer networks
Twitter blocked API access for Diplotwoops, which collected deleted tweets from politicians, diplomats and embassies.
Pace University's Seidenberg School of Computer Science and Information Systems received a $2.5 million grant from the National Science Foundation.
A Hong Kong-based website has been compromised to serve up malware through a just patched memory corruption vulnerability in Internet Explorer.
Phillip Fleitz of Indianapolis is the third person in the U.S. to plead guilty in the Darkode cybercrime case.
The UK's Information Commissioner's Office ordered Google to remove links to webpages detailing a minor crime and the company's prior removal of links related to the offense.
Lee Gray, aka Supremesmoke, was indicted in Indiana earlier this week on federal charges of drug trafficking and money laundering on the Deep Web.
Open source CMS platform Drupal has issued security patches to address several critical vulnerabilities affecting Drupal 6 and 7.
Impact Team has reportedly made a lot more Ashley Madison data available online and in the process teased the adultery site's CEO over the breach's validity.
An investigations firm that vetted Edward Snowden agreed to a $30 million settlement with the U.S. government on Wednesday.
After lightning struck a local utility grid, one of Google's European data centers suffered a power outage that led to "some" permanent data loss.
Europol's European Cybercrime Center and FireEye will be sharing knowledge and expertise to fight cybercrime.
The FBI announced that Darkode hacker Eric Crocker, known as "Phastman," pleaded guilty on Monday for sending spam.
The Federal Communications Commission (FCC) settled with Smart City Holdings, an internet and telecommunications provider, for its blocking of personal mobile hotspots.
Adobe released a hotfix for LiveCycle Data Services, patching a vulnerability that could result in information being disclosed.
Target will fork over as much as $67 million to banks issuing Visa cards and $10 million to customers who were affected in its 2013 breach.
Carnegie Mellon University researchers analyzed 35 dark web marketplaces, including the Silk Road, to determine their daily sales.
Uber is looking to bump its security team from 25 to more than 100 members by the end of the year.
Mozilla has entered the pre-beta phase for testing an improved private browsing feature in Firefox.
The Chinese Ministry of Public Security arrested 15,000 people for cybercrimes as part of a long-term operation dubbed "Cleaning the Internet."
Drivers in the Washington, D.C. metro area are being targeted by a phishing scam that purports to come from E-ZPass.
Researchers at WOOT '15 demonstrated how the BitTorrent protocol family is vulnerable to DRDoS attacks.
The Associated Press is reporting today that the Internal Revenue Service (IRS) breach that took place in May could now affect more than 300,000 taxpayer accounts.
AT&T provided access to emails and tech assistance to the NSA, the New York Times reported.
Nearly two-thirds of survey respondents believe their organization is a potential target for nation-state cyberattacks.
Adobe ordered to pay $1.1 million in legal fees as well as an "undisclosed settlement" to users following breach that affected 38 million.
After the FAA issued a five-hour flight restriction Saturday, airlines canceled flights served by a busy Virginia air traffic control center.
Researchers have spotted attackers using fake Facebook accounts to post malicious links in the comments of popular content.
After a patch for the Stagefright flaw was discovered to be incomplete, leaving Android devices vulnerable to attack, Google has released a new patch to open source.
Facebook withdrew an internship offer from a Harvard student after her created an app to exploit a flaw in Facebook Messenger.
OpenSSH released version 7.0 this week, along with four security fixes and various new features.
Researchers at Malwarebytes uncovered a malvertising campaign against AdSpirit.de, similar to the one used recently on Yahoo.
Geraldine "Gerri" Elliot was appointed by the cyber security solutions firm Impeva to the company's board of directors.
The malware was detected by Fortinet as Android/Locker.CB!tr and is capable of receiving a variety of commands.
Security and performance issues addressed in latest update to Apple's Yosemite operating system.
Dropbox is adding Universal 2nd Factor (U2F) security keys to its two-step verification process, the company announced in a Wednesday blog post.
Facebook awarded $100K to a team of Georgia Tech researchers for discovering a new class of vulnerabilities and for creating a detection technique.
Mobile Devices said will soon distribute an update that will fix the security flaw in its On-Board Diagnostics II (OBD-II) dongle which was shown to allow a Corvette to be controlled through a text message.
Secretary of State John Kerry told CBS that "it's very likely" that Chinese and Russian governments are reading his emails.
Adobe's Flash Player and AIR updates fix 35 bugs, the majority of which could lead to code execution.
Researchers at the University of California at San Diego have figured out how to control certain features on a car via text.
A researcher discovered a zero-day vulnerability inside the x86 processor architecture that can allow attackers to install rootkits.
Symantec confirmed its $8 billion in cash agreement to sell its Veritas data-storage business to investors led by Carlyle Group LP, a private-equity firm.
The U.S. Joint Chiefs of Staff's unclassified email system was brought back online yesterday after being shut down for two weeks when a phishing scam, possibly by the Russian group Apt 29, was discovered.
House Oversight Committee Chairman Jason Chaffetz, R-Utah, renewed his call that the Federal Office of Personnel Management (OPM) chief information officer should be removed in light of a report made by the OPM Inspector General (IG).
U.K. ham radio operators are the target of a phishing scam asking them to open a malware-infected attachment purportedly from Ofcom Spectrum Licensing.
Ubiquiti Networks, a wireless networking products provider, lost nearly $47 million in cyber fraud involving phony transfer requests.
Aerial Assault displayed a drone at DEF CON 23 equipped to fly to and then hack into a corporate network.
Security Researcher Morgan Marquis-Boire revealed that RAT AlienSpy was used to spy on the phone of Alberto Nisman.
A pair of researchers developed an exploit that allows them to override the user controls of Boosted electric skateboards
The Miami Valley Regional Planning Commission just reported that last month it was the victim of a ransomware attack and was asked to pay 500 Bitcoins to release 15,000 impacted files.
Microsoft will double the payout maximum under its bug bounty program and up the ante for authentication vulnerabilities found during a bonus period.
ICANN has fallen victim to a hacker attack.
Evgeniy Bogachev allegedly conducted espionage on a Zeus botnet that was typically used for fraud purposes.
An Android vulnerability - dubbed Certifi-gate - can enable an attacker to take over practically any device running the popular mobile operating system.
Tesla Motors has already patched the flaw that allowed researchers to turn off and stop a Tesla S when it is driving at slow speed.
NAVSEA seeks a vendor to provide data breach response services following breach of OPM.
The Chinese government plans to embed cybersecurity police units into major Chinese internet companies.
Samsung will issue monthly Android patches through various agreements with carriers and partners around the world.
Fiat Chrysler and Harman International were hit with class action lawsuit brought by three Jeep owners over a security flaw found in Harman's uConnect infotainment system.
A Russian hacker illegally manipulated over a dozen penny stocks generating more than $77,000 AUD in false profits, according to the Australian Securities & Investment Commission (ASIC).
Symantec researchers have concluded that the recently created Thunderstrike 2 Mac worm is a viable threat; however it should be easily fended off by taking a few simple precautions.
WordPress released a security update to address several vulnerabilities that existed in all previous versions.
The Internet Crime Complaint Center (IC3) issued an alert about extortion campaigns that threaten businesses with a distributed denial-of-service (DDoS) attack unless a ransom is paid.
Cisco detailed a new phishing campaign that's disguised as email recipients' complementary Windows 10 upgrade.
Facebook launched its "Security Checkup" tool to acquaint users with its security features.
Sign up to our newsletters
SC Magazine Articles
- Nearly 90 percent of Android devices vulnerable to endless reboot bug
- Women in IT Security: 10 Power Players
- Scanner identifies thousands of malicious Android apps on Google Play, other markets
- Report: Phishing costs average organization $3.7 million per year
- Women in IT Security: Women of influence
- U.S. workers roll the dice by gambling on their company phone
- Young hackers: Criminal or innovator?
- U.S. officials may impose sanctions against Russia, China for cyber attacks
- Baby monitor vulnerabilities bring IoT security issues into sharp focus
- The creator of PGP doesn't use PGP, spurring discussion