Linux creator slams Windows, OS X, popular apps as malware

In a scathing opinion piece, Linux creator Richard Stallman denounced the prevalence of malware and urged users to fight back.

Global initiative 'Securing Smart Cities' launches

IOActive, Kaspersky Lab, and the Cloud Security Alliance are among the security organizations supporting the effort.

Report: IRS breach impacts more than 100,000 taxpayers

Attackers gained access to an Internal Revenue Service system called "Get Transcript" in order to obtain information on more than 100,000 taxpayers.

More than 30 scareware apps disguised as Minecraft cheats in Google Play

More than 30 apps in the Google Play store were found to be scareware posing as Minecraft cheats.

Macro malware writers tracking campaigns through images

Malicious macro writers are beginning to track their malware through images to determine how well their malware is proliferating.

U.S. authorities investigate fraudulent Uber charges to British accounts

U.S. authorities are investigating claims by British Uber customers that they were charged for phantom rides in the U.S.

NEWS ALERT: Senate blocks USA PATRIOT Act reauthorization

A Friday night 57-42 vote in the Senate before the Memorial Day weekend fell short of the 60 votes needed to reauthorize Section 215 of the USA PATRIOT Act.

Hospitals in at least 3 states affected by employee data breach

Thousands of hospital patients in at least three states may have had their personal information compromised after MML data breach.

IC3 report says social media-related complaints quadrupled over five years

On Tuesday, the FBI's Internet Crime Complaint Center (IC3) published trends and findings from 2014.

House lawmakers' information accessed in CareFirst BlueCross BlueShield breach

House lawmakers might have had some of their personal data compromised in the confirmed CareFirst BlueCross BlueShield data breach earlier this week.

Method identified to generate unlimited Starbucks gift card funds

A hacker with security firm Sakurity identified a way to generate unlimited funds on Starbucks gift cards, and proved that it worked.

Nigerian man sentenced to 3 years for phishing scam targeting gov't workers

A Nigerian man was sentenced to three years in prison for his role in a phishing scheme targeting U.S. government employees.

Ohio student hacks school computer, shares data of 113 students

An Ohio student is under investigation for hacking into a school district server and sharing the information of at least one other student.

NEWS ALERT: AdultFriendFinder users' online dating info compromised

Hackers might have accessed and posted the information of up to 4 millions AdultFriendFinder users.

Alleged NullCrew member French back in custody

After being free on bond since summer 2014, alleged hacker Timothy French has been taken into custody to await his trial, the Chicago Sun-Times reports.

UC Browser found leaking personal data

Researchers wrote in a paper that UC Browser's English and Chinese versions leak personal and personally-identifiable data.

RadioShack, state coalition reach terms on sale of customer data

RadioShack and a coalition of 38 states have reached an agreement allowing RadioShack to sell the customer data under certain conditions.

Telstra discloses Pacnet security breach

Shortly after completing its acquisition, Telstra learned that an unauthorized third party gained access to the corporate IT network of Pacnet.

Extortion malware for Android, iOS rose in second half of 2014, report says

F-Secure observed an uptick in ransomware as well as malware for both Android and iOS in the second half of last year, according to its new threat report.

NSA protesters plant secret recorders around NYC, post sound files online

Purporting to be free agency contractors, an unknown number of protesters planted tape recorders around New York City to capture civilians' conversations and publish them online.

NEWS ALERT: Fix for 'logjam' bug could impact 20K websites

A team of security pros have come up with a fix for the "logjam" bug, but implementing it could have serious consequences for thousands of websites.

Letter urges McConnell, Senate leaders to let sun set on Section 215

In a brief, to-the-point letter, a wide mix of organizations asked Senate leaders to abandon attempts to extend Section 215 of the USA PATRIOT Act.

Android vulnerability allows attackers to 'spoof' URL titles

An Android stock browser vulnerability was discovered that could allow cyber criminals to "spoof" the address bars and potentially carry out phishing schemes.

Fake bitly links used to distribute malware, spam

Researchers have observed an uptick in the number of fake Bitly links being used to distribute malware and spam.

Google, Apple and others urge Obama to reinforce default encryption standards

Dozens of other companies, civil society groups and security and policy experts, sent a letter to President Barack Obama on Tuesday stressing the importance of rejecting legislation requiring backdoors into new technology.

Sen. Vitter introduces Student Privacy Protection Act

Another bill aimed at protecting students' privacy has been presented to Congress.

Oracle patches buffer overflow bug VENOM

The security alert, issued Friday, addresses a serious buffer overflow vulnerability in QEMU's virtual Floppy Disk Controller (FDC).

Two Idaho students face charges after DDoS attacks against school district

Two Idaho students face felonies after paying someone to carry out DDoS attacks on servers in the West Ada School District.

SEA hacks Washington Post mobile site

Back in 2013, the Syrian Electronic Army (SEA) hacked The Washington Post's site, redirecting visitors to hacker-controlled pages.

Grand Theft Auto V 'mods' infecting gamers with malware

According to one analysis of the threat, the attacker used a keylogger to capture anything typed using the keyboard.

Black Hat unveils selections for Vegas briefings

For its 18th year in Las Vegas, Black Hat received its largest pool of submission yet from security pros.

United Airlines bug bounty program pays in air miles

United Airlines has become the first airline to offer a bug bounty program - and researchers will receive air miles, not dollars, for their discoveries.

Sally Beauty confirms payment card systems intrusion

After experiencing a similar incident in 2014, Sally Beauty announced Thursday that an illegal intrusion into its payment card systems has occurred.

U.K. updates cybercrime law allowing for life in prison sentence

Both the U.K. and Nigeria toughened their legal stances on cybercrime this month with Nigeria even allowing for the death sentence.

Survey highlights millennial, baby boomer habits on corporate devices

Sixty-four percent of millennials used their employer-owned device for personal use, compared to 37 percent of baby boomers.

Under-secured SOHO routers leveraged in DDoS attack campaign

Incapsula found that each compromised router was, on average, infected with four variants of MrBlack malware, which is used for DDoS attacks.

Verizon Wireless, Sprint in $158M settlement with FCC over cramming

The Federal Communications Commission (FCC) said Verizon Wireless and Sprint would pay $90 million and $68 million respectively for billing customers for unauthorized third-party texting services charges.

NEWS ALERT: House of Representatives passes USA Freedom Act

The U.S. House of Representatives overwhelmingly passed the USA Freedom Act today with 338 Representatives voting in favor of the bill and only 88 against it

White House urges Congress to pass USA Freedom Act

The bill, which aims to end NSA's bulk collection of Americans' phone data, recently passed a House committee.

Survey: 20 percent of repsondents worked for a company that hid a breach

AlienVault surveyed 1,107 attendees of the RSA Conference 2015 in San Francisco and found that nine percent would keep quiet if nobody knew about a breach.

Majority of people unable to discern phishing emails from legitimate ones

Intel Security asked survey respondents to pick out legitimate emails from phishing attacks, and most fell for at least one attack.

Two new ransomware threats identified

Two new pieces of file encrypting ransomware have been identified, one by Symantec and the other by a security researcher at Rackspace.

Juniper Research: Business breach costs to jump to $2.1 trillion by 2019

Juniper Research revealed the findings in a report on "The Future of Cybercrime and Security."

Former FTC chief technologist Felten is new White House deputy CTO

Princeton professor and former FTC chief technologist Ed Felten has joined the White House "techie" team as deputy CTO.

Firefox 38 fixes a number of vulnerabilities, several deemed critical

A number of the vulnerabilities addressed in Firefox 38 could lead to potentially exploitable crashes.

Adobe plugs critical bugs in Reader, Acrobat and Flash Player

The company patched dozens of critical vulnerabilities for users on Windows, Macintosh and Linux platforms.

VA inks $50M contract to improve audit readiness

The Department of Veterans Affairs (VA) has awarded a $50 million contract to ASM Research to help improve security and audit readiness.

NSA chief confirms physical retaliation could be warranted in cyber attack response

Navy Adm. and head of the National Security Agency (NSA) Michael Rogers on the U.S. government's stance on cyber attack retaliation.

Healthy Living investigates potential payment card breach

Certain customers experienced unauthorized charges to their credit cards in November and December 2014.

NEWS ALERT: Penn. police searching for IT security pro's missing son

Mason Pachulski, the son of Keith Pachulski, was last seen this morning outside his family's home in Jim Thorpe, Penn.

The Tor Cloud project shuts down

The Tor Cloud project has been discontinued due to a number of vulnerabilities and a lack of individuals available to maintain the service.

Russia and China form cyber alliance

Russia and Chiana have agreed to join forces stop not hack each other as well as to fight cyber attacks as well.

Laptop search and seizure at CA border ruled unreasonable

A federal court has ruled that the search of a traveling businessman's laptop in 2013 was unreasonable and violated his privacy.

Two men arrested for Photobucket breach

Two men were arrested for conspiring to breach Photobucket security and sell private information.

Germany stops NSA internet surveillance, sets parameters

Germany has stopped its internet surveillance for the NSA after tensions arose over the US spying on European officials.

Analysts believe Rombertik was used to conceal other malware attacks

Blue Coat analyzed Rombertik, a threat initially uncovered by Cisco, and found that the malware served as an obfuscating wrapper for crimeware tools.

Lockheed Martin invests nearly $10M in Cybereason

Lockheed Martin is investing an estimated $10 million dollar investment in security firm Cybereason.

Apple updates Safari, fixes multiple bugs

The technology company patched vulnerabilities in older Safari versions on Wednesday.

One-click fraud campaign targets IE users in Japan and China

The attack involves getting a user to download and run an HTML Application file, which Symantec researchers observed occurring on porn video websites.

FireKeepers investigates potential breach, replaces POS equipment

Michigan-based FireKeepers Casino Hotel is investigating a potential security incident involving its point-of-sale systems.

Katherine Brin will serve as the new FTC CPO

The Federal Trade Commission announced, in a release today, Katherine Race Brin will serve as the new FTC CPO

Va. ACLU sues Fairfax police dept. for storing data from ALPR

ACLU has sued a Virginia police department for collecting an LPR database on vehicles belonging to people not under investigation.

Microsoft axes Patch Tuesday updates

With the release of Windows 10, Microsoft will cease issuing monthly Patch Tuesday updates on Patch Tuesday, and instead will push fixes out as soon as they're available.

Harbortouch reveals malware was installed on merchant POS systems

The malware targeted individual merchant locations and not Harbortouch, and Harbortouch's own network was not affected.

EC Digital Single Market Strategy takes aim at geo-blocking, copyright restrictions

The European Commission has adopted a new 16-initiative strategy that would make it easier for consumers to access digital services and goods.

Vulnerability identified in eShop WordPress plugin

High-Tech Bridge Security Research Lab identified the vulnerability in the eShop plugin, which affects version 6.3.11 and likely lower.

Harry Reid attempts to block trade vote until FISA is discussed

The Senate will likely vote on a trade bill over the expiring Foreign Intelligence Surveillance Act.

IRS adds new unit to fight cybercrime, fraud

The IRS is assembling a team to combat the rising tide of identity theft and fraudulent tax return claims.

FBI promotes Demarest to new cyber exec position

The FBI has created a new position to help coordinate its response efforts to cybercrimes and establish better data sharing relationships.

Lower house of French Parliament approves surveillance bill

The lower house of the French Parliament has approved a controversial intelligence bill that could broaden the government's surveillance powers.

Netflix unveils threat detection management platform

Netflix announced on Monday the open source release of a threat detection management platform it has named FIDO.

Possible payment card breach at Hard Rock Hotel & Casino Las Vegas

Cards used between Sept. 3, 2014, and April 2 at restaurant, bar and retail locations may have been compromised

India and Japan form cyber alliance

Indian officials met with a Japanese contingent last week to discuss how the two nations could work together to fight cyber crime and invest in India's IT sector.

Partners HealthCare says workers responded to phishing emails, patient data at risk

A phishing scheme may have compromised the information of nearly 3,300 patients.

Canadian woman accused of harassing adults, minors using RAT

A Canadian woman was arrested for allegedly infecting computers using a RAT, and harassing and spying on victims.

FAA: Software bug impacts Boeing 787 electrical power

The aviation authority instructed operators to take "interim action" to prevent loss of AC electrical power, until a software fix is available.

USA Freedom Act passes House Judiciary Committee

The House Judiciary Committee approved the "USA Freedom Act," effectively setting the bill up to be voted on in the U.S. House of Representatives.

Hackers steal nearly $5M from Ryanair's accounts

Hackers pilfered almost $5 million from the budget airline in an unauthorized electronic funds transfer through a bank in China.

FBI investigating Rutgers University in DDoS attack

Rutgers and the FBI are collaborating to investigate a series of DDoS attacks against the university.

Google launches Chrome extension to combat phishing

Google released a Chrome extension that warns users when they're typing their account information into a illegitimate page.

Bedep malware inflates views to push political agenda on Dailymotion

According to researchers at Trustwave, hackers leveraged Bedep to generate fake views for pro-Russian videos.

iPad app glitch delays 74 flights for American Airlines

A glitch in an iPad apps pilots use to communicate caused of 74 flight delays for American Airlines.

Tor Browser 4.5 released, comes with various enhancements

Released on Monday, Tor Browser 4.5 comes with improvements to security, privacy and usability.

Illinois data breach law expands definition of PII, passes state Senate

Illinois is looking to pass legislation to notify residents of "consumer market information" breaches.

U.S. and Japan bolster cooperation to thwart cyber attacks

The United States and Japan have agreed to bolster their threat-sharing efforts, to thwart cyber attacks from China and North Korea, like state-sponsored intellectual property theft.

K2 Intelligence snags FBI assistant SAIC of NY cyber branch

Austin P. Berglas, assistant SAIC of the FBI's New York cyber branch will become senior managing director and head of K2 Intelligence's U.S. Cyber Investigations and Incident response practice.

U.S. satellite networks constantly under attack, Air Force general says

During a talk with a Defense Writers Group, Gen. John Hyten of the Air Force discussed attempts made to access U.S. satellite networks.

In first, ransomware customizes language for Far East countries

Symantec wrote in a new blog post that the new ransomware Crypt0l0cker changes its default language depending on the victim's IP address.

SendGrid admits breach more extensive than originally believed

SendGrid said the breach occurred after an employee account was compromised.

Group arrested in Italy for fraud and money laundering in online scams

Italian Financial Police picked up more than 10 people who were purportedly part of an international criminal organization that laundered money from online scams.

Attacker, posing as Tesla employee, gained access to car co.'s Twitter

Attackers compromised the Twitter feeds of Tesla and company co-founder Elon Musk where they posted false claims.

Voter poll: 40 percent say attack prevention should be Congress' top tech priority

Also in the poll, 19 percent of voters said that lawmakers should focus on data security standards.

Coloring page website redirects users to malicious installs

A website offering coloring pages for kids could lead to malicious installs and easily prompt children into clicking content other than the desired coloring pages.

CSA, (ISC)² create new cloud certification

A new Certified Cloud Security Professional (CCSP) certification is aimed at certifying those with the advanced skills need to keep the cloud secure.

Potential breach brews at Costa Coffee Club

Costa Coffee has warned its loyalty club members of a potential breach and will reset all passwords as well as use a new format for passwords.

Former GCHQ director tapped for Standard Chartered's risk committee

Former GCHQ director Sir Iain Lobban will be joining London-based Standard Chartered bank to prevent cybercrime.

Stored XSS bug in WordPress, researchers advise to disable comments

A stored cross-site scripting (XSS) vulnerability impacting current WordPress versions has been identified by a researcher with Finnish IT company Klikki Oy.

Mobile apps riddled with security flaws

Andrew Hogg, CEO of Now Source, explains how some of the most popular applications can be riddled with security flaws.

Hospitals testing AC monitoring platform to spot malware in medical devices

Two unnamed hospitals have signed on to test the WhatsAppDoc platform developed to detect malware in outdated medical devices by monitoring AC consumption.

Microsoft expands bug bounty program to include Project Spartan

Microsoft announced plans on Wednesday to on expand its bug bounty program to include Project Spartan, the company's new browser, and Azure, the company's cloud platform.

Sign up to our newsletters