Both Amazon and Google took steps to downplay or completely rid its company's entities of Flash ads.
A team of researchers created an app vetting scanner referred to as "MassVet," and used it to identify 127,429 malicious apps on 33 Android markets.
The alleged leader of ISIS' CyberCaliphate hacking group, Junaid Hussain, is believed to have been killed in a recent drone air strike.
ALM CEO Noel Biderman may be the latest victim of the massive AshleyMadison.com hack with the company announcing his immediate resignation today.
Agora, one of the largest online black market sites, halted operations after concerns arose of vulnerabilities in Tor's hidden service.
Sensitive data of California residents including, social security numbers, health records, and income tax information vulnerable
Virginia killer Vester Lee Flanagan II, a.k.a., Bryce Williams was tracked down Wednesday with the help of a license plate reader Wednesday, but larger issues surrounding security and individual freedom still worry privacy advocates.
Canadian researchers at Citizen Lab released a report today describing a phishing campaign being conducted against Iranian dissidents and how utilizing a two-factor authentication (2FA) tool helped foil most of the attacks.
After independent journalist Brian Krebs reported that a Twitter user may be connected to the Ashley Madison hack, the user has denied involvement.
iOS 8.4 could have a hard time making apps go to sleep, according to security researchers at FireEye.
A pastor and former Morgan Stanley VP charged by federal prosecutors as "the linchpin of a sprawling financial and hacking conspiracy" is free on $2 million bail.
The extrapolated total annual cost of phishing for the average organization is more than $3.7 million, but $1.8 million could be saved with the right training.
Five police officers accused of shooting unarmed civilians post-Katrina say they did not get a fair trial in part because "adverse online comments" by prosecutors created an "air of bullying," an appeals court ruled.
The Office of the Inspector General investigated and found that staffers at the U.S. embassy in Tokyo used their personal emails for professional matters.
The Oakland Police Department said it will now only hold data gathered with its automatic license plate reader (ALPR) devices for six months, which could prove beneficial to the privacy of the vehicle owners who came across the device's path.
Symantec has found that the Sundown exploit kit (EK) has begun to take advantage of a recent IE vulnerability, CVE-2015-2444
The Securities and Exchange Commission will not penalize Target Corp. for a cyberattack two years ago in which credit card and other personal information of millions of customers was exposed.
The Diplomatic Council is calling for more transparency regarding government surveillance across the world.
Cyphort Labs's latest study on malvertising indicates a massive uptick with this form of attack has taken place over the last few years driven, in part, by the proliferation of zero-day and Angler kit exploits.
Data breach by holiday company, Thomson, reveals the personal details of nearly 500 customers.
The Office of Inspector General investigated the Department of Veteran Affairs' use of Yammer, a supposedly private and closed social network. Their findings indicate serious security lapses and lack of judgment on users' parts.
In a first of its kind ruling in New York state, a Westchester Supreme Court justice said a man can use information from his ex-wife's Facebook page as evidence in a child custody battle.
The Recordable Activator app was available in the Google Play store and was observed exploiting the Certifi-gate vulnerability.
Symantec reported today that its security software is now protecting more than 1 billion Internet of Things (IoT) devices and as this number expands so will security risks associated with these products.
Online rumblings began pointing to a lone female as the perpetrator of the Ashley Madison data breach while class-action lawsuits were filed and reward offered.
The growing threat posed by ransomware and the possibility that cybercriminals will graduate from extorting end users to large corporations topped the worry list of IBM's X-Force threat team in its Q3 threat intelligence report.
McCuneWright, LLP, along with other firms, filed a class action complaint against the IRS on Thursday in the U.S. District Court for the District of Columbia.
Following a number of recent headline-grabbing breaches, a panel of foreign relations experts convened at the Atlantic Council to discuss retaliation against hackers.
The 'media content' home page of Australia's largest telecommunications company Telstra has been infected with 'malvertising' which links a malicious exploit kit.
Dolphin and Mercury Android browsers can be hacked to execute code remotely.
The Royal Saudi Airforce is the latest victim of hacktivists after military intervention in Yemen.
Zscaler has been seeing attackers targeting WordPress sites running version 4.2 and lower.
Facebook is looking to expand its ThreatExchange while also keeping government participation at a non-existent level.
Sensitive government data may be at risk due to agencies failing to implement bring your own device policies.
Level 3 has pegged the Portmapper attack vector as the future of amplification DDoS attacks and is warning IT security professionals to start preparing now.
A former London-based State Department worker has been indicted by a federal grand jury in connection with an online hacking and sextortion scheme.
The vulnerability, which is being referred to by Appthority as Quicksand, was patched by Apple in iOS 8.4.1.
OS X flaw is exposed by teenage Italian security researcher without warning Apple - reigniting the debate about 'irresponsible' bug disclosure.
Spending on the outsourcing of IT functions is rising, according to a new report from Computer Economics.
Michael Martinez, 26, allegedly solicited three females, including a minor, for sexually explicit photos and then extorted them.
A patch released Tuesday addresses a critical memory corruption vulnerability that can be exploited by an attacker to enable remote code execution.
DARPA has started accepting applications to develop a stronger defense against DDoS attacks.
A hacker group posted 9.7 gigabytes of data in apparent retaliation for the site allegedly claiming to delete customer details for a fee, but then not doing so.
Researchers at Akamai reported an increase in the quantity and strengths of DDoS style attacks in Q2 of 2015 compared to last year.
Trend Micro's second quarter threat report hit on several security issues, including threats that pose an actual physical threat to the public.
While the IRS continues investigating its May data breach, the accessing of sensitive information brings up the idea of two-factor authentication and passwords.
Google has addressed the bug, CVE-2015-3842, which can be exploited via a malicious app that does not require any permissions.
Leaked Edward Snowden documents reveal that up until at least 2013, the U.S. government held intimate ties with AT&T and to a lesser extent Verizon.
GM's OnStar RemoteLink mobile application contains a vulnerability that can enable an attacker to identify, start a vehicle and more.
Portions of University of Virginia's information technology systems have been accessed, but no personal information appears to have been affected.
Hackers went old school during the first half of 2015, resurrecting the use of malicious email attachments and also began targeting businesses with a new stream of phishing attacks, according to Proofpoint's first half threat report.
A Reuters article claimed the Russian cybersecurity firm intentionally poisoned good files to throw off competitors' antivirus detection.
As six major retailers spanning the U.S., Canada and the U.K. enter the second month of having their online photo print operations shuttered by hackers, industry analysts say the damage to consumers and the retailers could be significant in both data and dollars.
The vulnerability was identified by security researchers with MWR Labs, and it impacts Google Admin version 2014101605 and lower.
Security professionals are most concerned about the endpoint, citing it as the greatest source of risk in a Bromium survey of more than 100 pros who attended Black Hat USA 2015 in Las Vegas last week.
Former Secretary of State Hillary Clinton's private email server was handed to the FBI after investigators found it contained messages that were later classified top secret.
Apple's update to iOS and iTunes included dozens of security patches along with fixes for the iCloud Music Library and Apple Music.
SC Magazine picked up five Azbee Awards for editorial excellence, design and online presence at a gala event on Aug. 12 in New York.
Microsoft's Windows 10 allows for certain data-sharing settings to be disabled, but in some cases, turning them off does nothing to stop the sharing.
The cross-site scripting vulnerability has been addressed, but it could have been exploited by an attacker to distribute malware and carry out phishing attacks.
Researchers say that campaigns leveraging the Asprox botnet have disappeared after reaching a peak last year.
Attackers have been observed substituting Cisco's IOS bootstrap with a malicious ROMMON image after first accessing the company's IOS devices.
The Pentagon said the names,emails and passwords uploaded to Twitter by a group calling itself the Islamic State Hacking Division appear to be not only out of date and incorrectly formatted.
The Online Trust Alliance (OTA) has suggested that the Internet of Things (IoT) security is flawed.
The Office of Management and Budget (OMB) proposed new cybersecurity guidelines earlier this week to help government agencies draft contracts with third-party groups.
Firefox 40 comes with a safer add-on experience, expanded protection against unwanted software downloads, and several security fixes
The social media company integrated two new verticals into its biannual transparency report.
Morgan Stanley dodged a bullet this week when the Federal Trade Commission (FTC) ruled the firm did not violate security protocols concerning a breach earlier this year.
A hacking and trading group stole wireservice information to buy stock and reap an illegal profit.
Microsoft issued its monthly Patch Tuesday update today with nearly half of its 14 security bulletins addressing vulnerabilities in its newest operating system, Windows 10.
Oracle CSO Mary Ann Davidson penned a blog post on Monday and warned researchers they would receive a legal letter if they continued to reverse engineer the company's code.
An IBM security research team has uncovered an additional flaw in Android that can give a malicious app the ability to fully control a device.
The Darkhotel APT group swapped out its previous Flash zero-days this past month for an exposed Hacking Team zero-day.
A researcher has developed an algorithm that exploits a flaw in a Facebook privacy setting to link cell phone numbers to Facebook accounts.
A new cyber-security law may hold companies like Google and Amazon to stricter security requirements.
Personal details of up to 2.4 million customers of Carphone Warehouse - including encrypted credit card details - have been reported stolen, with the ICO now investigating.
Mozilla updated its Firefox browser to version 39.0.3 earlier this week and patched seven bugs in the process.
To improve security, the DHS deputy secretary offered suggestions for building trust between the hacker community and the government.
The USA Freedom Act inspired a spirited debate on government surveillance at Black Hat USA 2015.
American Airlines denied involvement in an apparent security incident at its one-time subsidiary Sabre, but is redoubling its own security measures as a precaution.
DHS intends to create an automated information sharing platform where "cyber threat indicators" would be collected and disseminated in near real-time.
Russian hackers allegedly accessed the Pentagon's Joint Staff unclassified email system.
Law enforcement must now obtain a search warrant before seeking people's historical cell phone location information from their provider.
Imperva believes cloud storage sites like Google Drive, Dropbox, OneDrive will be the next area corporations will have to defend in their on-going battle to keep their data under wraps.
The Justice Department's Leonard Bailey discussed prosecution under the Computer Fraud and Abuse Act, assuring and cautioning researchers at Black Hat USA 2015 in Las Vegas.
Kaspersky Lab's new DDoS report indicates that the threat persists and will continue to affect business and people around the world.
Two senior researchers with Trend Micro set up several honeypots to collect data on attacks against gas pump monitoring systems.
At Black Hat USA 2015 in Las Vegas, Synack's Patrick Wardle discussed the current state of Mac OS X malware, how to make it better, and some tools to defend against it.
Square countered the claim of three Boston University graduates that its reader can be quickly and easily converted into a credit card skimmer.
A new version of the widely-distributed RIG exploit kit has emerged and is infecting around 27,000 PCs each day, according to researchers at Trustwave Spiderlabs.
The vulnerability can be exploited by either by a malicious app installed on the affected device, or by luring a user to a specially crafted website.
APT actors are using a China-based VPN provider to hide their digital tracks and mask their identities.
OS X 10.10 has a vulnerability that allows hackers to install malware without system passwords
Harman Kardon said it has told the National Highway Traffic Safety Administration and other car makers that it believes only Chrysler vehicles have potentially vulnerable infotainment systems.
Following its "Cybersecurity Sprint" launch, the government has increased authentication measures and reviewed its systems for vulnerabilities.
The same hackers that have exploited vulnerabilities of Adobe Flash have used advertising on Yahoo's largest websites to distribute malware to billions.
Bromium researchers observed that malicious advertisements impacted news and entertainment websites more than 50 percent of the time in the first half of 2015.
UConn has repaired a vulnerability exploited by hackers to gain access to servers in its School of Engineering and, while the university found no evidence of data theft, it has notified users whose information may have been compromised.
Remote Access Trojans (RATs) proliferate through YouTube tutorials and hacker forums, a new report from Digital Citizens Alliance suggested.
Sign up to our newsletters
SC Magazine Articles
- John McAfee points to lone woman as Ashley Madison attacker while company offers reward
- Zero-Day, Angler kit exploits help drive up malvertising by 325%
- Judge grants father in custody case access to ex-wife's Facebook profile
- IBM: Corporations could be the next target for ransomware attacks
- Class action complaint filed against IRS over data breach