In the span of 24 hours, two security researchers separately acknowledged the discovery of serious security vulnerabilities in the password management service LastPass.
Trend Micro researchers spotted a new ransomware as a service (RaaS), dubbed Stampado, which may be indicative of ransomware market trends.
A seven-week investigation confirmed sexual misconduct by privacy advocate and former Tor developer Jacob Appelbaum, The Tor Project's executive director, Shari Steele, said Wednesday.
Russia, Iran, China and North Korea are home to more than their fair share of cybercriminals, but the nation most responsible for housing malicious actors is the United States.
Government service providers will be required to phase out the use of SMS-based two-factor authentication (2FA) as the result of new guidelines from the National Institute of Standards and Technology (NIST).
Customers of the popular mobile network O2 are having their details sold on a dark web marketplace
A new Facebook app from Hillary Clinton's presidential campaign which invites users to "Trump Yourself" could contain privacy implications.
Security company SentinelOne is now offering US$ 1000 (£762) per machine or up to US$ 1 million (£762,000) per company as compensation if a ransomware infection occurs while their product is installed.
Information and data experts at IHS Markit are reporting exponential growth of video doorbells which are outpacing conventional video door phones. But are they safe?
Counsel for Lauri Love and the US government rehearsed their final arguments as Tom Reeve reports from Westminster Magistrates' Court yesterday.
The first five months of 2016 were dominated by malicious email campaigns, the quick emergence of new ransomware variants, one of the largest botnets in the world went dark, and the Angler exploit kit (EK) went silent
An analysis of malicious threats tracked by managed security services provider Solutionary reported that ransomware attacks targeting healthcare companies comprised 88 percent of all ransomware attacks.
ThreatConnect: Guccifer 2.0 likely persona for Russian-linked propagandists, PR operatives leaking info to media
Despite the hacker's claims of independence, a digital trail traced by the ThreatConnect Research Team led to an Elite VPN service based in Russia being used to pass documents to the media.
The hotel chain said it had been made aware of unauthorized charges occurring on cards that were previously used legitimately at Kimpton properties.
Republican National Committee (RNC) Chairman Reince Priebus may have tossed down a gauntlet to hackers when he declared that his organization's data is safe and he does not expect to be hacked.
Bastille Researchers spotted a vulnerability affecting wireless keyboards that could allow an attacker to eavesdrop from hundreds of feet away.
Ransomware is now the most profitable form of malware primarily because the victims do a poor job of defending themselves, according to a new report by Cisco.
The federal government would greatly benefit from implementation of Internet of Things technology, but few agencies are taking advantage, says the Center for Data Innovation.
A flood of information has emerged that connects GOP presidential nominee Donald Trump to a questionable cast of characters who are linked to Soviet interests.
The email dump underscored the holes in security and privacy yawning at many organizations and the very real possibility that nation-states like Russia have upped their game to manipulate the democratic process.
The hackers responsible for reproducing seven master keys used by the TSA to open locks commonly placed on luggage have now duplicated an eighth key in an effort to demonstrate the dangers of digital key escrow policies.
The cybergang behind the Patchwork, aka Dropping Elephant, cyberespionage campaign has expanded its reach outside of government organizations and is now hitting the private sector.
How has Anonymous avoided being labeled as a terrorist group? That is a serious question that was proposed by an anthropologist during the HOPE Conference in New York City.
SC Magazine received three national awards from ASBPE, the highest honor in the annual awards contest open to B2B, trade, association and professional publications.
In the UK, 41 percent of online daters have been spammed or scammed when using online dating services.
McAfee labs researchers spotted a series of spear phishing attacks using a modified version of the Hackhound password stealer.
White hat hackers seeking a $20,000 bug bounty were able to gain remote code execution and tap into the inner workings of popular porn site Pornhub.
The Dutch National Police, Europol, Intel Security and Kaspersky Lab have joined forces to launch an initiative which will see the cooperation fight ransomware.
Researchers have found several security vulnerabilities in SAP HANA and SAP Trex, which left thousands open to remote code execution attacks
WhatsApp messages of military officers involved in Turkey's attempted coup were published by the country's state-run media outlets.
The FBI's process for prioritizing cyberthreats is too slow and subjective, hindering its ability to optimize allocation of resources to address these dangers, according to a new report from the DoJ's Office of the Inspector General.
More than 2.3 million users records were compromised as two separate gaming companies announced they suffered data breaches.
Ransomware threats targeting government IT systems nationwide at the state and local level are steadily increasing.
Vircom researchers believe that Microsoft Exchange Online Protection (EOP) may be exposing users and their networks to both data breach and data loss risks.
The Automotive Information Sharing and Analysis Center (Auto-ISAC) Thursday released a set of automotive cybersecurity "Best Practices."
CryptXXX ransomware has a doppelganger - it's called CrypMIC. And the resemblance doesn't appear to be a coincidence.
Cooperating with law enforcement is "our basic civic responsibility," BlackBerry CEO John Chen told reporters at a media Q&A at the BlackBerry Security Summit in New York.
Farsight Security Services has promoted Robert Batch, a 12-year veteran employee, to IT administrator.
A group claiming to be a far-right Ukrainian nationalist group has attempted to blackmail the Polish ministry of defence.
Cicis Pizza has officially acknowledged a payment card data breach in 138 of its restaurant locations, after reports of a point-of-sale malware attack first came to light last month.
Rapid7 has appointed Marc Brown and Tom Schodorf to its Board of Directors.
Two internet outages on consecutive days in separate internet exchanges in Docklands, London, calls into question the security of the country's critical communications infrastructure.
As the Pwnage summer heat rages on, hackers find 64 holes in popular publishing platform, WordPress
Despite a slow start at the beginning of 2016, the IT jobs market in London experienced an upturn in the number of jobs with June being the highest month so far for job volume in 2016.
Over the last six months, global demand for network engineers who have DDoS mitigation skills has continued to grow. China is seeing the most demand for these skills, with roughly 47 percent annual growth.
The Wassenaar Arrangement for regulating the international arms trade is threatening to choke the international cyber-security community and ultimately make us less secure, an audience at RSA Singapore heard.
Google's latest transparency report displays a continued increase in data requests the company received from government authorities.
Google has removed a group of malicious browser extensions from its Chrome Web Store, after an independent researcher discovered the programs were hijacking users' Facebook accounts for click-fraud purposes.
Oracle patched a whooping 276 security flaws in more than 80 products in its largest patch bundle to date.
The Guardian Project has integrated Tor security into the Internet of Things (IoT), creating a Tor Onion Service Configuration for the Home Assistant open source platform.
Organisations are increasingly being targeted by ransomware and more often than not pay the ransom to regain control of their data.
BT Broadband has suffered a major outage this morning and it's pointing the finger at a power-outage in one of its central London service providers.
Admins scramble to patch HTTP proxy header flaw, Httpoxy, that leaks data via PHP, Go and Python scripts running in a CGI environment.
Arbor Networks has released global DDoS attack data for the first six months of 2016, showing a continued growth in both size and frequency of attacks. A 73 percent increase in peak attack size over 2015 was observed, to 579Gbps.
A recent study found that 52 percent of companies are failing when it comes to the proper enforcement of privileged credential controls.
Apple patches critical vulnerabilities in iOS and OS X that could allow remote code execution.
Kaspersky Lab researchers spotted the Ammyy Admin being used as a dropper trajan to install the Lurk trojan and other malware.
In its new special report Ransomware and Businesses 2016, Symantec declares that within the last year, ransomware has rapidly advanced in maturity and severity, while also exploding in terms of overall numbers.
Brazilian Judge Daniel Barbosa's order threatened telecommunications companies Oi, Nextel, TIM and Vivo e Claro with fines of about $15,000 daily if they didn't block WhatsApp, which is used by 93 percent of Brazilians.
The White House is discussing proposals with U.S. allies that could allow foreign governments to serve search warrants requesting email and wiretap information to US companies.
Ironically, the cybercriminals holding your computer files for ransom may be offering you a better customer experience than your average cable provider or insurance company.
A malicious spam email campaign discovered by FireEye, used Microsoft Word attachments containing macros that launched a command and control Cerber installers.
The Realstatistics malware campaign discovered in June to be infecting thousands of Joomla! websites gained steam by shifting infection tactics after the introduction of ModSecurity rules closed off its original attack method.
Power stations in Germany, Italy and Israeli smart building could be accessed by criminal hackers
Most security pros (88 percent) say that they are happy with their organisation's security strategy, but 38 percent admit that their company doesn't have dedicated data loss prevention solutions in place.
NATO CCDCOE urged to promote cooperation in training of cyber-defence experts as the cyber realm declared a theatre of war.
The UK rail network has been hit by cyber-attacks at least four times in the past 12 months.
Researchers discover a new strain of the Cerber ransomware targeting Office 365 users. The variant is part of an emerging trend of ransomware that targets victims using cloud platforms.
DARPA are starting a competition to help automate defence and see how artificial intelligence can combat cyber-threats.
As the Turkish government allegedly blocked access to social media during what was reported as a military coup, The Tor Project said Friday that people can use the Tor browser to reach Facebook, Twitter and the free Internet.
BT Security has struck a deal with ISC(2) to offer those training through the BT Security Academy Certified Information Systems Security Professional (CISSP) and the Systems Security Certified Practitioner (SSCP) certifications.
Google has taken to its online security blog to announce it has started to experiment with cryptanalysis resistant public-key cryptography.
Over two thirds (68 percent) of consumers across Europe are interested in using biometrics when making a payment, especially when integrated with other security measures.
A debate in the House of Lords has unearthed some previously unnoticed powers included in the much maligned investigatory powers bill including the desire to break end-to-end encryption.
The Neutrino Exploit Kit has added another weapon to its arsenal, adopting a working exploit of Microsoft's Internet Explorer browser after an independent security researcher designed and published the source code of said exploit.
Researchers from F-Secure reported a massive spike in spam delivering the Locky cryptoransomware with 120,000 spam emails going out per hour on June 12.
A crypto flaw that allowed cyber attackers to eavesdrop on communications running through VPNs has been patched in Juniper Networks's Junos operating system.
Guccifer 2.0 leaked additional documents purportedly pilfered from the Democratic National Committee and which included donor information and a file on former Alaska Governor Sarah Palin, according to The Hill.
Privacy advocates hailed the Second Circuit's ruling as a victory for Microsoft and, if it holds, will likely inspire confidence among privacy advocates and European privacy regulators about the fortitude of the U.S.'s privacy posture.
Industry sources prepare for the security implications of a serious flaw affecting the Microsoft Web Point-and-Print Protocol, a software component used in the Windows Print Spooler by computers when connecting to a network printer.
An interim report filed yesterday by the U.S. House Committee on Science, Space and Technology revealed gaping holes in the FDIC's cybersecurity posture and accused the financial institution of withholding documents pertaining to data breaches.
Researchers have found that the Maxthon browser sends sensitive data to a browser in Beijing and is prone to man-in-the-middle attacks.
The Federal Health and Human Services Department (HHS) issued guidelines this week that could require hospitals and doctor offices to notify HHS if they are victimized by a ransomware attack.
Vulnerabilities in 3D printing that could open the door for sabotage were revealed by a team of NYU researchers.
Russia's defence sector is taking steps to reduce NetTraveler Trojan attacks and some defence manufacturers are postponing computerisation using western technology due to fears of cyber-espionage.
The U.S. subsidiary of Fiat Chrysler has launched its own bug bounty program, making it the first full-line vehicle manufacturer to offer financial rewards to security researchers for finding vulnerabilities in connected cars and related technologies.
SentinelOne researchers discovered spotted a sophisticated nation-state sponsored malware campaign with potential to knock out an electric grid.
The Commons Science and Technology Committee reports that by 2017, the UK will need 745,000 more workers with digital skills and warns that organisations lacking the necessary digital skills face increased security threats and failed cloud migrations if the problem is not addressed.
CuteRansomware is anything but soft and cuddly, according to a report by Netskope.
Rapid7 researchers said a flaw discovered financial news platform Seeking Alpha's mobile apps could leak users' PII and confidential information.
SC Magazine is the recipient of five awards in the 2016 Azbee Awards of Excellence, sponsored by the American Society of Business Publication Editors (ASBPE).
The United Nations has passed a resolution calling for human rights to be counted online as well as off, citing the internet as an important medium for free speech and free assembly. The resolution was not without its opponents, though.
Over half (53 percent) of companies have at least one instance of Windows Server 2003 still running even though its end of life (EOL) date passed on 14 July 2015.
By analysing changes in files, security researchers believe they have discovered a way to detect ransomware in the early stages of encrypting your data.
ATMs in Taiwan were spewing money over the weekend in what authorities believe were malware-aided thefts.
When compared to the financial damage a cyberattack can create, the cost of most crimeware-as-a-service (CaaS) offerings looks like a bargain, based on the prices listed in a "Hacking Menu" compiled by WatchGuard Technologies.
ESET researchers spotted and uptick in Nymaim malware detections during the first half of 2016 and noticed a series of targeted attacks in Brazil.
Omni Hotels & Resorts said guests had to physically present payment cards at one of its affected POS systems to be affected by malware stealing payment card information during a six-month period.
A vulnerability in the Windows kernel driver that operates Intel's HD Graphics integrated graphics processor could allow a bad actor to either perform an arbitrary code execution or crash the affected device.
Microsoft's July Patch Tuesday offering includes 11 security updates with six rated critical covering almost 50 individual bugs, including a rare Windows Print Spooler vulnerability.
SC Magazine Articles
- Microsoft Office 365 hit with massive Cerber ransomware attack, report
- Hard Rock Hotel & Casino Las Vegas hit with POS breach
- X-ray and MRI machines among devices used as springboards for data breach attacks
- Hacker purportedly selling over 650,000 stolen medical records on dark web marketplace
- Wi-Fi warning! Study finds U.S. unaware of public Wi-fi risks