Emails from the office of longtime Putin aide Vladislav Surkov, some of which were published by the DFRL, show a clear and active relationship between Russia and separatists in the Ukraine.
Companies should spend less time worrying about meeting minimal requirements for cybersecurity compliance, and concentrate more on how to protect their most sensitive operations, according to experts speaking today at SC Congress Chicago.
The commission called the privacy rules a "framework" that give customers more control over their information.
The latest data from BullGuard suggests the recent Mirai-based DDoS attack could be just the tip of the iceberg.
Today Thales announced the results of its survey into attitudes towards organisations that have experienced data breaches.
Kaspersky Lab says young cyber-security talent should be used to the industry's advantage, but education and businesses must first provide more programmes and roles to pave the way for new generations.
It's official — there are now more millennials than baby boomers and their influence on information security is starting to have its impact, according to a recent report from LaunchTech that was commissioned by Forcepoint.
Sean Sullivan, security advisor at F-Secure Labs, has warned that hackers could severely disrupt the reporting of the US general election on 8 November by hacking AP servers.
Researchers spotted a variant of malware campaign dubbed "CloudFanta" which may have been used to steal 26,000 email credentials
Workers at industrial complexes, some operating critical infrastructure, are endangering confidential data, and perhaps the public's physical safety, by using unencrypted pager messaging on the job.
A fundamental fault in the SSL handshake could allow hackers to use subvert MacOS and iOS devices and recruit them into a DDoS attack.
After lying dormant for a few weeks Locky bounced back with a vengeance on October 24 with 14 million Locky-laden emails being pumped out in about half a day.
A large scale DDoS attack, carried out by a botnet of hacked Internet of Things devices, many of which were made by Chinese firm Xiongmai has now prompted a product recall.
Security fears and complicated sign-up forms are hindering internet users in the UK from using public Wi-Fi.
DDoS-sourced malware is on the rise, according to AppRiver's Q3 Global Security Report, which analysed malware and spam trends in Q3 2016 (between July and September 2016).
Robert M. Lee, CEO of Dragos Security, says that not enough information sharing happens in ICS industry, because of this the threats to ICSs are largely unknown.
Corero Network Security today disclosed a zero-day distributed denial of service attack (DDoS) technique, observed in the wild, that is capable of amplifying malicious traffic by a factor of as much as 55x.
The Mirai DDoS attack that took down a slew of prominent websites last Friday was most likely initiated by users from hackforums[.]net and not a nation-state or cybercriminal organization, according to FlashPoint.
After a two week break that saw few Locky ransomware attacks, the Cisco Talos research team discovered a new variety that sports not only a scatologically named extension for the encrypted files and another reference that insults Linux.
A recent study found closer integration between organizations' security and DevOps is needed in order to better bake security into their products.
The security industry is watching the growth of smart cities with increasing suspicion. Their gripe? How to defend them.
Persistence pays off as security researcher nets bug bounty for unearthing an access control bypass allowing attackers to reset passwords if they know the usernames.
Friday's DDoS attacks that created major website outages across the Internet may prove to be a watershed moment for the Internet of Things industry, after years of warnings - mostly ignored - about the glaring vulnerabilities in IoT devices.
An international team of researchers have developed an exploit to "root" access Android phones made by LG, Samsung and Motorola using Rowhammer hardware attacks.
The GM Bot mobile banking malware has been revamped to deploy on Android 6 devices effectively bypassing the security put in place on the operating system.
Most people have not realised the importance of protecting their mobile devices from malware attacks by cyber-criminals according to Europol's European Cybercrime Centre.
Cybercrime is a fast-growing area of crime. Europol's 2016 Internet Organised Crime Threat Assessment identifies an expanding cyber-criminal economy exploiting our increasingly Internet-enabled lives.
More and more workers today are bringing their personal devices such as laptops, mobile phones and tablets to the office to use for work. While this practice leads to greater productivity, it can pose a security risk.
Flashpoint confirmed some of the devices used in the Dyn DNS attacks which took down more than a dozen websites, including Twitter and Spotify, were DVRs.
Website hosting service Weebly has confirmed a major data breach, following a report on LeakedSource.com that 43.4 million accounts were stolen from the company's main database in February 2016.
Russian hackers are employing zero-day exploits to infect target networks, according to security researchers at ESET.
Threat actors are upping the ante with "doxware" by implementing features to ransomware that could leak a victim's data if ransoms aren't paid.
A Chinese cyber attack targeting a U.S. Defense Department contractor was linked to the OPM hack.
The East Coast was under siege on Friday morning from a large-scale distributed denial of service attack (DDoS) that brought down a number of prominent websites, including Twitter, Spotify, Netflix, GitHub, Amazon and Reddit.
A research team offered evidence that the account of John Podesta, the chairman of Hillary Clinton's presidential campaign, was hacked by the top military foreign-intelligence service of the Russian Federation.
Three U.S. financial regulatory agencies on Wednesday submitted the first draft of a joint proposal to impose newly enhanced cybersecurity risk management standards on major banking institutions and their suppliers.
A research report examining the Sednit group found that the APT group surveilled more than 1,800 email addresses between March and September 2015.
The healthcare industry saw 37 data breaches take place in September with about 250,000 patient records being compromised, but this was a major decrease from the 8.8 million records breached in August.
One of the biggest breaches in India has compromised as many as 3.2 million payment cards..
The sheer scale of companies' lack of comprehension of the European General Data Protection Regulation (GDPR) is revealed in a new survey from Symantec
Slovakia is in the process of drafting its first cyber-security law which will address not only the security of finance and health but also critical utilities infrastructure.
Security researchers published details of the exploit in a research report entitled "Jump Over ASLR: Attacking the Branch Predictor to Bypass ASLR."
Local authorities hold sensitive and private information about all of us that we wouldn't want getting into the hands of the wrong people.
A privacy-focused search engine, Startpage.com, will no longer be including Yahoo search results in its work.
An APT group has distinguished itself employing PowerShell in its coding platform used to distribute malware.
As Election Day approaches, researchers have detected a marked uptick in malicious cyber campaigns that seek to capitalize on the highly contentious 2016 race for president.
Oracle released its latest batch of patches on Tuesday to address 253 security vulnerabilities for 76 products.
Get Safe Online is urging businesses to better train staff to spot the signs of fraud, as Action Fraud reports a 22 percent increase in crimes reported in the last year.
Russian advanced persistent threat group Sofacy has another ace up its sleeve: a Flash Player exploit tool, dubbed DealersChoice, that in some ways resembles a Russian nesting doll.
Unlike populating a fingerprint database, which is done with the full knowledge of an individual, capturing faces can be done without a subject's knowledge.
The threat actors behind the notorious Dyre banking trojan may be back in action, this time supporting the new TrickBot trojan.
A recent study found that security teams should stay vigilant to ensure open-source software is secure.
Keith Lowry took time on a trip to Australia to warn that background checks do not make the cut when trying to stop insider threats.
IDC analysts are forecasting that by the year 2020, spending on security products will hit US$100 billion.
Reuters has reported that UK banks, some of the largest in the world, are not sharing information under reporting attacks by a long way
Internet of Things (IoT) devices running on the open-source Linux OS are under attack from NyaDrop.
Building a culture of cybersecurity within enterprises is essential in today's fast-paced world of online transactions.
Sierra Wireless issued a warning to users urging them to change their default factory credentials.
"I ain't afraid of no Ghost Push?" Better think again if you're an Android user with a device operating on anything lower than version 6.
Three tweets, which included a 64-character code without any other context, drew a wave of conspiracy speculators who responded with conjecture the cryptic messages were the result of a "dead man's switch."
The increasing security provided by EMV payment cards, or chip cards, may be compelling European criminals to eschew the use of malware in favor of explosives to steal money from ATMs.
"Covert" action against Russia planned by Obama administration says NBC report
In a recent poll of 200 IT decision makers, 69 percent of respondents said they expected their organizations to altogether dispense with traditional passwords within the next five years.
A new ransomware variant written in Python and named CryPy has been uncovered by an Avast security researcher that while dangerous is also littered with flaws that make it less effective.
A recent study has found millennials and younger people are taking more of an interest in cybersecurity as a career.
The bad actors behind a new malware contagion are exploiting the desperation of American college graduates looking for relief from their student debt.
CE2016, the fourth in a semi-annual series of pan-European cyber-security exercises organised by ENISA, has concluded today, bringing to a close six months of activity.
SC Magazine UK went down to a Cyber-Rescue Alliance designed to teach CEOs how to respond to a breach when eventually, and inevitably happens.
International Data Corp. (IDC) is forecasting a major uptick in worldwide revenues for companies that produce cybersecurity-related hardware, software and services by 2020.
Thousands of retailers have been hit by credit card detail stealing malware. They way the hackers got in? unpatched software flaws.
FBI officials believe Russian intelligence agencies likely orchestrated the hacks of emails belonging to a contractor for Florida's election system and Hillary Clinton's campaign chairman John Podesta.
Brazil has emerged as a primary center of financially motivated e-crime threat activity.
A hacker scanning for unsecured databases has compromised at least 58 million records - and possibly as many as 258 million - from Modern Business Solutions, a data management and monetization firm.
Symantec researchers noted an uptick in phishing email attacks using malicious WSF attachments to infect users with ransomware.
Since the source code to the Mirai IoT botnet was publicly leaked, researchers at Imperva have uncovered evidence of several low-level DDoS attacks that were likely perpetrated by new users testing out this suddenly accessible tool.
Sixty-two percent of organisations leave data protection and availability of in-cloud data to third-party cloud providers.
Yahoo users attempting to switch email accounts to rival providers are having a hard time of it as its automatic email forwarding function was disabled following the announcement of a massive breach.
High-end fashion retailer Vera Bradley reported the point of sale system in its stores suffered a security breach possibly compromising payment cards used to make purchases.
As new laws limiting Russian officials from using non-approved software come into force next month, those contravening the regulations are warned they face being fired.
A report by the Australian Cyber-Security Centre says that the misuse and over-hyping of cyber-security terms has hampered the public's ability to understand cyber-security issues.
The Obama administration will deliver what is being described as a "proportional" response against Russia in retaliation for that country launching a series of cyberattacks against U.S. political targets.
Patent reveals firm wants to use billboards to collect people's information
A series of related malware campaigns whose m.o. resembles that of the notorious Carbanak gang has been quietly infecting financial targets since January, including users of the SWIFT bank messaging system, according to Symantec.
Linux users should beware of a recently discovered systemd vulnerability that could shut down a system using a command short enough to send in a tweet.
During Sunday's presidential debate, Donald Trump said Hillary Clinton doesn't know if Russia is behind hacks of the DNC and others.
Connected car threats endanger corporate and municipal vehicle fleets; experts make policy recommendations
The National Association of Fleet Administrators (NAFA) on Monday published a new white paper containing a series of recommended policies that organizations can implement to reduce risks associated with automotive cyberthreats.
Microsoft today issued 10 bulletins covering 45 vulnerabilities, including 5 zero days for this month's Patch Tuesday update, the first using the company's new update methodology.
An FOI disclosure from the NHS has shown nearly 30 NHS trusts to be the victims of ransomware attacks in the past 12 months.
Phishing remains one of the top threats seen by organisations today. Threat actors use various social engineering tricks to convince users that their requests for information or money transfers are legitimate.
The CEO of Verizon said on Monday that the telecommunications giant is still on track to acquire Yahoo, despite a massive breach of Yahoo.
Adobe's October Patch Tuesday roll out featured three bulletins covering 84 vulnerabilities for Flash Player, Reader, Acrobat and Creative Cloud Desktop Application with all but one being rated as critical.
HTML/FakeAlert, bogus web pages named by ESET, are showing made-up, fake alert messages usually about dummy virus infections, which if true, would harm the computer or affect users' data.
Turkish anti-censorship group Turkey Blocks is reporting that various cloud services are blocked throughout Turkey as the Turkish government attempts to contain an email leak from its energy minister.
Ministers have been banned from wearing Apple watches - and presumably any other sort of 'smart' watch or device - during Cabinet meetings in an overabundance of caution over hacking attacks.
As the number of data breaches increases a recent study found that execs and board members should be more involved in data breach planning.
Verizon is attempting to negotiate down its bid to buy Yahoo, shaving off $1 billion from its $4.8 billion agreement to purchase Yahoo's internet business.
More than half of global consumers believe mobile wallets are less secure than cash, but nearly 60 percent of executives say mobile money will build their business because it's safe.
The Android SLocker ransomware family accounts for 16 percent of mobile malware in the UK.
Researchers generated 'on-body' wireless data transmissions using commodity devices sensors such as fingerprint sensors or touchpads on mobile phones and laptops.
As the holiday shopping season approaches, the newest iteration of point-of-sale malware FastPOS appears to have improved its evasion efforts by using modular architecture.