Any users running Jetpack 3.7 or lower are at risk of having their WordPress website being completely taken over.
T-Mobile CEO John Legere pulled no punches expressing his disgust over a hack yesterday at its credit vendor Experian that compromised the personal information of about 15 million T-Mobile customers, and rightly so according to industry insiders who believe T-Mobile's image now may be badly tarnished through no fault of its own.
Ireland's Central Bank's deputy governor, Cyril Roux, has warned that it may only be a matter of time before a cyber-attack builds a problem that descends across the broader financial industry.
FireEye's EMEA president, Richard Turner discusses its new Advanced Threat Report
Pan-European operations can now be subject to the data protection laws of each country (not just the one they are established in) following a ECJ ruling yesterday.
Automotive industry running to catch up with cyber-security issues ahead of releasing first autonomous cars onto nation's highways.
The Internet of Things offers convenience, but getting the security right is key, says John Johnson, global security architect at John Deere.
Apple addressed numerous vulnerabilities with the release of OS X El Capitan v10.11, iOS 9.0.2, and Safari 9 this week.
FBI agents seized a child pornography website and then tracked users, one of whom they arrested on Staten Island earlier this month.
Director of National Intelligence James Clapper warned in testimony before the Senate Armed Services Committee that cyberattacks and threats from hackers are getting worse.
More than a billion Android mobiles are affected by a set of two critical Stagefright vulnerabilities that can be exploited to take complete control of a device.
Chip, or EMV, credit cards usage will become the retail standard as of today, but whether or not this high-tech payment method will improve security is still being debated between the retail and credit card industries.
Edward Snowden created a Twitter profile on Tuesday, which will likely allow him to further craft his public persona in advance of a possible U.S. trial.
Just unzipping files could infect systems because of a remote code vulnerability in WinRAR
The 22-year-old was sentenced to four years and six months in prison for widely distributing and installing a popular banking trojan known as Citadel.
Businesses must prioritize protecting their security keys and certificates or leave themselves open to losing customers, system outages, audit failures and possibly failing, according to a report from the Ponemon Institute.
The Foreign Intelligence Surveillance Court (FISC) appointed criminal defense attorney Preston Burton as the first of five outside advisers to the secret court, according to a Sept. 24 filing.
Nearly 18 million people - or seven percent of U.S. adults - were victims of ID theft last year, according to a report from the Department of Justice.
The London Stock Exchange has floated a cyber-security Exchange Traded Fund (ETF) this week, marking the first time a fund of this kind has found its way on to the LSE.
Analysis of big data in real time provides a granularity of insight into normal network behaviour, allowing earlier identification of abnormal behaviour.
A security researcher at Google has discovered more zero-day exploits in Kaspersky's anti-virus software.
The Dyreza Trojan has re-emerged and is now targeting the IT supply chain
An arbitrary file upload vulnerability has been discovered in an iOS app that allows an attacker to deliver a malicious package during a file transfer operation.
Most corporations have nobody to blame but themselves when it comes to making themselves open to non-targeted online attacks with the average company leaving known vulnerabilities open for months giving hackers more than enough time to take action, according to a study by Kenna Securities.
Threat actors are leveraging a botnet made up of infected Linux machines to launch powerful distributed denial-of-service attacks.
Women didn't increase their numbers in security over the past two years, according to a report released by (ISC)², which found that women in the security workforce held steady at 10 percent.
Researchers at CloudFlare spotted a distributed denial-of-service (DDoS) attack that used mobile browsers to flood a site with 4.5 billion requests.
US officials believe that Sally Ann Jones, former British punk rocker, is looking to run the Islamic State's hacker unit.
The Swiss security firm Silent Circle today released the new edition of its smartphone that aims to help people control what info they share about themselves online.
Two new pieces of point-of-sale malware are affecting small and medium-sized businesses predominately in the U.S.
Facebook is now end-to-end encrypting its Internet.org website and issuing dual certificates for its Free Basics mobile browser.
The cyber security announcement made by presidents Obama and Xi on Sept. 25 is being met with a healthy dose of skepticism with industry insiders indicating the agreement will lead to little, if any, material change regarding cyber issues going forward.
A Tripwire study says UK IT professionals have more confidence in the cyber security literacy of their corporate board than their US counterparts.
Cisco has released security updates that address vulnerabilities in products running Cisco IOS Software and Cisco IOS XE Software.
Yahoo created its transparency report for the first half of 2015, which indicated an increase in the number of requests made by the U.S. government for user data.
Google is teaming up with industry researchers to study attacking cybercrime by hitting the bad guys where it hurts most, in the wallet, instead of simply building taller internet security walls around sensitive data.
The United States and China announced Friday that the two nations have agreed to initial norms of cyber activities.
Millions of Americans signed on with the Affordable Care Act for health insurance had their personal data put at risk for several months last year due to poor security practices in place at Healthcare.gov a federal audit found.
President Obama and Chinese President Xi Jinping met for a private dinner at the White House on Thursday evening amidst ongoing tensions between the US and China centered around the two nations' competing cybersecurity agendas.
The New York Institute of Technology 6th Annual Cybersecurity Conference was held on Thursday in Manhattan.
The 2000 Safe Harbour agreement between the European Union and the United States looks likely to be tossed in the shredder by the European Court of Justice.
Following the "largest compromise of the App Store ever," Apple attempted to do damage control while researchers picked through the findings for independent research.
The New York Institute of Technology 6th Annual Cybersecurity Conference was held on Thursday in Manhattan.
On the heels of reports that the White House was swaying toward supporting encryption and strongly disavowing legislation that would force companies to unlock customer smartphones and apps when presented with a court order, a working group in the Obama administration had mulled ways that encrypted communications could be unlocked.
Uber is attempting to squash the use of hacked customer accounts that have most likely been sold on the dark web and are currently being used in China.
Symantec is reporting that a new variant of Kovter malware is incorporating some characteristics of the Poweliks malware that broke onto the scene back in 2015.
Imgur, the photo-sharing website, has been exploited in a distributed denial-of-service (DDoS) attack.
Facebook announced that it will now support OpenPGP's standard elliptic curve cryptography (ECC) public keys
Internet infrastructure provider Internap is denying it is directly connected in any way regarding former Secretary of State Hillary Clinton's private email server, contradicting a story posted today by Breitbart.com.
The Securities and Exchange Commission (SEC) slapped St. Louis-based investment adviser R.T. Jones Capital Equities Management with a $75,000 penalty in a settlement over the firm's failure to establish cybersecurity policies and procedures before a breach compromised personal information of 100,000 people.
Mozilla released Firefox 41 on Tuesday, and with it comes patches for 19 security advisories, four of which were deemed "critical."
A proposed Indian encryption policy has been called harmful to security and privacy itself.
Security researchers have discovered adware which affects OS X and could be used as a doorway for Trojans.
Former AT&T Mobility LLC employees who schemed to illegally unlock wireless phones on the AT&T network have landed squarely in the crosshairs of a lawsuit filed in federal court by the mobile communications company.
Security ratings company BitSight Technologies published a rating of the security preparedness of organizations across six industries.
The dark web is beginning to emulate the traditional web in new and frightening ways, according to a Damballa blog post.
The trojan was detected by ESET as Android/Mapin and on Google Play it was observed packaged in a variety of applications since as far back as 2013.
Proofpoint detailed Arid Viper's repurposed attacks and malware and pointed to it as evidence that reusing malware is trending.
The American Civil Liberties Union (ACLU) in a Tuesday letter called for widespread encryption to secure Congressional and staff communications against foreign eavesdroppers.
The vast majority U.S. organizations are not prepared to properly respond to a cyber attack, according to a new study by the Ponemon Institute.
Symantec has discovered that unauthorized HTTP certificates were issued for Google webpages and terminated the employees who were involved in issuing the certificates.
A processor of crypto-currency has been the most recent victim in a massive hacking campaign which has seen the company lose 5000 bitcoins, currently valued at over a million pounds.
If you see this code and you are using Google Chrome, don't click it, type it in, copy it or even hover your mouse over it http:// a /%%30%30
Google's appeal on the 'right to be forgotten' for all of their websites has been rejected by France.
As the cause behind the largest compromising of Apple apps ever, XcodeGhost malware is worth discussing, but really, it's the tactics behind the malware infections that are cause for concern, experts say.
In the days leading up to Chinese President Xi Jinping's trip to the U.S., the two countries are negotiating a cyberspace arms deal that could limit the use of cyberweapons against each other during peacetime.
Hot off Mark Zuckerberg's recent announcement, the much-desired 'dislike button' has finally emerged on Facebook, but only as a phishing scam.
A leak of a major technology company's security key has been discovered, allowing hackers to convince Windows that their malware is legit.
The threat is a working game called Brain Test that twice made its way into the Google Play store and each time had between 100,000 and 500,000 downloads.
The SC Magazine UK roundtable convened with several industry experts to talk about the issues surround identity and access management
In the first-ever live interview by an MI5 director general, Andrew Parker argues the case for police and intelligence services to have powers to decrypt private internet communications.
Thousands of websites have been compromised with malware code that ultimately redirects visitors to a landing page hosting the Nuclear Exploit Kit.
Intel Security studied internal and external data breaches and what data is compromised in each set of incidents.
Tech companies and a group of Dallas hackers, offering internships, tools and encouragement, are rallying around a teenager arrested earlier in the week in Texas for bringing a homemade clock to school.
The global cyber-insurance market could expand to US $7.5bn (£4.8bn) in annual premiums by 2020 according to PwC.
The US Department of Justice plans to second a prosecutor within the European Cyber-Crime Centre (EC3) in order to better combat hackers that frequently strike the US from the across the Atlantic.
Cisco released software updates on Wednesday that address a variety of vulnerabilities in several products.
When it comes to security many corporate employees are willing to take the risk of using unsecured, third-party apps if it means making their job easier, a new IBM Security study found.
A judge ruled that banks could band together in a class-action lawsuit as Target was negligent in protecting its customers' credit card data.
The Office of Inspect General issued a report on the Department of Homeland Security's cybersecurity practices earlier this week.
FireEye is reporting that at least three Cisco enterprise-level routers may have been implanted with SYNful Knock malware.
Despite the concerns expressed by the intelligence community and law enforcement agencies, President Obama is being urged by several agencies to support encryption.
A weakness in the Android 5 lock screen has been discovered by researchers at the University of Texas at Austin.
The group has targeted U.S. organizations in a variety of industries, including electric, aerospace, intelligence, telecommunications, energy and nuclear engineering.
New York's "Computer Science for All" program aims to make sure that public school children in the city will be well-prepared for computer science jobs.
As the patching cycle becomes ever longer, some experts are pushing for mandatory security updating of critical IoT devices.
The preponderance of security threats over mobile networks increasingly came from personal computers and laptops in the first half of 2015.
The presidential election is still more than a year away, but with cyber breaches recently striking several federal agencies the cybersecurity is at the forefront of voters and candidates.
Speaking at the Council on Foreign Relations and promoting his new memoir former New York City Police Commissioner Ray Kelly said the U.S. doesn't have a "meaningful deterrent" to cyber intrusions.
Talk at Gartner summit dealt with growing tension between the expanding capacity for data collection via the internet of things and the need to respect consumer privacy.
For about three weeks, a large number of high-traffic websites were observed distributing malware as part of a stealthy malvertising campaign.
Researchers from ECE Illinois have created a 'surveillance' app that they've installed on a Samsung Gear Live smartwatch.
A New Baltimore, Mich., man was sentenced to 262 months in prison for cyberstalking and producing child pornography.
Designing user authentication systems for applications is often seen as a trade-off between security and the user experience, but Ant Allan at Gartner says it needn't always be thus.
GCHQ has reportedly helped warn a large number of intended victims in UK-based banks, government agencies and other corporates being targeted with the Dridex Trojan.
Intel announced the establishment of the Automotive Security Review Board and the release of a new automotive cybersecurity based white paper.
When nabbed by authorities, self-described private investigator Timothy Sedlak said he was researching Muslim charities to see if they were inadvertently funding extremists.
The news that top government ministers may have been hacked by the Cyber-Caliphate has set alarm bells ringing among security experts.
Sign up to our newsletters
SC Magazine Articles
- FireEye: First multi-vendor ATM malware targeting cardholders
- Customer data possibly compromised in online photo store malware attack
- Excellus BlueCross BlueShield announces breach, 10.5M records at risk
- CVS employee steals data on 55K Molina Healthcare members
- False Facebook 'dislike button' ensnares users
- Stored XSS vulnerability identified in Jetpack plugin for WordPress
- Experian, T-Mobile breach exposes 15 million customers, but what will happen to the data?
- Only a matter of time before cyber-attack hits broader finance
- Don't spend more, spend better: Interview with FireEye's Richard Turner
- Landmark European data protection judgement