Tens of thousands of security cameras are the newest recruits to an DDoS botnet, noted for its powerful and unrelenting attacks
A hacker with the ominous nickname "thedarkoverlord" appears to have stolen more than 650,000 medical records from three separate healthcare institution databases, and has made them available for sale on the darknet online marketplace TheRealDeal.
Millions of Microsoft Office 365 users were potentially exposed to a massive zero-day Cerber ransomware attack last week.
A recent survey found the majority of U.S. consumers regularly engage in risky public Wi-Fi behavior and are unaware of the risks they are running.
A Google encryption vulnerability could allow bad actors to hijack video content from protected videos.
The Internal Revenue Service (IRS) has beefed up the authentication requirements on its website to better protect taxpayers and loan applicants.
Darktrace's CTO, Dave Palmer, says that while ransomware is on the rise and law enforcement can do very little to help, we are living in a "golden age of criminality".
A suspicious domain, misdepatrment[.]com, resembles a legitimate domain for technology services provider MIS Department Inc.,he which counts among its clients the DNC.
A brief privacy representation in the acquisition agreement between Microsoft and LinkedIn basically says the two companies will follow their own privacy policies and the law.
A U.S. District Court judge in Eastern Virginia presiding over a child pornography criminal trial has sided definitively with U.S. law enforcement in ruling that investigators do not need a warrant to remotely hack into suspects' computers.
The EU and U.S. agreed to changes to the Privacy Shield pact that officials hope will appease privacy concerns raised by privacy regulators.
London is the center of tech startups in Europe. So, how will the U.K.'s separation from the EU impact the tech sector?
The MIRCOP ransomware campaign is taking several highly unusual steps with the criminals asking for an exorbitantly high ransom and refusing to tell the victim how to make the payment.
The US Cyber Command is hesitant to shut down the Islamic State's online capability, and with apparently good reason
In the ongoing saga of Chinese-American economic espionage, a Chinese ex-IBM employee has been arrested for trying to sell source code and trade secrets to the Chinese government.
An unencrypted database was discovered containing 154 million records of U.S. voters, including addresses, phone numbers, political party, income range, ethnicity, age, and voting history.
Lizard Squad is best known for launching DDoS attacks against Microsoft Xbox Live and Sony PlayStation Network, and doing so 'for the lulz!' SC Magazine UK has been pondering whether the motivation actually matters?
Many IT professionals are still unaware of what the EU GDPR means to their organisation with 20 percent being oblivious to the possibility that a data breach could lead to fines of up to €30m (£23m) or four percent of annual turnover.
Circle-Sport Leavine Family Racing (CSLFR) was rear-ended by a ransomware attack in April forcing the team to fork over about $600 to regain access to essential team records.
New research on LinkedIn and social media habits shows that many users are guilty of indiscriminately connecting with online strangers, potentially opening them up to spear phishing schemes and business email compromise scams.
PandaLabs was able to work around the password to access the server controlling PunkeyPOS without credentials because the bad guys didn't properly configure it, the researchers said.
Researchers at Check Point are taking credit for knocking the Nuclear Exploit Kit out of use, but another security company is questioning whether Check Point should have kept its knowledge under wraps to not tip off the bad guys.
Carbonite announced a forced password reset after the online backup provider discovered attackers attempting to access its user accounts.
Patches have been made available for programming errors found in libarchive that could make software used in a number of platforms vulnerable to exploitation.
Portuguese pen testing team discover 14 flaws in Uber apps which would have enabled them to get free rides and disclose details of passengers' and drivers' journeys.
The mayor of London, along with representatives from the tech industry, lobbied for a Remain vote.
Conficker maintains its rank as the most common malware family, according to Check Point's May 2016 Threat Index.
Godless, an emerging mobile malware threat capable of rooting Android phones, has started to adopt the traits of an exploit kit, in that it searches for multiple vulnerabilities through which it can automatically infect a victim.
U.S. Cyber Command is finding the day-in and day-out operations it is conducting in support of U.S, and allied forces fighting ISIS is giving the cyber troops a massive amount of on the job training.
An amendment to the "Commerce, Justice, Science and Related Agencies Appropriations Act," which would expand the FBI's NSL authority failed to pass the Senate Wednesday.
Apple has released an unencrypted version of its latest operating system for iOS 10, giving security researchers an unprecedented opportunity to scour the kernel for security flaws.
Several FireEye Labs researchers have uncovered a new methodology being used by criminals utilizing coin mining malware where the infection vector is an HTML document embedded inside another HTML document.
Russian hacking groups may have broken into the Bill, Hillary and Chelsea Clinton Foundation, though the organization has not confirmed those assertions, reports said.
Security researchers discovered a new family of malware sold as a banking-Trojan-as-a-service. The cybercriminal rents the banking Trojan for about $600 per 10-day period.
A recently discovered mobile malware program is giving Android devices a mind of their own, causing them to use Google Talk to secretly and repeatedly place outgoing calls to mysterious phone numbers approximately every two minutes.
When faced with a situation where a firm's critical data has been locked up by a ransomware attack and irretrievable by backup, close to half of the companies surveyed by KnowBe4 for its latest ransomware survey said they would pay the ransom to get their systems back online.
Assistant AG Leslie Caldwell said amendments to Rule 41 don't run counter to the Fourth Amendment, while the EFF and other groups mobilized web operators and citizens to oppose the changes set to take affect December 16.
A new study from FireEye finds that while Chinese cyber attacks have declined, they are now "more focused, calculated, and still successful in compromising corporate networks."
Unfortunately, the GoToMYPC service has been targeted by a 'very sophisticated password attack', says GoToMYPC
A team of Check Point researchers have tracked two large waves of attacks using Cerber ransomware in the last few months with more spikes in the number of incidents expected.
A comparative analysis by Fidelis Cybersecurity of malware samples provided by the DNC supported findings by CrowdStrike that a pair of intrusions were the handiwork of the Cozy Bear and Fancy Bear APT groups purported to have ties to Russian intelligence.
Acer reported a security breach compromised the sensitive data of nearly 34,500 online shoppers.
The U.S. military may not be doing enough to protect its weapons systems from cyberattacks, former National Security Council (NSC) Cybersecurity Director Richard Clarke said during a recent conference.
Hackers used login information to launch a "sophisticated password attack" to login to Citrix's GoToMyPC user accounts, according to a company blog post.
Reporters Without Borders (RSF) has asked French senators to bolster the Sapin 2 bill's protections and address its flaws.
Project Bletchley has been introduced by Microsoft and will use blockchain to secure financial transaction history and protect against fraud
The House voted against an amendment to a military spending bill that would have required law enforcement agencies to attain a warrant in order to search the electronic communications of Americans.
At the Gartner Security & Risk Management Summit outside of Washington, D.C., this week, the firm revealed its top-10 list of information security technologies that are trending in 2016.
Ground Labs has identified tonnes of data left lying around, and many UK organisations are unaware of what that means for the incoming GDPR
Researchers discover a hacker marketplace on the Dark Web selling access to more than 70,000 hacked computer servers.
Developers behind the Nemucod downloader are working diligently to avoid detection.
As ransomware grows in popularity, TrendMicro researchers examined some of the tactics and techniques beyond encryption that enable the file locking malware to work.
Adobe released a Flash Player update containing patches for 36 vulnerabilities, including the zero-day CVE-2016-4171, a critical issue that was called out earlier this week as having been spotted hitting targets in the wild.
Russia is planning to find ways to fight cyber-criminals specialising in the theft of bank-card personal data.
A cyberattack on a NATO member could result in a conventional military response by the defense organization, NATO Secretary General Jens Stoltenberg said.
Updates are available following US Computer Emergency Response Team (CERT) issuing advisory warning of "weakly protected" credentials in Siemens SIMATIC WinCC flexible industrial control system.
Private sector executives praised the information-sharing implementation of the Cybersecurity Act of 2015 during a House subcommittee hearing on Wednesday.
TeamViewer continues to assert that poor password management is the chief cause behind a spate of user account hijackings, but a new alert from Trend Micro suggests that a malware campaign could be another piece to the puzzle.
Companies hit with a data breach will spend on average $4 million in 2016 to mitigate the problem with many firms exacerbating their costs by not following a few basic rules, like creating an incident response team, according to a new Ponemom/IBM study.
While the Open Smart Grid Protocol's (OSGP) newest security suite that doesn't incorporate the vulnerable RC4 encryption method, known weaknesses in RC4 used in earlier generation OSGP devices, could "be exploited to successfully to attack the OSGP implementation as well."
The outdoor and motorsports-centric website aggregator VerticalScope was hacked according to an industry watchdog with about 45 million records from more than 1,100 websites being taken and posted to the internet.
Adobe issued a security advisory for CVE-2016-4171 critical vulnerability in Flash Player that is being exploited in the wild today along with four security bulletins for other company products.
While most IT professionals acknowledge the growing amount of IoT devices on their networks, they are unaware of how to properly secure them.
As local law enforcement agencies increase efforts to make use of powerful surveillance technologies, the DOJ has issued a harsh report detailing a pattern of misconduct and corruption at the Calexico Police Department.
At one time ridiculed over lax cybersecurity, the federal health insurance exchange site HealthCare.gov scored second-highest out of approximately 1,000 websites in the Online Trust Alliance's eighth annual Trust Audit and Honor Roll.
Russian government hackers apparently broke into the Democratic National Committee (DNC) computer system and accessed the party's entire database on Republican candidate Donald Trump.
While Microsoft's $26.2 billion acquisition of data-rich LinkedIn will enhance business, the company has not yet said how it plans to protect the privacy of personal data of LinkedIn members.
Companies are failing to develop, update and execute successful incident response plans in the event of a damaging cyberattack, a new white paper from AT&T Business warns.
Kaspersky Lab researchers spotted a unique Russian banker trojan, dubbed "Lurk" targeting various industries.
Having a favorite character killed off on "The Walking Dead" may no longer be the worst thing that can happen while watching TV as Trend Micro researchers have found the first major example of ransomware that can attack a Smart TV with hackers using an updated version of FLocker that targets devices running the Android operating system.
Security company Ipswitch has released new research which has shown that intelligent systems are coming fast but businesses are ill equipped to protect themselves from them.
The Daily Star newspaper is reporting that a new device has surfaced online which has the ability to clone 15 contactless bank cards a second.
A database of user accounts of the once popular video and music-sharing site iMesh has been made available on the dark web.
Plans are being hatched to prevent return-oriented programming attacks on memory flaws
Market forces are beginning to have an effect on zero days, evidenced by a new drop in the price of a significant zero-day.
Karma may be getting even with gamers who believe they are downloading free computer games illegally on torrent, when in fact the file obtained is not a game, but a potentially unwanted application (PUA).
A new version of banking malware includes updates that break tools typically used by security researchers to analyze the Vawtrak trojan.
Even more fast-food patrons may have a beef with The Wendy's Company, after the restaurant chain announced yesterday that the number of restaurants affected by a POS data breach may be "considerably higher" than first thought.
The EFF has sounded an alarm over a joint project between the FBI and the National Institute of Standards and Technology (NIST) to develop automated tattoo recognition technologies.
"Hello, this is Ransomware Depot. How may I help you?"
Change of tactics from cyber-criminals may be an attempt to bypass signature detection and improve infection performance.
Researchers discovered an exploit against Background Intelligent Transfer Service, a component of Microsoft's Windows 2000 that is used to transfer files asynchronously between a client and a server.
Sen. Mike Lee (R-Utah), one of the original sponsors of the ECPA Amendments Act of 2015, withdrew the bill today from the Senate Judiciary Committee after a proposed amendment threatened to defeat one of its key tenets.
A survey of all the ports on the internet is designed to provide decision-makers with the statistical information they need to make informed decisions on engineering the internet - and reveals many, many are open to hackers.
In its latest Firefox browser release, Mozilla this week fixed two critical vulnerabilities - a buffer overflow hazard and a set of memory safety hazards - plus 11 other security holes ranging from low to high in severity.
Most MPs in the UK House of Commons have agreed to pass the Investigatory Powers Bill, in a vote of 444-69 in favour, most Labour MPs who had appeared to be against the bill voted in favour of it.
Don't panic, prioritise and plan for EU GDPR - and if you do the right thing for your customer, the chances are you will be compliant and avoid potentially hefty fines for data breach.
A group of industry experts joined for a panel to discuss enterprise-wide cyber-incident response plans and proactive techniques for a rapid response and three of the four panellists agreed it's all about the people.
Instead of stealing your data, a criminal-run bot-net is using SQL injection to insert hidden links to boost the SEO of their own dodgey sites.
Already linked to the LinkedIn, Myspace, Tumblr and VK.com breaches, Russian hacker Tessa88 earlier this week claimed access to 379 million Twitter accounts, reportedly offering to sell the leaked database for 10 bitcoins.
In periods of peak activity, DDoS attacks can comprise as much as 10 percent of a country's total Internet traffic as they are transpiring, according to Cisco Systems' 2016 Visual Networking Index report.
Juniper has disclosed that that a problem with the Junos router could enable DDoS attacks
Zscaler researchers spotted a new wave of macros docs using Anti-VM and Anti-Sandbox techniques.
Tech companies and privacy advocates are calling foul on a proposed amendment to an email privacy bill that that was originally intended to update the Electronic Communications Privacy Act (ECPA).
One in five medium to-large businesses in the UK don't have a plan of action in place in case of a ransomware attack. Almost half (48 percent) of British businesses are failing to back up their company data at least once a day.
Three quarters of UK consumers would stop doing business or cancel memberships with an organisation if it was hacked.
In nearly every great movement in history, there is a moment in which the proverbial tide turns. For CISOs trying to convince their higher-ups to invest in encryption and cybersecurity programs, that moment came when the FBI tried to force Apple to crack open an iPhone 5c used by one of the San Bernardino shooters. And Apple refused.
The Federal Reserve Bank issued a notice Tuesday telling banks to assess their cybersecurity postures and search for clues of cyberattacks by the group that pulled off an $81 million cyber heist from the Bangladesh Central Bank.
Google released its June update, patching eight critical-severity vulnerabilities and 28 high-severity vulnerabilities that affect its Nexus devices and devices manufactured by partners of Google's Android Open Source Project.
SC Magazine Articles
- Microsoft Office 365 hit with massive Cerber ransomware attack, report
- Brexit shakeup: How will the U.K.'s exit from the EU affect the technology sector?
- Blasphemy! Godless malware preys on nearly 90 percent of Android devices
- Dangerous connections: Risky LinkedIn behavior runs rampant, finds survey
- Updated: How will Brexit affect the cyber-security industry in UK and Europe?
- Microsoft Office 365 hit with massive Cerber ransomware attack, report
- Wendy's POS breach 'considerably' bigger than first thought
- No hacking required: Israeli researchers show how to steal data through PC components
- Don't connect your charging cell to a computer or you may get hacked!
- Malware spawns botnet in 25,000 connected CCTV cameras
- Hacker purportedly selling over 650,000 stolen medical records on dark web marketplace
- Microsoft Office 365 hit with massive Cerber ransomware attack, report
- Wi-Fi warning! Study finds U.S. unaware of public Wi-fi risks
- Google encryption flaw could allow video piracy