In an effort to help curb terrorism, Twitter has suspended 125,000 accounts since mid-2015 that it said threatened or promoted terrorist acts.
Mozilla yesterday shed new light on its plan to phase out its Firefox operating system and instead focus on Internet of Things solutions, with an emphasis on data privacy and security.
In an oft-repeated tale, a senior at Panther Creek High School was arrested on felony and misdemeanor charges for hacking into a school computer and changing grades.
A cyberattack on a company in the energy, utility, oil and gas sectors is fully capable of causing harm to the physical plant, according to a Tripwire survey of IT professionals working in these fields.
As IT security decision-makers wrestle with how to evaluate threat intelligence solutions, especially in light of the recent demise of intel provider Norse Corp., a new report highlighted the perils of ignoring threat intelligence.
The Office of the Inspector General (OIG) said Colin Powell and Condeleeza Rice both used private email for classified information and a heavily redacted email from John Kerry showed that he likewise used a private email account
Users of the DayZ zombie shoot 'em up have been informed by the developer that their passwords and messages have been stolen by hackers.
From sales staff working the floor in large stores to corporate road warriors flitting from city to city, there is no debate about the degree to which mobile devices have increased productivity.
To meet the more stringent requirements laid out in the EU-U.S. Privacy Shield pact inked Tuesday, organizations are going to have to up their data protection game and Congress must accelerate passage of the Judicial Redress Act.
Hacking into a "smart" office building was easier than one might think with the potential end result being disastrous for the facility and the people working inside, according to a recent test conducted by IBM X-Force researchers.
The University of Central Florida today publicly acknowledged a data breach in which the Social Security (SSN) numbers of 63,000 current and former students were illegally accessed.
For anyone wanting to remain anonymous, Ashley Madison is now allowing its users to add a mask to their profile picture with a new security tool called discreet photo.
Study of 450 UK IT and security professionals uncovers insufficient planning and lack of clear ownership as major inhibitors to achieving cyber resilience.
Companies looking to create strong security and privacy protocols have to encourage their IT and legal departments to not only work together, but each should learn a little of the others' job.
Companies are facing a predicament when charged with federal regulatory violations over alleged failures to establish cybersecurity policies and/or protect personally identifiable information (PII).
FireEye Inc. acquired Invotas International Corp., a cybersecurity company that focuses on security automation and orchestration.
Researchers at Dr. Web spotted the Android.Xiny.19.origin trojan incorporated into more than 60 games in the Google Play Store.
An amateurish ransomware known as DMA Locker could crash while encrypting files, leaving users confused as to why their machines aren't operational.
IT pros look at lessons that can be learned from the collapse of Norse Corp.
Crypto-currencies like Bitcoin may not be as anonymous as they once were as the European Commision announces its intention to regulate the virtual currency exchanges that, the Commission says, aid terrorist financing.
Information governance (IG) is nearly impossible to achieve, but is a goal worth pursuing to protect the privacy of sensitive data and ensure organizations can meet discovery requests, according to a panel at the LegalTech show in New York.
A former Department of Energy (DOE) employee pleaded guilty for attempting spearphishing attacks against other DOE workers.
Malwarebytes' CEO has apologised, and launched a bug bounty scheme, after Google Project Zero researchers exposed the latest in a long line of anti-virus product flaws.
Though a large vulnerability was discovered in eBay's global sales platform, the company has 'no plans' to fix the active code exploit.
Corporate legal departments are grappling with the changing role of corporate legal departments as they assume a greater role in security and privacy.
Researchers at Zscaler spotted attackers using macro malware as a vector to spread the Neutrino bot via spearphishing emails.
The threat landscape and nature of data breaches are constantly changing, requiring lightning fast response and throwing organizations into an nearly perpetual state of transformation, a panelist told attendees at the LegalTech Show in New York on Tuesday.
Flash has a reputation for security flaws, but experts say it is time to develop a strategy for "dealing" because its ubiquity means it will remain for years to come. Alan R. Earls reports.
The advent of free, or very inexpensive cloud storage, is presenting organizations with the dilemma of what data to save and what to ditch in order to both save money and mitigate risk.
U.S. and European officials announced a new data-transfer deal on Tuesday designed to replace the Safe Harbor agreement that was ruled invalid by a European court three months ago.
Researchers at Rapid7 discovered vulnerabilities in Fisher-Price's Smart Toy and hereO's GPS platforms that could expose user data.
A new report from the U.S. Government Accountability Office exposes multiple perceived flaws in the Department of Homeland Security's National Cybersecurity Protection System, otherwise known as EINSTEIN.
With the knowledge that an organization sooner or later will suffer a breach, IT security professionals have to focus on protecting their company's most important nuggets of information.
Hacking group AnonSec released 250 GB of data that it says proves it commandeered a $222.7 million NASA drone and for months pilfered information.
A report today from Harvard University's Berkman Center for Internet and Society predicts that in lieu of backdoors to encrypted messaging apps, intelligence agencies will increasingly turn to less fortified vectors to conduct digital surveillance.
William Noonan, U.S. Secret Service, says organizations must work together to prevent new threats.
A default configuration used by the Apache server has been discovered as vulnerable to uncovering the identity of Tor users.
Tax preparation software publisher TaxSlayer notified about 8,800 of its customers last week that an unauthorized third party may have gained access to the personal information contained on their tax return.
Independent security researcher Justin Case discovered a "backdoor" in a processor made by manufacturer MediaTek.
The founder of Liberty Reserve virtual currency pleaded guilty to running an enterprise that laundered more than $250 million obtained by criminals through identity theft, credit card fraud, computer hacking and other illicit activities.
If they are to limit damaging effects, enterprises must prepare and equip themselves with the proper skills to react to and prevent cyber-attacks.
Talk Talk has lost seven percent of its broadband customers since its data breach, and in India arrests have been made as part of an investigation into phone scams targeting TalkTalk customers.
Cyber Caliphate announced in a post on its Telegram account on Friday that he jihadi hacking group would migrate communications to Threema.
Researchers at BugSec and Cynet discovered a bug in the LG G3 Android smartphone that could allow an attacker to run arbitrary code.
American consumers are more preoccupied with data privacy than losing their main source of income with 92 percent of respondents in a new survey.
HSBC UK this morning was the target of a DDoS attack that flooded the financial institution's systems with manufactured traffic, much to the dismay of online banking customers who were unable to access and manage their accounts.
FireEye researchers have released a report which details potential security issues with software used to dynamically patch iOS apps.
An IRS program launched to improve fraud prevention needs improvements, the Treasury Inspector General for Tax Administration said -- as the FTC rolls out an upgraded identity theft website.
Two new reports from recruitment company BeecherMadden have shown demand for cyber-skills to be rising massively with few able to meet that demand while CISO salaries are also going up.
The Senate Judiciary Committee gave the nod to the Judicial Redress Act, which would provide citizens of major U.S. allies a course of redress regarding information shared with U.S. law enforcement, sending it on to the full Senate.
With Data Privacy Day now upon us, cybersecurity experts from across the industry have offered their advice on how both individuals and organizations can protect their data.
The roll out of the EMV cards last fall was expected to bring a new level of data security to American consumers and retailers, but depending upon whom one speaks the cards have either been a boon or a bust.
SCMagazine.com asked key thought leaders to identify key events in last year that have reshaped public policy and expectations of what happens—and what should happen—to personally identifiable information when users go online.
An authentication bypass in NSDP on the Netgear ProSafe GS105Ev2 gigabit switch is possible due to a password reset vulnerability.
New research by the Ponemon Institute commissioned by Gemalto is showing there is a critical need for organisations to improve their payment data security practices.
The latest maintenance release from Samsung will include security patches that address several vulnerabilities capable of triggering arbitrary code executions, causing memory corruptions, or rebooting factory reset protections and reactivation locks (FRP/RL).
Unit 42 researchers said Scarlet Mimic is behind attacks against minority rights activists that began more than four years, though they've shifted both their tactics and the malware used.
Despite the safety mechanisms baked into the Chrome browser and ChromeOS, Malwarebytes has found hackers are using rogue extensions to perform everything from malvertising attacks to installing adware.
Michael Stepankin, also known as Artsploit, has disclosed a major vulnerability in PayPal's business site, allowing remote code execution.
DDoS attacks are on the increase and getting bigger and more widespread, according to research released by Arbor Networks.
The majority of consumers surveyed by YouGov are skeptical that organizations securely handle the data they share online.
The Maryland Attorney General argued on appeal of a lower court ruling that the warrantless use of a stingray did not violate a suspect's Fourth Amendment right.
Bernard Cazeneuve, France's minister of the interior, has called for greater cooperation between states, businesses and citizens in the fight against online radicalisation and cyber-crime.
Amazon Web Services said it would offer free certificates to help companies automate use of TLS/SSL cryptographic protocols.
Malware based on open-source code, created for educational purposes only, has been spotted in the wild by Bleeping Computer's Lawrence Abrams.
In observance of the 30th anniversary of the Computer Fraud and Abuse Act, attorney Peter J. Toren argued that the law remains too vague.
Mushrooming numbers of BYOD and IOT devices is putting corporate networks at risk, says ForeScout CEO Michael DeCesare in an exclusive video interview.
Symantec reported the worldwide infection of 3,500 public servers with a malicious script that redirects its victims to other compromised websites and said it believes could be part of a recon effort for future attacks.
In the past year, Islamic State (IS), formerly ISIS/ISIL, has used social media and encrypted online platforms to recruit terrorists and promote propaganda content.
The Obama administration is establishing a new agency tasked with conducting background checks on contractors and government employees.
An aircraft components designer and a Belgian bank were the latest victims of the business email compromise (BEC), prompting the IC3 to issue an alert.
Businesses are expanding their use of forensic data analytics (FDA) to investigate and combat fraud, especially as fears of cyberattacks and internal data threats spike, according to an Ernst & Young report.
The felony conviction of former Exel Transportation Services (ETS) President Michael Musacchio, who used the information he pilfered from his former employer to start a new company, still stands, the U.S. Supreme Court said Monday.
The UK's privacy watchdog warns that facial recognition software and handset identifiers broadcasted via Wi-Fi are allowing UK retailers to track and target their customers through their smartphones.
Respondents to a new survey from FICO unanimously agreed: Data breaches this year in other industries will damage financial institutions.
The European Parliament has approved its report, Towards a Digital Single Market Act, with cyber-security a major concern. We speak to Estonian MEP Kaja Kallas.
Security firm goes full disclosure on mechanics of SSH issue and finds three more vulnerabilities
Microsoft has rejected a request by the US government to hand over data the software giant holds in Ireland, claiming that the data in question doesn't belong to the company and raising questions of data jurisdiction.
Since the Ashley Madison breach, some users of the infidelity service have received blackmail letters via the US postal system from extortionists threatening to blow their cover.
64 percent of more than 1,100 IT security executives believe that simply meeting cybersecurity compliance requirements, as opposed to striving for best practices, is "very" or "extremely" effective at preventing data breaches.
Cisco released patches for multiple vulnerabilities that would allow remote attackers to takeover infected devices.
BlackBerry would like its users to know its phones are "as safe as they have always been" after reports that Dutch police are capable of reading encrypted BlackBerry messages.
The NSA's director, Admiral Mike Rogers, changed his stance on encryption, calling it "foundational to the future."
What was once a low-threat, basic spyware trojan has evolved into very powerful banking malware capable of giving hackers near-total control over one's Android device, warned Kaspersky Lab yesterday.
The cybercriminals who targeted WhatsApp users with malware may be behind a phishing scam that is now going after Facebook users, according to a new report.
Malwarebytes discovered a tech support scam run by a member of Symantec's partner program that not only sells its victims unnecessary tech support services, but also legitimate Norton products.
Researchers at Princeton University's Center for Information Technology Policy (CITP) found security vulnerabilities in many of the most popular IoT devices that they looked at, including Google's Nest Thermostat.
Advertisers are losing billions to ad-clicking botnets that generate fake traffic, according to a study by the Association of National Advertisers and security vendor White Ops.
Having recently taken on the studio boss role at Relativity Studios, House of Cards star Kevin Spacey fears a hack similar to that of Sony Pictures will occur again.
The Irish National Lottery website and ticket machines operations have been disrupted by a cyber-attack.
Researchers at ESET detected a new wave of cyberattacks on power plants in Ukraine that use different malware than in previous attacks.
A newly-discovered privilege-escalation vulnerability in the Linux kernel has once again opened the debate around just how secure the open-source operating system really is.
Sixteen states and the District of Columbia have stepped up to fill the void in privacy protection with the introduction today of more than 30 bipartisan privacy-related bills that cover everything from safeguarding to putting parameters on the use of location data.
A crude but dangerous email-based social engineering scam has been targeting small-to-medium-size businesses in the U.S., U.K. and India since early 2015, the Symantec Security Response blog warned today.
Oracle released an update to patch 248 vulnerabilities found in over 50 product lines, including Oracle Database, Java SE, and Oracle E-Business Suite, and other products.
Steven Englehard, a PhD candidate at Princeton University, unveiled his open source web measurement platform developed to allow for online tracking measurement.
Affinity Gaming has brought a suit against Trustwave, accusing the cybersecurity company of failing to adequately investigate and remedy a data breach.
Small businesses and retailers should expect cybercriminals to pay extra attention to them in the coming months with ransomware and point of sale attacks becoming even more common.
A critical authentication bug has been discovered in Advantech's EKI series of Modbus-to-TCP/IP gateways.
Sign up to our newsletters
SC Magazine Articles
- CISO salaries and demand for cyber-skills skyrockets, surprising no-one
- Malwarebytes says sorry for multiple AV bugs, still unpatched
- Ransomware and POS attackers to zero in on small businesses, retailers
- TaxAct breached: Customer banking and Social Security information compromised
- Student SSNs exposed in University of Central Florida breach