Research News, Articles and Updates
Information Security Forum Managing Director Steve Durbin sat down with SCMagazine.com Executive Editor Teri Robinson to discuss how organizations can better protect their mission critical information assets.
The ransomware RAA, which incorporates the information-stealing trojan Pony, has evolved to more effectively target companies, encrypting victims' files and stealing their data, most likely to infect their business contacts via spear phishing.
A few as 200,000 mobile bots would be enough to launch a successful DDoS attack against the U.S.' 911 infrastructure, significantly disrupting service nationwide, a new research paper from Ben-Gurion University reports.
Kaspersky Lab today released an analysis of a newly discovered version of Mokes - a malicious, cross-platform backdoor with spying functionality - this one targeting Apple's OS X operating system.
A Trojan that infects Linux platforms to launch distributed denial of service (DDoS) attacks was discovered by MalwareMustDie.
The developers of the mobile banking trojan Gugi have introduced new modifications to sidestep two key security features of Android, reports Kaspersky Lab researcher Roman Unuchek via the Securelist blog.
A globalized malvertising campaign was targeting users in the U.S., Europe, Asia Pacific and the Middle East, infecting victims with ransomware before researchers at Cisco's Talos division helped shut down the operation .
Four out of five surveyed hackers agreed that Apple was right to refuse the FBI's request for a backdoor into the San Bernardino shooter's iPhone. Yet 52 percent said they would help the FBI crack an iPhone's password for a fee.
Eight brands of IoT home routers were compromised and used to create botnets that launched an application-level DDoS attack against a website's multiple servers.
The website for the upscale Mr. Chow restaurants has been compromised to deliver CrypMIC ransomware to visitors via the Neutrino Exploit Kit.
Researchers recently discovered a new spyware campaign that used cybersquatting techniques to distribute the AgentTesla keylogger via a domain whose name was strikingly similar to the consulting firm Diode Technologies.
Researchers at Israel's Ben-Gurion University have created a software program that causes air-gapped computers to leak data via radio-frequency electromagnetic emissions generated through USB-connected devices.
An independent researcher found a way to theoretically take over random Facebook accounts by forcing millions of user password resets and then brute-forcing each reset request to check for a specific six-digit authorization code.
Eschewing the bug bounty route, a cybersecurity firm which detected a flaw in a medical device from St. Jude Medical, partnered with an investment firm to capitalize on its knowledge and short sell stock in the device manufacturer.
The explosive growth in ransomware has once again heated up the debate as to whether infected organizations have an ethical responsibility to refuse payment. But are some companies exacerbating the problem by paying up even when they have viable data backups?
A Malwarebytes analysis of the espionage toolkit that recently infected Vietnam Airlines revealed a modular variant of the Korplug remote access trojan (RAT) that in this case disguises itself as a McAfee antivirus program.
DDoS attacks have increased in frequency, scale and complexity over the past year, driven by DDoS-for-hire services.
Researchers across three universities have discovered seven classes of vulnerabilities in the sandboxing feature of Apple's iOS operating system.
Security professionals are increasingly concerned by cybersecurity risks that arise as a result of mergers and acquisitions transactions, particularly the use of cyberespionage to gain information on the competition.
Researchers have found the first known Android mobile malware to use a Twitter account, rather than a traditional command-and-control server, to control infected devices.
Thirteen German financial institutions and their subsidiaries have recently felt the wrath of GozNym as the downloader and banking malware hybrid intensifies its campaign against European banking customers.
Tarah Wheeler, whom Symantec recently hired as principal security advocate and senior director of engineering for its Website Security team, is reportedly pledging to foster ties with the independent hacker community.
Ransomware is not going away, according to a new study from Arctic Wolf Networks.
Women continue to receive significantly less compensation than men in the IT security sector, according to a new report from the U.S. Census Bureau.
Looking to capitalize on mobile device owners' growing security fears, a new variant of the Android malware Marcher is infecting victims by fraudulently posing as a firmware security update.
Vulnerabilities affecting the implementation of proxy authentication could lead to an attacker launching man-in-the-middle attacks and intercepting HTTPS traffic possibly affecting including Apple, Microsoft, Opera, and Oracle products.
Nearly half of enterprises queried for a Mimecast survey were found to be ill-equipped to deal with threats from insiders.
In what is being flagged as a threat to the health care sector, the source code of all of PilotFish Technology's software has been posted to the dark web.
WikiLeaks' practice of delivering unfiltered information to its readers backfired after a researcher discovered that its collection of leaked Turkish government emails contained over 300 active links to malware files hosted on the controversial site.
China launched an orbital carrier rocket early Tuesday morning carrying the 'Micius' satellite, believed to be the world's first quantum satellite.
SC Magazine Articles
- Yahoo breach; State-sponsored actors suspected, at least 500 million accounts affected
- Cybercriminals already able to hack ATM biometric readers
- Education sector bullied by ransomware and can barely defend itself, report
- DetoxCrypto ransomware imitates Malwarebytes software
- Cisco warns of exploitation of new flaws linked to Shadow Brokers exploits
- Microsoft Office 365 hit with massive Cerber ransomware attack, report
- Hard Rock Hotel & Casino Las Vegas hit with POS breach
- X-ray and MRI machines among devices used as springboards for data breach attacks
- Hacker purportedly selling over 650,000 stolen medical records on dark web marketplace
- Wi-Fi warning! Study finds U.S. unaware of public Wi-fi risks
- Pippa Middleton's iCloud account hacked
- OpenSSL patches 14 vulns, including high-severity flaw that can be exploited for DoS attacks
- IoT assault, connected devices increasingly used for DDoS attacks
- Cybercriminals already able to hack ATM biometric readers
- Cities planning transparency laws for police surveillance tech