Moody's will begin to place more weight on considerations related to cyber risks when issuing credit ratings, the agency announced in a report.
Consumers are finally beecoming aware of the value of their data, and show preference to companies that protect it.
NetClean's CEO calls on workplaces to be on lookout for child sexual abuse imagery on work computers as the children's commissioner for England publishes her report which says only one in eight cases are reported.
A little more than a week after a Federal Trade Commission administrative law judge tossed the FTC's data breach case against LabMD, the agency has filed an appeal of the ruling.
Just one month after U.S. and U.K. law enforcement helped take down Dridex, Trend Micro is reporting the botnet is bouncing back.
Thieves that planted unauthorized malware on some Hilton Worldwide point of sale (POS) systems aimed to glean payment card information in a breach that occurred late in 2014 or mid-2015, the hotel company confirmed Tuesday.
Security researchers at cyber threat intelligence company iSight Partners identified malware - called ModPOS - that targets retail point-of-sale systems.
Vonteera adware family has been spotted using a new trick to disable anti-malware and anti-virus software.
Researchers at RSA discovered GlassRAT malware that targets Chinese nationals, business interests and more.
In today's Strategic Defence & Security Review, the Prime Minister detailed how the government will prepare and respond to a range of national security threats.
Smart TVs are not being targeted by hackers right now, but a researcher at Symantec has noted that cybercriminals have a wide range of options if they wish to breach the average Smart TV.
When hacking group Anonymous responded to the deadly terror attacks in Paris by threatening ISIS "We will hunt you down," observers may have been left wondering what torturous punishment the group planned.
A data breach at Pearson VUE, the certification manager for Cisco, Oracle and IBM compromised the company's Credential Manager System and allowed unauthorized third-party access to data of "a limited set" of its users, Pearson VUE said in a Saturday statement.
By the time the National Security Agency (NSA) nixed its email surveillance program in December 2011, other surveillance initiatives that could "satisfy certain foreign intelligence requirements" had taken its place, according to a report in The New York Times.
Researchers at Damballa have discovered a toolset that may have helped the Destover and Shamoon malware remain undetected when they used to hack Sony and Saudi Aramco.
Network defense of the nation's critical infrastructure is sorely lacking, according to a report by the Government Accountability Office.
Scammers are sending extortion emails to Patreon supporters threatening to release their private data unless they pay 1 Bitcoin within 48 hours.
The American Civil Liberties Union (ACLU) filed a suit last week to obtain a "secret legal document" that might address the government's authority to access data and which has been suppressed by the government since the Department of Justice Office of Legal Counsel (OLC) penned it in 2003.
A team of mathematicians were able to break a key used as part of the encryption system that secures many of the most critical IoT technologies internationally.
In what a researcher in India called "a very quick turnaround," LinkedIn implemented a fix for a persistent cross site scripting (XSS) vulnerability he discovered.
The EU is looking to crack down on anonymous currency exchanges that could be used by terrorist.
France reportedly saw a sharp increase in attempted cyber attacks in the weeks leading up to the terror attacks in Paris last week.
Adware Shedun takes advantage of legitimate features in Android Accessibility Service
The mysterious group behind the 2013 cyber attacks that crippled South Korean news stations, financial institutions, and government websites is likely the same attacker behind malware that appeared in Europe recently, according to Palo Alto Networks.
A hearing was held highlight the efforts that automakers are making to address cybersecurity concerns of connected automobiles.
The deadly ISIS terror attack in Paris and the on-going police activity stemming from that incident may bring to a head the argument over whether or not the benefits encryption brings to privacy is worth the risks run when bad guys use the technology to pull off attacks or run criminal operations.
Over two thirds of British respondents to a recent survey are unaware that they could be vulnerable to cyber-attack simply by opening an email.
Researchers at the Microsoft Malware Protection Center have observed a hacking team that they call Strontium aiming zero-day attacks at servers in governments, military forces and diplomatic organizations within members of NATO, journalists and political advisors as well as some governments within Eastern Europe.
While external threats present an ever-present risk for large and small enterprises, a new report said the actions of a company's own employees, suppliers and partners pose more of an immediate danger.
In an environment in which cyber professionals are overwhelmed by rapidly changing security threats, industry pros generally agree that a remediation plan must involve difficult decisions about the security issues that companies are willing to accept the risk rather than take action.
Anonymous' campaign against the Islamic State's internet assets has been criticised as a move that only hinders security and intelligence services attempts to investigate them.
Three key agencies pulled out of a scheduled appearance at a Tuesday House Armed Services Committee hearing on government data breaches that exposed a trove of sensitive information.
Researchers at Invincea report that banking trojans delivered by weaponized Office documents were the top attack vector for the month of October.
Understanding user behavior analytics could help enterprises detect cyberattacks earlier, according to researchers at Rapid7.
A new variant of the notorious banking trojan Dyreza has been detected by researchers at Heimdal Security.
The perpetual tug-of-war between privacy versus security is anything but settled as consumers, vendors and their business partners wrestle with the question of the free flow of information versus locked-down privacy controls, panelists agreed at SC Congress Chicago Tuesday.
At a conference in Washington, D.C. on Tuesday, Microsoft CEO Satya Nadella discussed the security focus behind Windows 10, the company's latest operating system, and laid out the company's security ambitions.
While insurance companies and corporate boards of directors debate the benefits and drawbacks to buying yet more insurance - this time cyber liability insurance - the biggest gotcha that companies will face might well lie in the dictionary rather than in the policies themselves.
The U.S. expanded intelligence sharing with France following the attacks in Paris last week, as intelligence agencies use the attacks to push for expanded surveillance measures.
When a bad actor correlates the data heisted in the Office of Personnel Management (OPM) breach and that of another breach like Ashley Madison or Anthem, the results will be devastating to privacy and long-lasting, according to a panel at SC Congress Chicago on Tuesday.
Researchers at Malwarebytes spotted a malvertising campaign performing drive-by-downloads on unsuspecting victims
An attack campaign described as having plenty of potential has collected extensive information from the internet and compromised selected websites.
As quickly as researchers discover ways to remove and block Remote Access Trojans used for spying on mobile devices and computers, hackers are creating new spyware strains from previously discovered malware - and they are developing more advanced capabilities from the original malware.
When it comes to what security professionals need to do to protect their organizations not much has changed in a couple of decades, though perimeters have all but dissolved and the timeframe for taking action has become more compressed, according to members of a Tuesday panel at SC Congress in Chicago.
A new study investigating how IT security professionals assess and mitigate cybersecurity risks showed much room for improvement.
One of the major issues facing CISOs is dealing with board of director members who might be, to put it politely, not very tech savvy, said panelists at SC Congress Chicago.
In a ruling that could reshape future FTC enforcement authority, an administrative law judge has ruled in favor of LabMD bringing to an end a protracted battle between.
A new phishing campaign targeting DHL delivery customers has been detected by the Comodo Antispam Labs team.
Following the terror attacks in Paris that left 129 dead and about 350 others injured, intelligence agencies are exploring the communication methods that may have been used in planning the coordinated attacks.
Researchers found a bug that could have potentially exposed the personal data of every customer.
It's not the chip cards themselves but the slow adoption of the platform in the U.S. that is leaving consumers vulnerable to credit card fraud, an FBI representative said recently.
With Black Friday and the holiday shopping season fast approaching, the Federal Bureau of Investigation (FBI) is warning consumers to be on the lookout for cyber scams, particularly those offering "too good to be true" deals.
Researchers at Tencent's Xuanwu Lab demonstrated attacks using barcodes that could deliver commands to systems that read them.
Oops! Wrong number. Or rather, wrong website. A man believed to be a "wannabe cybercriminal" mistook recent Damballa research on Pony Loader "as a sales pitch" and queried the company, looking to buy the malware and get help installing it.
Researchers at Cheetah Mobile Security Lab discovered Amazon has been selling third-party Android tablets pre-loaded with what they call a "dangerous" Trojan known at Cloudsota, likely the work of attackers in China.
Intimate photos of a woman were posted to a "revenge porn" website by a man she met on a dating website.
Cyber-criminals have been trying to infect point of sale terminals in time for Christmas with a new strain of malware dubbed AbaddonPoS.
AT&T, after initially resisting the Department of Homeland Security's $1 billion firewall program, has signed on to provide cyberprotection to government agencies through DHS's Einstein 3 Accelerated program.
Some hackers are implementing a combination of old-school tactics tied to cutting-edge automation to spread their mayhem, according to a new report by Imperva.
The Tor project alleged that the FBI paid Carnegie Mellon University researchers to attack Tor hidden services last year.
When security is built into an organization's risk model it can shift the relationship between the board and information security pros from adversarial to advisory, members of a panel at SC Congress Boston said Thursday.
Senator Al Franken re-introduced a stalled bill to ban what he calls "stalking apps" on Wednesday. The proposed legislation seeks to protect survivors of domestic and other victims of abuse, from cyberstalkers.
There is no air gap between IT and OT that was the key message for oil and gas sector CISOs coming out of the Black Hat Amsterdam talk by Alexander Polyakov and Mathieu Geli
When it comes to a data breach, "our role doesn't begin in the courtroom," Massachusetts Assistant Attorney General Sara Cable said Thursday at SC Congress Boston, encouraging members of the audience to work with her office in the aftermath and even before one occurs.
The latest threat to mobile phones is LTE/4G hacking but is the threat, being demonstrated at Black Hat Europe this week, something to be concerned about now?
A prediction by Gartner foresees that 6.4 billion connected things will be globally in use in 2016 and will reach 20.8 billion by the year 2020.
Google will no longer offer Chrome support for Windows XP, Vista and several older versions of Mac OS X, the company announced, along with releasing several Chrome and Chrome OS updates.
Companies are struggling with privacy regulations, perhaps no more so than in Massachusetts.
The large breach of Securus Technologies prison phone call data raises a number of privacy concerns and is a wakeup call for prisons and other organizations to tighten security at every point in their supply chains.
Facebook will appeal a Belgian court's ruling that the social media giant must cease tracking the online behavior of non-Facebook users or pay fines of €250,000 ($269,000) per day.
An estimated 70 million phone calls made by prisoners in the United States have been hacked and leaked to The Intercept.
Both Donald Trump and New Jersey Governor Chris Christie vowed to retaliate against China if elected president for the country's cyber attacks and intellectual property theft.
The future of warfare where a cyber component is added to the traditional land, air and sea battles can be seen in the Ukraine as it struggles to fend off cyber groups determined to undermine their war against Russian-backed separatists.
OPM will set up a verification center to allow potential victims to see if they were impacted by the breach.
The secure network of the UK parliament has been breached and some of its computers compromised by hackers.
Security researchers discovered that visitors to the Ammyy website in late October were being served up malware along with the Ammyy Admin Remote Desktop Software that would allow the Buhtrap gang to gain control of victims' computers.
Germany's federal intelligence service, the Bundesnachrichtendienst (BND), spied on the embassies and interior departments of ally countries, and international non-governmental organizations, according to Der Spiegel.
In a 23-count indictment, three people -- Gery Shalon, Joshua Samuel Aaron, and Ziv Orenstein - have been charged in the Southern District of New York with hacking into financial institutions and publications to manipulate stocks, including stealing customer data from JPMorgan Chase in a massive 2014 data breach.
Symantec researchers have confirmed that the proof of concept ransomware threat called Mabouia is a viable threat to Apple's OS X.
A new cyber-syndicate has arrived on the scene targeting mainly email providers and using tactics which seem very familiar.
Adobe has released security updates that address 17 critical vulnerabilities in Flash Player, that could let attackers seize control of affected systems.
Microsoft's November Patch Tuesday security bulletin lists 12 notifications, four of which are critical updates being issued for Internet Explorer, Edge and two other applications all repair a vulnerability that would allow remote code execution.
Facebook will fight the court's ruling which threatens "one of our important technologies to stop attackers".
As the National Security Agency's program collecting Americans' phone records is set to expire this month, a U.S. federal judge has issued a ruling calling on the NSA to cease its bulk collection of phone records.
For all the knocks millennials take for being less cyber aware, some, at least those currently in college, are "safer users" of the internet than their slightly older counterparts, recent college grads, a study by the U.K.'s Kingston Business School revealed.
International Council for Women homepage compromised, legitimate Windows libraries used to construct attack
After reporting last week that it had issued banned certificates that could facilitate man in the middle (MitM) attacks, Comodo has fixed the "subtle bug" that the company's Senior Research and Development Scientist Rob Stradling wrote prompted the problem.
Despite an ever-growing stream of information demonstrating the difficulties enterprise companies face securing mobile applications, consumers maintain trust in the security of their mobile applications, according to a new survey.
Delegates at ISSE in Berlin were told that agreeement on Safe Harbour II is expected by the end of January.
Check Point Software Technologies published a report on Monday that identifies a man it believes to be the mastermind behind Rocket Kitten's phishing emails and attacks.
The Federal Communications Commission (FCC) dismissed a petition to require websites to honor "Do Not Track" requests.
Microsoft is set to bring the date after which its Windows browsers will no longer accept SHA-1 to the middle of next year after new research has shown the cryptographic hash function to be even more vulnerable than previously thought.
A new ransomware attack dubbed Linux.Encoder.1 is targeting web servers using the Linux operating system and is demanding a payment of one bitcoin, or $380, from its victims for the release of the captured files.
Onapsis Research Labs uncovered 21 vulnerabilities - eight of them critical - that affect SAP HANA-based applications.
Seventy percent of executives want more oversight and participation from board members, chairpersons and CEOs for data breach preparedness, according to a Ponemon study.
Google is reportedly exploring having a manufacturer create Android chips based off its own designs.
FireEye CEO blames losses on China cybertreaty, competitors dispute drop in China's hacking activities
Publicly listed FireEye Inc. missed its projected quarterly earnings and during an earnings call CEO Dave DeWalt attributed the disappointing results in part to the U.S.-China cybertreaty announced during Chinese President Xi Jinping's U.S. visit in September.
A global study by Iron Mountain and PwC that surveyed 1,800 senior business leaders in Europe and North America shows that just 46 percent of senior executives are allowed access to valuable company information.
A just-released report surveying endpoint security across the federal government highlighted some dire lapses.
Sign up to our newsletters
SC Magazine Articles
- RSA: Cyber-security industry is "fundamentally broken", says Amit Yoran
- DOD contractors pay $13 million fine for hiring Russian programmers
- Top Priority: Federal Government must get cybersecurity right
- Cyber and real war come together in the Ukraine
- Version 4.0 of ransomware Cryptowall released, now encrypts file names